ACVIP Training Class Syllabus
ACVIP Overview
How ACVIP Solves Common MBSE Project Issues
Introduction to the ACVIP Workflow
ACVIP Resources and Solutions
Structuring Models for Delivery and Virtual Integration
Key Principles of ACVIP Modeling
Exercises:
Analysis Tools for Low Fidelity Model Analysis
Introduction to ACVIP Security and Separation Analysis
Exercises:
Analysis Tools for High Fidelity Model Analysis
Introduction to ACVIP Utilization Analysis
Introduction to ACVIP Timing Analysis
Exercises:
Multi-Organization Model Based Development
Collaborative Development using ACVIP
Exercise:
Multi-Organization Model Based Integration
Collaborative Integration using ACVIP
Exercise:
SysML to AADL
SysML / AADL Profile
SysML / AADL Bridge Tool
Exercise:
ACVIP in a Larger Context
Working with Model from Other Sources
ACVIP Report Card
Exercise:
Most Recent Tech Talk
Title CVE-2022-37454: A Buffer Overflow Vulnerability Affecting Implementations Of SHA-3 Date Thursday, May 16, 2024
Time 9:30 amSpeaker Nicky MouhaLocation Arlington, VAAbout Abstract: For over a decade, a buffer overflow vulnerability in the "official" SHA-3 implementation by its designers remained unnoticed. This vulnerability was assigned CVE-2022-37454 and impacted several projects such as Python and PHP that relied on this implementation. We provide a proof of concept for arbitrary code execution and explain how we found the vulnerability using the KLEE symbolic execution tool. In light of the upcoming NIST Workshop on Formal Methods within Certification Programs (FMCP 2024), we give an overview of various approaches to mitigate these types of bugs in cryptographic implementations and discuss both their cost and effectiveness.
Portland, OR
421 SW 6th Avenue, Suite 300 Arlington, VA
901 N Stuart Street, Suite 501 Minneapolis, MN
111 Third Avenue South, Suite 350 Dayton, OH
444 E 2nd Street contact@galois.com