| dc.contributor.advisor | Daniel Weitzner and Adam Chlipala. | en_US |
| dc.contributor.author | Wood, Clark,S. M.Massachusetts Institute of Technology. | en_US |
| dc.contributor.other | Massachusetts Institute of Technology. Institute for Data, Systems, and Society. | en_US |
| dc.contributor.other | Technology and Policy Program. | en_US |
| dc.date.accessioned | 2019-09-17T19:47:59Z | |
| dc.date.available | 2019-09-17T19:47:59Z | |
| dc.date.copyright | 2019 | en_US |
| dc.date.issued | 2019 | en_US |
| dc.identifier.uri | https://hdl.handle.net/1721.1/122219 | |
| dc.description | Thesis: S.M. in Technology and Policy, Massachusetts Institute of Technology, School of Engineering, Institute for Data, Systems, and Society, 2019 | en_US |
| dc.description | Cataloged from PDF version of thesis. | en_US |
| dc.description | Includes bibliographical references (pages 77-84). | en_US |
| dc.description.abstract | We discuss a problem: Internet of Things devices running software are vulnerable to accidents and exploitation, a technology solution: preventing exploitable bugs by developing machine-checked proofs of software correctness and security, and a policy lever to incentivize adoption of this solution: a safe harbor from FTC unfairness prosecution for manufacturers that use formal methods to guarantee safer, more secure devices. To motivate the potential of formal methods, we present a technical contribution: a formally verified connected lightbulb switch, proven immune to certain types of software exploits. We discuss a framework, the Common Weakness Enumeration, that the FTC and manufacturers could use as a shared language to explain what classes of software vulnerability a manufacturer will defend against. We outline the authority of the FTC in regards to poor data security practices as unfair practices and how our safe harbor would both provide immunity to participants and be updated over time to continue to incentivize ever stronger software protections. | en_US |
| dc.description.statementofresponsibility | by Clark Wood. | en_US |
| dc.format.extent | 84 pages ; | en_US |
| dc.language.iso | eng | en_US |
| dc.publisher | Massachusetts Institute of Technology | en_US |
| dc.rights | MIT theses are protected by copyright. They may be viewed, downloaded, or printed from this source but further reproduction or distribution in any format is prohibited without written permission. | en_US |
| dc.rights.uri | http://dspace.mit.edu/handle/1721.1/7582 | en_US |
| dc.subject | Institute for Data, Systems, and Society. | en_US |
| dc.subject | Technology and Policy Program. | en_US |
| dc.title | A formal methods safe harbor | en_US |
| dc.type | Thesis | en_US |
| dc.description.degree | S.M. in Technology and Policy | en_US |
| dc.contributor.department | Massachusetts Institute of Technology. Institute for Data, Systems, and Society | en_US |
| dc.contributor.department | Massachusetts Institute of Technology. Engineering Systems Division | |
| dc.contributor.department | Technology and Policy Program | en_US |
| dc.identifier.oclc | 1117710226 | en_US |
| dc.description.collection | S.M.inTechnologyandPolicy Massachusetts Institute of Technology, School of Engineering, Institute for Data, Systems, and Society | en_US |
| dspace.imported | 2019-09-17T19:47:56Z | en_US |
| mit.thesis.degree | Master | en_US |
| mit.thesis.department | ESD | en_US |
| mit.thesis.department | IDSS | en_US |
