Skip to main content


Secure mathematically-assured composition of control models


Darren Cofer, John Backes, Andrew Gacek, Daniel DaCosta, Michael Whalen, Ihor Kuz, Gerwin Klein, Gernot Heiser, Lee Pike, Adam Foltzer, Michael Podhradsky, Douglas Stuart, Jason Graham and Brett Wilson



Rockwell Collins


University of Minnesota


The Secure Mathematically-Assured Composition of Control Models project (SMACCM) has developed new tools for building UAV software that is provably secure against many classes of cyber-attack. The goal of the project is to provide verifiable security; that is, system designs which provide the highest levels of confidence in their security based upon verifiable evidence. The SMACCM team has developed system architecture models, software components for mission and control functions, and operating system software, all of which are mathematically analyzed to ensure key security properties.

BibTeX Entry

    publisher        = {USA Department of Defence},
    author           = {Cofer, Darren and Backes, John and Gacek, Andrew and DaCosta, Daniel and Whalen, Michael and Kuz,
                        Ihor and Klein, Gerwin and Heiser, Gernot and Pike, Lee and Foltzer, Adam and Podhradsky, Michael
                        and Stuart, Douglas and Graham, Jason and Wilson, Brett},
    month            = sep,
    year             = {2017},
    date             = {2017-9-27},
    title            = {Secure Mathematically-Assured Composition of Control Models},
    institution      = {Data61, CSIRO}


Served by Apache on Linux on seL4.