{"id":"https://openalex.org/W7117900046","doi":"https://doi.org/10.1109/milcom64451.2025.11310477","title":"Leveraging Formal Methods to Strengthen Cyber-Resilience in Authorization to Operate","display_name":"Leveraging Formal Methods to Strengthen Cyber-Resilience in Authorization to Operate","publication_year":2025,"publication_date":"2025-10-06","ids":{"openalex":"https://openalex.org/W7117900046","doi":"https://doi.org/10.1109/milcom64451.2025.11310477"},"language":null,"primary_location":{"id":"doi:10.1109/milcom64451.2025.11310477","is_oa":false,"landing_page_url":"https://doi.org/10.1109/milcom64451.2025.11310477","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"MILCOM 2025 - 2025 IEEE Military Communications Conference (MILCOM)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5104910221","display_name":"Alice Lee","orcid":null},"institutions":[{"id":"https://openalex.org/I4210122954","display_name":"MIT Lincoln Laboratory","ror":"https://ror.org/022z6jk58","country_code":"US","type":"facility","lineage":["https://openalex.org/I4210122954","https://openalex.org/I63966007"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Alice Lee","raw_affiliation_strings":["Secure Resilient Systems &#x0026; Technology,MIT Lincoln Laboratory,Lexington,MA"],"affiliations":[{"raw_affiliation_string":"Secure Resilient Systems &#x0026; Technology,MIT Lincoln Laboratory,Lexington,MA","institution_ids":["https://openalex.org/I4210122954"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5086474841","display_name":"J. Cheng","orcid":null},"institutions":[{"id":"https://openalex.org/I4210122954","display_name":"MIT Lincoln Laboratory","ror":"https://ror.org/022z6jk58","country_code":"US","type":"facility","lineage":["https://openalex.org/I4210122954","https://openalex.org/I63966007"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jack Cheng","raw_affiliation_strings":["Secure Resilient Systems &#x0026; Technology,MIT Lincoln Laboratory,Lexington,MA"],"affiliations":[{"raw_affiliation_string":"Secure Resilient Systems &#x0026; Technology,MIT Lincoln Laboratory,Lexington,MA","institution_ids":["https://openalex.org/I4210122954"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5121693687","display_name":"Tim Braje","orcid":null},"institutions":[{"id":"https://openalex.org/I4210122954","display_name":"MIT Lincoln Laboratory","ror":"https://ror.org/022z6jk58","country_code":"US","type":"facility","lineage":["https://openalex.org/I4210122954","https://openalex.org/I63966007"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Tim Braje","raw_affiliation_strings":["Secure Resilient Systems &#x0026; Technology,MIT Lincoln Laboratory,Lexington,MA"],"affiliations":[{"raw_affiliation_string":"Secure Resilient Systems &#x0026; Technology,MIT Lincoln Laboratory,Lexington,MA","institution_ids":["https://openalex.org/I4210122954"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5025370831","display_name":"Noah Luther","orcid":null},"institutions":[{"id":"https://openalex.org/I4210122954","display_name":"MIT Lincoln Laboratory","ror":"https://ror.org/022z6jk58","country_code":"US","type":"facility","lineage":["https://openalex.org/I4210122954","https://openalex.org/I63966007"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Noah Luther","raw_affiliation_strings":["Secure Resilient Systems &#x0026; Technology,MIT Lincoln Laboratory,Lexington,MA"],"affiliations":[{"raw_affiliation_string":"Secure Resilient Systems &#x0026; Technology,MIT Lincoln Laboratory,Lexington,MA","institution_ids":["https://openalex.org/I4210122954"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5012636560","display_name":"Ian McQuoid","orcid":null},"institutions":[{"id":"https://openalex.org/I4210122954","display_name":"MIT Lincoln Laboratory","ror":"https://ror.org/022z6jk58","country_code":"US","type":"facility","lineage":["https://openalex.org/I4210122954","https://openalex.org/I63966007"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ian McQuoid","raw_affiliation_strings":["Secure Resilient Systems &#x0026; Technology,MIT Lincoln Laboratory,Lexington,MA"],"affiliations":[{"raw_affiliation_string":"Secure Resilient Systems &#x0026; Technology,MIT Lincoln Laboratory,Lexington,MA","institution_ids":["https://openalex.org/I4210122954"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5108192370","display_name":"Gruia-Catalin Roman","orcid":null},"institutions":[{"id":"https://openalex.org/I169521973","display_name":"University of New Mexico","ror":"https://ror.org/05fs6jp91","country_code":"US","type":"education","lineage":["https://openalex.org/I169521973"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Gruia-Catalin Roman","raw_affiliation_strings":["University of New Mexico,Department of Computer Science,Albuquerque,NM"],"affiliations":[{"raw_affiliation_string":"University of New Mexico,Department of Computer Science,Albuquerque,NM","institution_ids":["https://openalex.org/I169521973"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5004304587","display_name":"Joseph Dan Trujillo","orcid":null},"institutions":[{"id":"https://openalex.org/I1280414376","display_name":"United States Air Force Research Laboratory","ror":"https://ror.org/02e2egq70","country_code":"US","type":"facility","lineage":["https://openalex.org/I1280414376","https://openalex.org/I1330347796","https://openalex.org/I4210102105","https://openalex.org/I4389425425"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Joseph Dan Trujillo","raw_affiliation_strings":["Space Vehicles Directorate,Air Force Research Laboratory,Albuquerque,NM"],"affiliations":[{"raw_affiliation_string":"Space Vehicles Directorate,Air Force Research Laboratory,Albuquerque,NM","institution_ids":["https://openalex.org/I1280414376"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5071851009","display_name":"Richard Skowyra","orcid":"https://orcid.org/0000-0002-2882-5034"},"institutions":[{"id":"https://openalex.org/I4210122954","display_name":"MIT Lincoln Laboratory","ror":"https://ror.org/022z6jk58","country_code":"US","type":"facility","lineage":["https://openalex.org/I4210122954","https://openalex.org/I63966007"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Richard Skowyra","raw_affiliation_strings":["Secure Resilient Systems &#x0026; Technology,MIT Lincoln Laboratory,Lexington,MA"],"affiliations":[{"raw_affiliation_string":"Secure Resilient Systems &#x0026; Technology,MIT Lincoln Laboratory,Lexington,MA","institution_ids":["https://openalex.org/I4210122954"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5053483682","display_name":"Samuel Mergendahl","orcid":"https://orcid.org/0009-0000-8333-4484"},"institutions":[{"id":"https://openalex.org/I4210122954","display_name":"MIT Lincoln Laboratory","ror":"https://ror.org/022z6jk58","country_code":"US","type":"facility","lineage":["https://openalex.org/I4210122954","https://openalex.org/I63966007"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Samuel Mergendahl","raw_affiliation_strings":["Secure Resilient Systems &#x0026; Technology,MIT Lincoln Laboratory,Lexington,MA"],"affiliations":[{"raw_affiliation_string":"Secure Resilient Systems &#x0026; Technology,MIT Lincoln Laboratory,Lexington,MA","institution_ids":["https://openalex.org/I4210122954"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":9,"corresponding_author_ids":["https://openalex.org/A5104910221"],"corresponding_institution_ids":["https://openalex.org/I4210122954"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.70378439,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"1037","last_page":"1043"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12203","display_name":"Mobile Agent-Based Network Management","score":0.11069999635219574,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12203","display_name":"Mobile Agent-Based Network Management","score":0.11069999635219574,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.1096000000834465,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12042","display_name":"Satellite Communication Systems","score":0.10040000081062317,"subfield":{"id":"https://openalex.org/subfields/2202","display_name":"Aerospace Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.6711999773979187},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.6697999835014343},{"id":"https://openalex.org/keywords/formal-methods","display_name":"Formal methods","score":0.6467999815940857},{"id":"https://openalex.org/keywords/authorization","display_name":"Authorization","score":0.6269000172615051},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.49380001425743103},{"id":"https://openalex.org/keywords/control","display_name":"Control (management)","score":0.40950000286102295},{"id":"https://openalex.org/keywords/order","display_name":"Order (exchange)","score":0.40389999747276306},{"id":"https://openalex.org/keywords/architecture","display_name":"Architecture","score":0.3955000042915344}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6851000189781189},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.6711999773979187},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.6697999835014343},{"id":"https://openalex.org/C75606506","wikidata":"https://www.wikidata.org/wiki/Q1049183","display_name":"Formal methods","level":2,"score":0.6467999815940857},{"id":"https://openalex.org/C108759981","wikidata":"https://www.wikidata.org/wiki/Q788590","display_name":"Authorization","level":2,"score":0.6269000172615051},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5788000226020813},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.49380001425743103},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.43540000915527344},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.40950000286102295},{"id":"https://openalex.org/C182306322","wikidata":"https://www.wikidata.org/wiki/Q1779371","display_name":"Order (exchange)","level":2,"score":0.40389999747276306},{"id":"https://openalex.org/C195094911","wikidata":"https://www.wikidata.org/wiki/Q14167904","display_name":"Process management","level":1,"score":0.3982999920845032},{"id":"https://openalex.org/C123657996","wikidata":"https://www.wikidata.org/wiki/Q12271","display_name":"Architecture","level":2,"score":0.3955000042915344},{"id":"https://openalex.org/C111498074","wikidata":"https://www.wikidata.org/wiki/Q173326","display_name":"Formal verification","level":2,"score":0.3937999904155731},{"id":"https://openalex.org/C18762648","wikidata":"https://www.wikidata.org/wiki/Q42213","display_name":"Work (physics)","level":2,"score":0.3928000032901764},{"id":"https://openalex.org/C116253237","wikidata":"https://www.wikidata.org/wiki/Q1437424","display_name":"Formal specification","level":2,"score":0.36149999499320984},{"id":"https://openalex.org/C35869016","wikidata":"https://www.wikidata.org/wiki/Q846636","display_name":"Software architecture","level":3,"score":0.34299999475479126},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.3395000100135803},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.334199994802475},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.3336000144481659},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.2957000136375427},{"id":"https://openalex.org/C201995342","wikidata":"https://www.wikidata.org/wiki/Q682496","display_name":"Systems engineering","level":1,"score":0.2842999994754791},{"id":"https://openalex.org/C98025372","wikidata":"https://www.wikidata.org/wiki/Q477538","display_name":"Systems architecture","level":3,"score":0.2840000092983246},{"id":"https://openalex.org/C149091818","wikidata":"https://www.wikidata.org/wiki/Q2429814","display_name":"Software system","level":3,"score":0.26759999990463257},{"id":"https://openalex.org/C110354214","wikidata":"https://www.wikidata.org/wiki/Q6314146","display_name":"Engineering management","level":1,"score":0.25519999861717224}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/milcom64451.2025.11310477","is_oa":false,"landing_page_url":"https://doi.org/10.1109/milcom64451.2025.11310477","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"MILCOM 2025 - 2025 IEEE Military Communications Conference (MILCOM)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":10,"referenced_works":["https://openalex.org/W2023035194","https://openalex.org/W2115309705","https://openalex.org/W2117590013","https://openalex.org/W2163347957","https://openalex.org/W2767162229","https://openalex.org/W4252547602","https://openalex.org/W4285303404","https://openalex.org/W4305010641","https://openalex.org/W4362661194","https://openalex.org/W4400365259"],"related_works":[],"abstract_inverted_index":{"Authorization":[0],"to":[1,12,45,63,73,80,88,117,143],"Operate":[2],"(ATO)":[3],"is":[4],"a":[5],"challenging":[6],"but":[7],"necessary":[8],"process":[9,84,104],"for":[10,15],"systems":[11,68],"obtain":[13],"approval":[14,46],"deployment":[16],"within":[17],"the":[18,56,60,82,90,101,128,151],"Department":[19],"of":[20,34,59,93],"Defense":[21],"(DoD).":[22],"ATO":[23,35,61,83,103,125,153],"includes":[24],"requirement":[25],"creation,":[26],"selection,":[27],"implementation,":[28],"and":[29,48,105,114,140,161],"satisfaction.":[30],"Because":[31],"each":[32],"step":[33],"involves":[36],"multiple":[37],"stakeholders,":[38,160],"any":[39],"disconnect":[40],"between":[41,159],"stakeholders":[42],"can":[43],"lead":[44],"difficulties":[47],"delay.":[49],"When":[50],"these":[51,75],"miscommunications":[52],"compound,":[53],"they":[54],"undermine":[55],"main":[57,107],"goal":[58],"process:":[62],"ensure":[64],"that":[65],"only":[66],"secure":[67],"are":[69],"deployed.":[70],"In":[71,96],"order":[72],"addresses":[74],"difficulties,":[76],"this":[77],"paper":[78],"proposes":[79],"augment":[81],"with":[85],"formal":[86,112],"methods":[87,113],"strengthen":[89],"cybersecurity":[91],"posture":[92],"deployed":[94],"systems.":[95],"particular,":[97],"we":[98,121],"first":[99],"introduce":[100,111],"traditional":[102,152],"its":[106],"stakeholders.":[108],"We":[109],"then":[110],"their":[115],"role":[116],"improve":[118],"ATO.":[119],"Finally,":[120],"apply":[122],"our":[123,146],"enhanced":[124],"architecture":[126],"on":[127],"Cyber-Hardened":[129],"Satellite":[130],"Software":[131],"(CHSS),":[132],"satellite":[133],"flight":[134],"control":[135],"software":[136],"developed":[137],"by":[138],"AFRL/RV":[139],"MIT":[141],"LL,":[142],"demonstrate":[144],"how":[145],"work":[147],"illuminates":[148],"gaps":[149],"in":[150,156],"process,":[154],"aids":[155],"better":[157],"communication":[158],"provides":[162],"formalized":[163],"security":[164],"guarantees.":[165]},"counts_by_year":[],"updated_date":"2026-02-23T20:09:44.859080","created_date":"2026-01-01T00:00:00"}