In today’s world, critical infrastructure is often controlled by computing systems. This introduces new risks for cyber attacks, which can compromise the security and disrupt the functionality of these systems. It is therefore necessary to build such systems with strong guarantees of resiliency against cyber attacks. One way to achieve this level of assurance is using formal verification, which provides proofs of system compliance with desired cyber security properties. The use of Formal Methods (FM) in aspects of cyber security and safety-critical systems are reviewed in this article. We split FM into the three main classes: theorem proving, model checking, and lightweight FM. To allow the different uses of FM to be compared, we define a common set of terms. We further develop categories based on the type of computing system FM are applied in. Solutions in each class and category are presented, discussed, compared, and summarised. We describe historical highlights and developments and present a state-of-the-art review in the area of FM in cyber security. This review is presented from the point of view of FM practitioners and researchers, commenting on the trends in each of the classes and categories. This is achieved by considering all types of FM, several types of security and safety-critical systems, and by structuring the taxonomy accordingly. The article hence provides a comprehensive overview of FM and techniques available to system designers of security-critical systems, simplifying the process of choosing the right tool for the task. The article concludes by summarising the discussion of the review, focusing on best practices, challenges, general future trends, and directions of research within this field.

在当今世界，关键基础设施通常由计算系统控制。这为网络攻击带来了新的风险，可能会危及安全并破坏这些系统的功能。因此，有必要构建这样的系统，以保证其能够抵御网络攻击。实现这种保证水平的一种方法是使用形式验证，它提供系统符合所需网络安全属性的证明。本文回顾了形式方法 (FM) 在网络安全和安全关键系统方面的使用。我们将 FM 分为三个主要类别：定理证明、模型检查和轻量级 FM。为了比较 FM 的不同用途，我们定义了一组通用术语。我们根据应用 FM 的计算系统类型进一步开发类别。介绍、讨论、比较和总结了每个类别和类别中的解决方案。我们描述了历史亮点和发展，并介绍了网络安全 FM 领域的最新评论。这篇评论是从 FM 从业者和研究人员的角度提出的，评论了每个类别和类别的趋势。这是通过考虑所有类型的 FM、几种类型的安全和安全关键系统以及相应地构建分类来实现的。因此，本文全面概述了安全关键系统的系统设计人员可用的 FM 和技术，简化了为任务选择正确工具的过程。文章最后总结了审查的讨论，重点关注最佳实践、挑战、总体未来趋势，