Gate-Level Information Flow Tracking for Security Lattices

High-assurance systems found in safety-critical infrastructures are facing steadily increasing cyber threats. These critical systems require rigorous guarantees in information flow security to prevent confidential information from leaking to an unclassified domain and the root of trust from being violated by an untrusted party. To enforce bit-tight information flow control, gate-level information flow tracking (GLIFT) has recently been proposed to precisely measure and manage all digital information flows in the underlying hardware, including implicit flows through hardware-specific timing channels. However, existing work in this realm either restricts to two-level security labels or essentially targets two-input primitive gates and several simple multilevel security lattices. This article provides a general way to expand the GLIFT method for multilevel security. Specifically, it formalizes tracking logic for an arbitrary Boolean gate under finite security lattices, presents a precise tracking logic generation method for eliminating false positives in GLIFT logic created in a constructive manner, and illustrates application scenarios of GLIFT for enforcing multilevel information flow security. Experimental results show various trade-offs in precision and performance of GLIFT logic created using different methods. It also reveals the area and performance overheads that should be expected when expanding GLIFT for multilevel security

Algorithms for selective enumeration of prime implicants

We present a new approach for selective enumeration of prime implicants of CNF formulae. The method uses a 0-1 programming schema, having feasible solutions corresponding to prime implicants. Prime implicants are generated one at a rime, so that as many of them can be computed as needed by the specific application considered. Selective generation is also supported, whereby preferences on the structure of generated prime implicants can be specified. We present two algorithms for selective enumeration of prime implicants and discuss their properties. The former amounts to solving the basic 0-1 programming schema first, to obtain an implicant psi' (not necessarily a prime one), and then generating a prime implicant implied by psi'. The latter is based on adding a suitable minimization function to the basic 0-1 programming schema so that finding optimal solutions corresponds one-to-one to generating prime implicants of the original theory. We show that the latter algorithm has wider applicability but is less efficient than the former one. Finally we present experimental results, which confirm the effectiveness of our approach in computing prime implicants of CNF formulae. (C) 1999 Elsevier Science B.V. All rights reserved