4,793 research outputs found
Automatic Verification of Message-Based Device Drivers
We develop a practical solution to the problem of automatic verification of
the interface between device drivers and the OS. Our solution relies on a
combination of improved driver architecture and verification tools. It supports
drivers written in C and can be implemented in any existing OS, which sets it
apart from previous proposals for verification-friendly drivers. Our
Linux-based evaluation shows that this methodology amplifies the power of
existing verification tools in detecting driver bugs, making it possible to
verify properties beyond the reach of traditional techniques.Comment: In Proceedings SSV 2012, arXiv:1211.587
Building Near-Real-Time Processing Pipelines with the Spark-MPI Platform
Advances in detectors and computational technologies provide new
opportunities for applied research and the fundamental sciences. Concurrently,
dramatic increases in the three Vs (Volume, Velocity, and Variety) of
experimental data and the scale of computational tasks produced the demand for
new real-time processing systems at experimental facilities. Recently, this
demand was addressed by the Spark-MPI approach connecting the Spark
data-intensive platform with the MPI high-performance framework. In contrast
with existing data management and analytics systems, Spark introduced a new
middleware based on resilient distributed datasets (RDDs), which decoupled
various data sources from high-level processing algorithms. The RDD middleware
significantly advanced the scope of data-intensive applications, spreading from
SQL queries to machine learning to graph processing. Spark-MPI further extended
the Spark ecosystem with the MPI applications using the Process Management
Interface. The paper explores this integrated platform within the context of
online ptychographic and tomographic reconstruction pipelines.Comment: New York Scientific Data Summit, August 6-9, 201
Domain-Type-Guided Refinement Selection Based on Sliced Path Prefixes
Abstraction is a successful technique in software verification, and
interpolation on infeasible error paths is a successful approach to
automatically detect the right level of abstraction in counterexample-guided
abstraction refinement. Because the interpolants have a significant influence
on the quality of the abstraction, and thus, the effectiveness of the
verification, an algorithm for deriving the best possible interpolants is
desirable. We present an analysis-independent technique that makes it possible
to extract several alternative sequences of interpolants from one given
infeasible error path, if there are several reasons for infeasibility in the
error path. We take as input the given infeasible error path and apply a
slicing technique to obtain a set of error paths that are more abstract than
the original error path but still infeasible, each for a different reason. The
(more abstract) constraints of the new paths can be passed to a standard
interpolation engine, in order to obtain a set of interpolant sequences, one
for each new path. The analysis can then choose from this set of interpolant
sequences and select the most appropriate, instead of being bound to the single
interpolant sequence that the interpolation engine would normally return. For
example, we can select based on domain types of variables in the interpolants,
prefer to avoid loop counters, or compare with templates for potential loop
invariants, and thus control what kind of information occurs in the abstraction
of the program. We implemented the new algorithm in the open-source
verification framework CPAchecker and show that our proof-technique-independent
approach yields a significant improvement of the effectiveness and efficiency
of the verification process.Comment: 10 pages, 5 figures, 1 table, 4 algorithm
FPGA based remote code integrity verification of programs in distributed embedded systems
The explosive growth of networked embedded systems has made ubiquitous and pervasive computing a reality. However, there are still a number of new challenges to its widespread adoption that include scalability, availability, and, especially, security of software. Among the different challenges in software security, the problem of remote-code integrity verification is still waiting for efficient solutions. This paper proposes the use of reconfigurable computing to build a consistent architecture for generation of attestations (proofs) of code integrity for an executing program as well as to deliver them to the designated verification entity. Remote dynamic update of reconfigurable devices is also exploited to increase the complexity of mounting attacks in a real-word environment. The proposed solution perfectly fits embedded devices that are nowadays commonly equipped with reconfigurable hardware components that are exploited to solve different computational problems
Agile Calibration Process of Full-Stack Simulation Frameworks for V2X Communications
Computer simulations and real-world car trials are essential to investigate
the performance of Vehicle-to-Everything (V2X) networks. However, simulations
are imperfect models of the physical reality and can be trusted only when they
indicate agreement with the real-world. On the other hand, trials lack
reproducibility and are subject to uncertainties and errors. In this paper, we
will illustrate a case study where the interrelationship between trials,
simulation, and the reality-of-interest is presented. Results are then compared
in a holistic fashion. Our study will describe the procedure followed to
macroscopically calibrate a full-stack network simulator to conduct
high-fidelity full-stack computer simulations.Comment: To appear in IEEE VNC 2017, Torino, I
SGXIO: Generic Trusted I/O Path for Intel SGX
Application security traditionally strongly relies upon security of the
underlying operating system. However, operating systems often fall victim to
software attacks, compromising security of applications as well. To overcome
this dependency, Intel introduced SGX, which allows to protect application code
against a subverted or malicious OS by running it in a hardware-protected
enclave. However, SGX lacks support for generic trusted I/O paths to protect
user input and output between enclaves and I/O devices.
This work presents SGXIO, a generic trusted path architecture for SGX,
allowing user applications to run securely on top of an untrusted OS, while at
the same time supporting trusted paths to generic I/O devices. To achieve this,
SGXIO combines the benefits of SGX's easy programming model with traditional
hypervisor-based trusted path architectures. Moreover, SGXIO can tweak insecure
debug enclaves to behave like secure production enclaves. SGXIO surpasses
traditional use cases in cloud computing and makes SGX technology usable for
protecting user-centric, local applications against kernel-level keyloggers and
likewise. It is compatible to unmodified operating systems and works on a
modern commodity notebook out of the box. Hence, SGXIO is particularly
promising for the broad x86 community to which SGX is readily available.Comment: To appear in CODASPY'1
- …