647 research outputs found
FPGA based remote code integrity verification of programs in distributed embedded systems
The explosive growth of networked embedded systems has made ubiquitous and pervasive computing a reality. However, there are still a number of new challenges to its widespread adoption that include scalability, availability, and, especially, security of software. Among the different challenges in software security, the problem of remote-code integrity verification is still waiting for efficient solutions. This paper proposes the use of reconfigurable computing to build a consistent architecture for generation of attestations (proofs) of code integrity for an executing program as well as to deliver them to the designated verification entity. Remote dynamic update of reconfigurable devices is also exploited to increase the complexity of mounting attacks in a real-word environment. The proposed solution perfectly fits embedded devices that are nowadays commonly equipped with reconfigurable hardware components that are exploited to solve different computational problems
Modal Abstractions for Virtualizing Memory Addresses
Operating system kernels employ virtual memory management (VMM) subsystems to
virtualize the addresses of memory regions in order to to isolate untrusted
processes, ensure process isolation and implement demand-paging and
copy-on-write behaviors for performance and resource controls. Bugs in these
systems can lead to kernel crashes. VMM code is a critical piece of
general-purpose OS kernels, but their verification is challenging due to the
hardware interface (mappings are updated via writes to memory locations, using
addresses which are themselves virtualized). Prior work on VMM verification has
either only handled a single address space, trusted significant pieces of
assembly code, or resorted to direct reasoning over machine semantics rather
than exposing a clean logical interface.
In this paper, we introduce a modal abstraction to describe the truth of
assertions relative to a specific virtual address space, allowing different
address spaces to refer to each other, and enabling verification of instruction
sequences manipulating multiple address spaces. Using them effectively requires
working with other assertions, such as points-to assertions in our separation
logic, as relative to a given address space. We therefore define virtual
points-to assertions, which mimic hardware address translation, relative to a
page table root. We demonstrate our approach with challenging fragments of VMM
code showing that our approach handles examples beyond what prior work can
address, including reasoning about a sequence of instructions as it changes
address spaces. All definitions and theorems mentioned in this paper including
the operational model of a RISC-like fragment of supervisor-mode x86-64, and a
logic as an instantiation of the Iris framework, are mechanized inside Coq
Formal Verification of Privacy in Pervasive Systems
Pervasive systems enhance a user's everyday experience. However, the use of pervasive sensing and context aware devices can result very intrusive from a privacy perspective. A familiar pervasive device is a mobile phone. Mobile telephony equipment is daily carried everywhere. Avoiding linkability of subscribers by third
parties, and protecting their privacy is one of the goals of mobile telecommunication protocols.
We use experimental and formal methods to model and analyse the security properties of mobile telephony protocols. We expose novel threats to the user privacy, which make it possible to trace and identify mobile
telephony subscribers, and for some of the attacks we demonstrate the feasibility of a low cost implementation. We propose fixes to these privacy issues. We prove that our privacy friendly fixes satisfy the desired unlinkability and anonymity properties. Finally, we develop the first extension of the Pro Verif tool for the automatic verification of equivalence based properties of stateful protocols.
This work shows how to formally verity privacy properties of pervasive systems. Moreover, we develop an automatic verification tool for the verification of equivalence based properties of stateful protocols. Further work in this direction will eventually widen the class of security protocols and security properties verifiable
using automatic verification tools
- …