10,700 research outputs found
Combining k-Induction with Continuously-Refined Invariants
Bounded model checking (BMC) is a well-known and successful technique for
finding bugs in software. k-induction is an approach to extend BMC-based
approaches from falsification to verification. Automatically generated
auxiliary invariants can be used to strengthen the induction hypothesis. We
improve this approach and further increase effectiveness and efficiency in the
following way: we start with light-weight invariants and refine these
invariants continuously during the analysis. We present and evaluate an
implementation of our approach in the open-source verification-framework
CPAchecker. Our experiments show that combining k-induction with
continuously-refined invariants significantly increases effectiveness and
efficiency, and outperforms all existing implementations of k-induction-based
software verification in terms of successful verification results.Comment: 12 pages, 5 figures, 2 tables, 2 algorithm
Model-based dependability analysis : state-of-the-art, challenges and future outlook
Abstract: Over the past two decades, the study of model-based dependability analysis has gathered significant research interest. Different approaches have been developed to automate and address various limitations of classical dependability techniques to contend with the increasing complexity and challenges of modern safety-critical system. Two leading paradigms have emerged, one which constructs predictive system failure models from component failure models compositionally using the topology of the system. The other utilizes design models - typically state automata - to explore system behaviour through fault injection. This paper reviews a number of prominent techniques under these two paradigms, and provides an insight into their working mechanism, applicability, strengths and challenges, as well as recent developments within these fields. We also discuss the emerging trends on integrated approaches and advanced analysis capabilities. Lastly, we outline the future outlook for model-based dependability analysis
AKER: A Design and Verification Framework for Safe andSecure SoC Access Control
Modern systems on a chip (SoCs) utilize heterogeneous architectures where
multiple IP cores have concurrent access to on-chip shared resources. In
security-critical applications, IP cores have different privilege levels for
accessing shared resources, which must be regulated by an access control
system. AKER is a design and verification framework for SoC access control.
AKER builds upon the Access Control Wrapper (ACW) -- a high performance and
easy-to-integrate hardware module that dynamically manages access to shared
resources. To build an SoC access control system, AKER distributes the ACWs
throughout the SoC, wrapping controller IP cores, and configuring the ACWs to
perform local access control. To ensure the access control system is
functioning correctly and securely, AKER provides a property-driven security
verification using MITRE common weakness enumerations. AKER verifies the SoC
access control at the IP level to ensure the absence of bugs in the
functionalities of the ACW module, at the firmware level to confirm the secure
operation of the ACW when integrated with a hardware root-of-trust (HRoT), and
at the system level to evaluate security threats due to the interactions among
shared resources. The performance, resource usage, and security of access
control systems implemented through AKER is experimentally evaluated on a
Xilinx UltraScale+ programmable SoC, it is integrated with the OpenTitan
hardware root-of-trust, and it is used to design an access control system for
the OpenPULP multicore architecture
A generic debug interface for IP-integrated assertions
Der Entwurf von Hardware/Software Systemen ist auf eine solide
Verifikationsmethodik angewiesen, die den ganzen Design Flow durchzieht.
Viele Konzepte haben eine Erhöhung des Abstraktionsniveaus bei der
Entwurfseingabe gemeinsam, wobei der modell-basierte Hardware-Entwurf einen
vielversprechenden und sich verbreitenenden Ansatz darstellt. Assertion
basierte Verifikation ermöglicht dem Entwickler die Spezifikation von
Eigenschaften des Entwurfes und die Aufdeckung von Fällen, in denen diese
verletzt werden. Während Assertions in Entwurfs- und Simulationsstadien
weit verbreitet sind, ist der Ansatz, diese mit auf dem integrierten
Schaltkreis (IC) zu fertigen, neuartig. In dieser Diplomarbeit soll ein von
Infineon Technologies entwickeltes, auf UML basierendes Datenmodell,
welches zur Erfassung von Entwurfsspezifikation und zur automatischen
Code-Generierung genutzt wird dahingehend erweitert werden, die
Beschreibung für im IC integrierte Assertions zu ermöglichen. Für diese
Zwecke wird ein abstraktes Datenmodell beschrieben werden. Das Assertion
Interface soll die spezifikationsgetreue Modellintegration gewährleisten,
sowie IC interne Assertionresultate dem umgebenen System über das Interface
zugänglich machen und damit zum Debugging während der Laufzeit ermöglichen.
Ferner werden die Codegenerierungs Templates erläutert und
einBeispielsystem eingeführt, um die beschriebenden Konzepte zu validieren.Nowadays electronic systems design requires fast time to market and solid verification throughout the entire design flow. Many concepts have been researched to raise the level of abstraction during the design entry phase, whereas model-based design is the most promising one. Assertion-based verification enables the developer to specify properties of the design and to get report if these are violated. Assertions are common during development and simulation of electronic products but often are not included in the final silicon. In this thesis an UML-based model defined at Infineon Technologies for capturing design specification information and to generate code automatically using templates, will be extended to allow the description of an abstract debuggable assertion interface for silicon assertions. With help of the assertion interface it shall be possible to verify the correct module integration and to monitor IP-internal assertion checker results. Besides, the code-generation templates for the assertion interface model will be described. To demonstrate the usability of the developed concepts an example system will be introduced to validate the approach.Ilmenau, Techn. Univ., Diplomarbeit, 200
Architecture Layer Based Grid Computing Security Study
With increasing grid computing application in more and more industries and sectors, grid security has grown into the most critical as well as important aspect in overall application architecture. This article, from architecture layer security dimension, studies security issue in grid computing environments, indicating architecture layer based security solutions in current grid computing and proposing grid security recommendations as well, which will contribute to further defining and analyzing security strategy in grid computing and function as a guideline to the development of grid computing technology. Keywords: grid security infrastructure; security strategy; grid computin
- …