Proof-Producing Symbolic Execution for Binary Code Verification

We propose a proof-producing symbolic execution for verification of machine-level programs. The analysis is based on a set of core inference rules that are designed to give control over the tradeoff between preservation of precision and the introduction of overapproximation to make the application to real world code useful and tractable. We integrate our symbolic execution in a binary analysis platform that features a low-level intermediate language enabling the application of analyses to many different processor architectures. The overall framework is implemented in the theorem prover HOL4 to be able to obtain highly trustworthy verification results. We demonstrate our approach to establish sound execution time bounds for a control loop program implemented for an ARM Cortex-M0 processor

SoK: Confidential Quartet - Comparison of Platforms for Virtualization-Based Confidential Computing

Confidential computing allows processing sensitive workloads in securely isolated spaces. Following earlier adop- tion of process-based approaches to isolation, vendors are now enabling hardware and firmware support for virtualization-based confidential computing on several server platforms. Due to variations in the technology stack, threat model, implemen-tation and functionality, the available solutions offer somewhat different capabilities, trade-offs and security guarantees. In this paper we review, compare and contextualize four virtualization-based confidential computing technologies for enterprise server platforms - AMD SEV, ARM CCA, IBM PEF and Intel TDX

Beyond Over-Protection: A Targeted Approach to Spectre Mitigation and Performance Optimization

Since the advent of Spectre attacks, researchers and practitioners have developed a range of hardware and software measures to counter transient execution attacks. A prime example of such mitigation is speculative load hardening in LLVM, which protects against leaks by tracking the speculation state and masking values during misspeculation. LLVM relies on static analysis to harden programs using slh that often results in over-protection, which incurs performance overhead. We extended an existing side-channel model validation framework, Scam-V, to check the vulnerability of programs to Spectre-PHT attacks and optimize the protection of programs using the slh approach. We illustrate the efficacy of Scam-V by first demonstrating that it can automatically identify Spectre vulnerabilities in real programs, e.g., fragments of crypto-libraries. We then develop an optimization mechanism that validates the necessity of slh hardening w.r.t. the target platform. Our experiments showed that hardening introduced by LLVM in most cases could be significantly improved when the underlying microarchitecture properties are considered.Comment: The paper will appear in ACM AsiaCCS 202

Обнаружение дефектов подшипников электрических машин с помощью современных методов контроля

Материалы XIII Междунар. науч.-техн. конф. (науч. чтения, посвящ. 125-летию со дня рождения П. О. Сухого), Гомель, 22 окт. 2020 г

NS-Raubgut und Restitution in Bibliotheken - Ausbildungsinhalte für Informationsfachleute

60 Jahre nach Ende des Zweiten Weltkrieges und der nationalsozialistischen Herrschaft befindet sich noch immer NS-Raubgut im Bestand deutscher Bibliotheken. In der vorliegenden Bachelorarbeit wird eine Übersicht zur Thematik „NS-Raubgut und Restitution in Bibliotheken“ erarbeitet. Dies geschieht mit dem Ziel, im weiteren Verlauf der Arbeit aufzuzeigen, wie diese Inhalte in die Ausbildung von Informationsfachleuten integriert werden können. Nach einer Einführung in den Themenkomplex erfolgt zunächst eine Statusermittlung des derzeitigen Umgangs mit der Thematik innerhalb der Ausbildung von Informationsfachleuten an deutschen Hochschulen. Darauf aufbauend werden Vorlesungsinhalte erarbeitet, die sich für die Vermittlung in der Ausbildung eignen. Die Betrachtung möglicher Vermittlungsformen ist ebenfalls enthalten