45 research outputs found
Proof-Producing Symbolic Execution for Binary Code Verification
We propose a proof-producing symbolic execution for verification of
machine-level programs. The analysis is based on a set of core inference rules
that are designed to give control over the tradeoff between preservation of
precision and the introduction of overapproximation to make the application to
real world code useful and tractable. We integrate our symbolic execution in a
binary analysis platform that features a low-level intermediate language
enabling the application of analyses to many different processor architectures.
The overall framework is implemented in the theorem prover HOL4 to be able to
obtain highly trustworthy verification results. We demonstrate our approach to
establish sound execution time bounds for a control loop program implemented
for an ARM Cortex-M0 processor
SoK: Confidential Quartet - Comparison of Platforms for Virtualization-Based Confidential Computing
Confidential computing allows processing sensitive workloads in securely isolated spaces. Following earlier adop- tion of process-based approaches to isolation, vendors are now enabling hardware and firmware support for virtualization-based confidential computing on several server platforms. Due to variations in the technology stack, threat model, implemen-tation and functionality, the available solutions offer somewhat different capabilities, trade-offs and security guarantees. In this paper we review, compare and contextualize four virtualization-based confidential computing technologies for enterprise server platforms - AMD SEV, ARM CCA, IBM PEF and Intel TDX
Beyond Over-Protection: A Targeted Approach to Spectre Mitigation and Performance Optimization
Since the advent of Spectre attacks, researchers and practitioners have
developed a range of hardware and software measures to counter transient
execution attacks. A prime example of such mitigation is speculative load
hardening in LLVM, which protects against leaks by tracking the speculation
state and masking values during misspeculation. LLVM relies on static analysis
to harden programs using slh that often results in over-protection, which
incurs performance overhead. We extended an existing side-channel model
validation framework, Scam-V, to check the vulnerability of programs to
Spectre-PHT attacks and optimize the protection of programs using the slh
approach. We illustrate the efficacy of Scam-V by first demonstrating that it
can automatically identify Spectre vulnerabilities in real programs, e.g.,
fragments of crypto-libraries. We then develop an optimization mechanism that
validates the necessity of slh hardening w.r.t. the target platform. Our
experiments showed that hardening introduced by LLVM in most cases could be
significantly improved when the underlying microarchitecture properties are
considered.Comment: The paper will appear in ACM AsiaCCS 202
Обнаружение дефектов подшипников электрических машин с помощью современных методов контроля
Материалы XIII Междунар. науч.-техн. конф. (науч. чтения, посвящ. 125-летию со дня рождения П. О. Сухого), Гомель, 22 окт. 2020 г
NS-Raubgut und Restitution in Bibliotheken - Ausbildungsinhalte für Informationsfachleute
60 Jahre nach Ende des Zweiten Weltkrieges und der nationalsozialistischen Herrschaft befindet sich noch immer NS-Raubgut im Bestand deutscher Bibliotheken. In der vorliegenden Bachelorarbeit wird eine Übersicht zur Thematik „NS-Raubgut und Restitution in Bibliotheken“ erarbeitet. Dies geschieht mit dem Ziel, im weiteren Verlauf der Arbeit aufzuzeigen, wie diese Inhalte in die Ausbildung von Informationsfachleuten integriert werden können. Nach einer Einführung in den Themenkomplex erfolgt zunächst eine Statusermittlung des derzeitigen Umgangs mit der Thematik innerhalb der Ausbildung von Informationsfachleuten an deutschen Hochschulen. Darauf aufbauend werden Vorlesungsinhalte erarbeitet, die sich für die Vermittlung in der Ausbildung eignen. Die Betrachtung möglicher Vermittlungsformen ist ebenfalls enthalten