23 research outputs found
Classification of Quantum Computer Fault Injection Attacks
The rapid growth of interest in quantum computing has brought about the need
to secure these powerful machines against a range of physical attacks. As qubit
counts increase and quantum computers achieve higher levels of fidelity, their
potential to execute novel algorithms and generate sensitive intellectual
property becomes more promising. However, there is a significant gap in our
understanding of the vulnerabilities these computers face in terms of security
and privacy attacks. Among the potential threats are physical attacks,
including those orchestrated by malicious insiders within data centers where
the quantum computers are located, which could compromise the integrity of
computations and resulting data. This paper presents an exploration of
fault-injection attacks as one class of physical attacks on quantum computers.
This work first introduces a classification of fault-injection attacks and
strategies, including the domain of fault-injection attacks, the fault targets,
and fault manifestations in quantum computers. The resulting classification
highlights the potential threats that exist. By shedding light on the
vulnerabilities of quantum computers to fault-injection attacks, this work
contributes to the development of robust security measures for this emerging
technology.Comment: 7 pages, 4 figure
Towards Automated Detection of Single-Trace Side-Channel Vulnerabilities in Constant-Time Cryptographic Code
Although cryptographic algorithms may be mathematically secure, it is often
possible to leak secret information from the implementation of the algorithms.
Timing and power side-channel vulnerabilities are some of the most widely
considered threats to cryptographic algorithm implementations. Timing
vulnerabilities may be easier to detect and exploit, and all high-quality
cryptographic code today should be written in constant-time style. However,
this does not prevent power side-channels from existing. With constant time
code, potential attackers can resort to power side-channel attacks to try
leaking secrets. Detecting potential power side-channel vulnerabilities is a
tedious task, as it requires analyzing code at the assembly level and needs
reasoning about which instructions could be leaking information based on their
operands and their values. To help make the process of detecting potential
power side-channel vulnerabilities easier for cryptographers, this work
presents Pascal: Power Analysis Side Channel Attack Locator, a tool that
introduces novel symbolic register analysis techniques for binary analysis of
constant-time cryptographic algorithms, and verifies locations of potential
power side-channel vulnerabilities with high precision. Pascal is evaluated on
a number of implementations of post-quantum cryptographic algorithms, and it is
able to find dozens of previously reported single-trace power side-channel
vulnerabilities in these algorithms, all in an automated manner
A Model-Driven Engineering Technique for Developing Composite Content Applications
Composite Content Applications (CCA) are cross-functional process solutions built on top of Enterprise Content Management systems assembled from pre-built components. Considering the complexity of CCAs, their analysis and development need higher level of abstraction. Model-driven engineering techniques covering the use of Domain-specific Modeling Languages (DSMLs), can provide the abstraction in question by moving software development from code to models which may increase productivity and reduce development costs. Hence, in this paper, we present MDD4CCA, a DSML for developing CCAs. The DSML presents an abstract syntax, a concrete syntax, and an operational semantics, including model-to-model and model-to-code transformations for CCA implementations. Use of the proposed language is evaluated within an industrial case study
AlloyInEcore: Embedding of First-Order Relational Logic into Meta-Object Facility for Automated Model Reasoning
We present AlloyInEcore, a tool for specifying metamodels with their static semantics to facilitate automated, formal reasoning on models. Software development projects require that software systems be specified in various models (e.g., requirements models, architecture models, test models, and source code). It is crucial to reason about those models to ensure the correct and complete system specifications. AlloyInEcore allows the user to specify metamodels with their static semantics, while, using the semantics, it automatically detects inconsistent models, and completes partial models. It has been evaluated on three industrial case studies in the automotive domain (https://modelwriter.github.io/AlloyInEcore/)
ETAP: Energy-aware Timing Analysis of Intermittent Programs
Energy harvesting battery-free embedded devices rely only on ambient energy
harvesting that enables stand-alone and sustainable IoT applications. These
devices execute programs when the harvested ambient energy in their energy
reservoir is sufficient to operate and stop execution abruptly (and start
charging) otherwise. These intermittent programs have varying timing behavior
under different energy conditions, hardware configurations, and program
structures. This paper presents Energy-aware Timing Analysis of intermittent
Programs (ETAP), a probabilistic symbolic execution approach that analyzes the
timing and energy behavior of intermittent programs at compile time. ETAP
symbolically executes the given program while taking time and energy cost
models for ambient energy and dynamic energy consumption into account. We
evaluated ETAP on several intermittent programs and compared the compile-time
analysis results with executions on real hardware. The results show that ETAP's
normalized prediction accuracy is 99.5%, and it speeds up the timing analysis
by at least two orders of magnitude compared to manual testing.Comment: Corrected typos in the previous submissio
ETAP: Energy-Aware Timing Analysis of Intermittent Programs
Energy harvesting battery-free embedded devices rely only on ambient energy harvesting that enables stand-alone and sustainable IoT applications. These devices execute programs when the harvested ambient energy in their energy reservoir is sufficient to operate and stop execution abruptly (and start charging) otherwise. These intermittent programs have varying timing behavior under different energy conditions, hardware configurations, and program structures. This article presents Energy-aware Timing Analysis of intermittent Programs (ETAP), a probabilistic symbolic execution approach that analyzes the timing and energy behavior of intermittent programs at compile time. ETAP symbolically executes the given program while taking time and energy cost models for ambient energy and dynamic energy consumption into account. We evaluate ETAP by comparing the compile-time analysis results of our benchmark codes and real-world application with the results of their executions on real hardware. Our evaluation shows that ETAP’s prediction error rate is between 0.0076% and 10.8%, and it speeds up the timing analysis by at least two orders of magnitude compared to manual testing.acceptedVersio
Survey of Approaches and Techniques for Security Verification of Computer Systems
This paper surveys the landscape of security verification approaches and techniques for computer systems at various levels: from a software-application level all the way to the physical hardware level. Different existing projects are compared, based on the tools used and security aspects being examined. Since many systems require both hardware and software components to work together to provide the system\u27s promised security protections, it is not sufficient to verify just the software levels or just the hardware levels in a mutually exclusive fashion. This survey especially highlights system levels that are verified by the different existing projects and presents to the readers the state of the art in hardware and software system security verification. Few approaches come close to providing full-system verification, and there is still much room for improvement
Tarski: A Platform for Automated Analysis of Traceability
Tarski is a tool that supports automated reasoning about traces based on configurable trace semantics. It has been implemented as a set of Eclipse plug-ins that activate the user interfaces and provides the features specifying trace types and their semantics, assigning traces in the artifacts using user-defined trace types, and reasoning about traces (i.e., deducing new traces and checking consistency of traces)