Filters








6 Hits in 8.0 sec

HYDRA: HYbrid Design for Remote Attestation (Using a Formally Verified Microkernel) [article]

Karim ElDefrawy, Norrathep Rattanavipanon, Gene Tsudik
2017 arXiv   pre-print
HYDRA obtains these properties by using the formally verified seL4 microkernel. (Until now, this was only attainable with purely hardware-based designs.)  ...  Remote Attestation (RA) allows a trusted entity (verifier) to securely measure internal state of a remote untrusted hardware platform (prover).  ...  CONCLUSIONS This paper presents the first hybrid Remote Attestation design, HYDRA, that leverages the formally verified seL4 microkernel to instantiate memory and process isolation, and enforce access  ... 
arXiv:1703.02688v2 fatcat:wuggtxvwbvfghbgentun6hr2di

ASSURED: Architecture for Secure Software Update of Realistic Embedded Devices

N. Asokan, Thomas Nyman, Norrathep Rattanavipanon, Ahmad-Reza Sadeghi, Gene Tsudik
2018 IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems  
This motivates our design of ASSURED, a secure and scalable update framework for IoT.  ...  Prior techniques, designed for other computational settings, are not readily suitable for IoT devices, since they do not consider idiosyncrasies of a realistic large-scale IoT deployment.  ...  HYDRA implements a hybrid (HW/SW) remote attestation design by building upon the formally verified seL4 [24] microkernel, which provably guarantees process memory isolation and enforces access control  ... 
doi:10.1109/tcad.2018.2858422 fatcat:xtblhx7qfngx3nanazcdwzqo54

Formally Verified Hardware/Software Co-Design for Remote Attestation [article]

Ivan De Oliveira Nunes, Karim Eldefrawy, Norrathep Rattanavipanon, Michael Steiner, Gene Tsudik
2019 arXiv   pre-print
In this work, we take the first step towards formal verification of Remote Attestation (RA) by designing and verifying an architecture called VRASED: Verifiable Remote Attestation for Simple Embedded Devices  ...  VRASED instantiates a hybrid (HW/SW) RA co-design aimed at low-end embedded systems, e.g., simple IoT devices.  ...  Title: VRASED: A Verified Hardware/Software Co-Design for Remote Attestation becomes extremely important.  ... 
arXiv:1811.00175v4 fatcat:rs3go6hbgjculmzg7njlxxkwmq

A Verified Architecture for Proofs of Execution on Remote Devices under Full Software Compromise [article]

Ivan De Oliveira Nunes, Karim Eldefrawy, Norrathep Rattanavipanon, Gene Tsudik
2020 arXiv   pre-print
In this paper we answer these questions by designing, proving security of, and formally verifying, VAPE: Verified Architecture for Proofs of Execution.  ...  This prompts the following three questions: (1) How to trust data produced by a simple remote embedded device? and (2) How to ascertain that this data was produced via execution of expected software?  ...  [31] designed and proved functional correctness of the seL4 microkernel. More recently, VRASED [17] realized a formally verified hybrid RA architecture.  ... 
arXiv:1908.02444v2 fatcat:ttsnger7sncpjpxoyefhllgvdu

Defense Advanced Research Projects Agency (Darpa) Fiscal Year 2016 Budget Estimates

Department Of Defense Comptroller's Office
2015 Zenodo  
Once a given design was developed and verified, iFAB took the formal design representation and automatically configured a digitally-programmable manufacturing facility, including the selection of participating  ...  through the use of co-funded research and formal technology transition activities for industry use.  ... 
doi:10.5281/zenodo.1215366 fatcat:cqn5tyfixjanzp5x3tgfkpedri

A secure isolation of software activities in tiny scale systems

Oliver Stecklina
2015 2015 IEEE International Conference on Pervasive Computing and Communication Workshops (PerCom Workshops)  
The lack of resource isolation makes tiny scale systems prone for accidental errors but in particular vulnerable for a broad variety of malicious software.  ...  For a safe and secure operation of computer systems it is strongly recommended that software components are isolated in such a manner that they have access only to those resources, which are assigned to  ...  Microkernels Microkernel, µ-kernel, systems were built long before the term itself was introduced, e.g. the system nucleus by Brinch Hansen [Han70] or the Hydra system by Wulf et al.  ... 
doi:10.1109/percomw.2015.7134037 dblp:conf/percom/Stecklina15 fatcat:exjpv5kxrzgczimh2rwjabeere