Filters








15,986 Hits in 7.2 sec

Trust but verify

Shuo Yang, Ali R. Butt, Y. Charlie Hu, Samuel P. Midkiff
2005 Proceedings of the tenth ACM SIGPLAN symposium on Principles and practice of parallel programming - PPoPP '05  
This paper describes the GridCop system which allows a computation on a remote, and potentially fraudulent, host system to be monitored for progress and execution correctness.  ...  A novel feature of our system is that it constructs cooperating submitter and host programs from the original program, and these programs allow both progress and execution correctness to be monitored with  ...  Acknowledgment We thank Josep Torrellas for giving us access to his machines at UIUC to perform remote job submission and monitoring experiments.  ... 
doi:10.1145/1065944.1065971 dblp:conf/ppopp/YangBHM05 fatcat:mt56sdf4ynhk7onnfihgwqajsa

Verifying computations without reexecuting them

Michael Walfish, Andrew J. Blumberg
2015 Communications of the ACM  
BLUMBERG IN THIS SETUP, a single reliable PC can monitor the operation of a herd of supercomputers working with possibly extremely powerful but unreliable software and untested hardware.  ...  For example, service providers (SPs) now offer storage, computation, managed desktops, and more.  ...  We thank Srinath Setty, Justin Thaler, Riad Wahby, Alexis Gallagher, the anonymous Communications reviewers, Boaz Barak, William Blumberg, Oded Goldreich, Yuval Ishai and Guy Rothblum.  ... 
doi:10.1145/2641562 fatcat:bfoaesayp5drrl73qlacnichmu

Verifying autonomous systems

Michael Fisher, Louise Dennis, Matt Webster
2013 Communications of the ACM  
driverless cars, unmanned aircraft, robotics, and remote monitoring. a key issue for autonomous systems is determining their safety and trustworthiness: how can we be sure the autonomous systems will  ...  methodologies to enable certification of such systems are urgently needed. the choices made by agent-based autonomous systems can be formally verified to provide evidence for certification. sample applications  ...  We are grateful to our many collaborators, but particularly Rafael Bordini, Neil Cameron, Mike Jump, Alexei Lisitsa, Nick Lincoln, Bertie Müller, and Sandor Veres.  ... 
doi:10.1145/2494558 fatcat:msznzwnxjnffbl3jxh2pvtl35q

Verifying autonomous systems

Michael Fisher, Louise Dennis, Matt Webster
2013 Communications of the ACM  
We are grateful to our many collaborators, but particularly Rafael Bordini, Neil Cameron, Mike Jump, Alexei Lisitsa, Nick Lincoln, Bertie Müller, and Sandor Veres.  ...  This work was partially supported by EPSRC, while the Virtual Engineering Centre is a University of Liverpool project partially supported by both NWDA and ERDF.  ...  This is termed the model checking of programs [36] and depends on being able to extract all these possible program executions, for example through symbolic execution.  ... 
doi:10.1145/2500468.2494558 fatcat:wquco4zkinhnhkpdziiivapwf4

Trusted Computing, Trusted Third Parties, and Verified Communications [chapter]

Martín Abadi
2004 Security and Protection in Information Processing Systems  
These trusted third parties may be used for supporting communications in distributed systems.  ...  We present and explore this application of Trusted Computing, both in general and in specific instantiations .  ...  Chandu Thekkath and Ted Wobber also suggested improvements to a draft ofthis paper. Thanks to alt ofthem.  ... 
doi:10.1007/1-4020-8143-x_19 dblp:conf/sec/Abadi04 fatcat:ebhxhtdavjdvbbguowl57nowey

Building Verifiable Trusted Path on Commodity x86 Computers

Zongwei Zhou, Virgil D. Gligor, James Newsome, Jonathan M. McCune
2012 2012 IEEE Symposium on Security and Privacy  
A trusted path is a protected channel that assures the secrecy and authenticity of data transfers between a user's input/output (I/O) device and a program trusted by that user.  ...  Our system enables users to verify the states and configurations of one or more trusted-paths using a simple, secret-less, hand-held device.  ...  We also want to thank Adrian Perrig and Amit Vasudevan for stimulating conversations on trusted path.  ... 
doi:10.1109/sp.2012.42 dblp:conf/sp/ZhouGNM12 fatcat:2s2r4wbzlfb7joyo37tt65saba

A Verified Architecture for Proofs of Execution on Remote Devices under Full Software Compromise [article]

Ivan De Oliveira Nunes, Karim Eldefrawy, Norrathep Rattanavipanon, Gene Tsudik
2020 arXiv   pre-print
In this paper we answer these questions by designing, proving security of, and formally verifying, VAPE: Verified Architecture for Proofs of Execution.  ...  This prompts the following three questions: (1) How to trust data produced by a simple remote embedded device? and (2) How to ascertain that this data was produced via execution of expected software?  ...  number of valid control flow paths for a given program, and verify a valid response for each.  ... 
arXiv:1908.02444v2 fatcat:ttsnger7sncpjpxoyefhllgvdu

Formally Verified Hardware/Software Co-Design for Remote Attestation [article]

Ivan De Oliveira Nunes, Karim Eldefrawy, Norrathep Rattanavipanon, Michael Steiner, Gene Tsudik
2019 arXiv   pre-print
In this work, we take the first step towards formal verification of Remote Attestation (RA) by designing and verifying an architecture called VRASED: Verifiable Remote Attestation for Simple Embedded Devices  ...  To demonstrate VRASED's practicality and low overhead, we instantiate and evaluate it on a commodity platform (TI MSP430). VRASED's publicly available implementation was deployed on the Basys3 FPGA.  ...  ., RAM and/or flash) of an untrusted remote hardware platform (prover or P rv) by a trusted entity (verifier or V rf).  ... 
arXiv:1811.00175v4 fatcat:rs3go6hbgjculmzg7njlxxkwmq

Verifying security invariants in ExpressOS

Haohui Mai, Edgar Pek, Hui Xue, Samuel Talmadge King, Parthasarathy Madhusudan
2013 Proceedings of the eighteenth international conference on Architectural support for programming languages and operating systems - ASPLOS '13  
In our use of formal methods, we focus solely on proving that our OS implements our security invariants correctly, rather than striving for full functional correctness, requiring significantly less verification  ...  In one test, we ran the same web browser on ExpressOS and on an Android-based system, and found that ExpressOS adds 16% overhead on average to the page load latency time for nine popular web sites.  ...  Acknowledgments We thank Xi Wang, and our anonymous reviewers for their valuable feedback on this paper. We thank Rustan Leino for encouraging us to use Dafny for our verification tasks.  ... 
doi:10.1145/2451116.2451148 dblp:conf/asplos/MaiPXKM13 fatcat:e6sxytmbrbd2dmgs2aq4qb53py

Verifying security invariants in ExpressOS

Haohui Mai, Edgar Pek, Hui Xue, Samuel Talmadge King, Parthasarathy Madhusudan
2013 SIGPLAN notices  
In our use of formal methods, we focus solely on proving that our OS implements our security invariants correctly, rather than striving for full functional correctness, requiring significantly less verification  ...  In one test, we ran the same web browser on ExpressOS and on an Android-based system, and found that ExpressOS adds 16% overhead on average to the page load latency time for nine popular web sites.  ...  Acknowledgments We thank Xi Wang, and our anonymous reviewers for their valuable feedback on this paper. We thank Rustan Leino for encouraging us to use Dafny for our verification tasks.  ... 
doi:10.1145/2499368.2451148 fatcat:e3kqzgbohrf2bbtuirtb6nmngy

Deterministic Executable Models Verified Efficiently at Runtime - An Architecture for Robotic and Embedded Systems

Vladimir Estivill-Castro, René Hexel
2017 Proceedings of the 5th International Conference on Model-Driven Engineering and Software Development  
In this paper, we take matters one step further and describe a uniform modelling and development paradigm for software systems that can monitor the quality of software systems as they execute, set-up,  ...  Our paradigm for modelling behaviour enables efficient execution, validation, simulation, and runtimeverification. The models are executable and efficient because they are compiled (not interpreted).  ...  Thus, monitoring the system while in execution may actually be required, to correct the effects of traces that lead to failure, but were not discovered earlier.  ... 
doi:10.5220/0006116700290040 dblp:conf/modelsward/Estivill-Castro17 fatcat:joomt5h4dzb45dixk2w4me35iy

Deleting Secret Data with Public Verifiability

Feng Hao, Dylan Clarke, Avelino Francisco Zorzo
2016 IEEE Transactions on Dependable and Secure Computing  
., either completely trust or distrust), we introduce a third assumption that sits in between: namely, "trust-but-verify".  ...  Our solution enables a user to verify the correct implementation of two important operations inside a TPM without accessing its source code: i.e., the correct encryption of data and the faithful deletion  ...  Instead of completely trusting the TPM, we adopt a "trust-but-verify" approach.  ... 
doi:10.1109/tdsc.2015.2423684 fatcat:sifrnrmpuzfa3go22epbieqcnu

Verifiable Self-Aware Agent-Based Autonomous Systems

Louise A. Dennis, Michael Fisher
2020 Proceedings of the IEEE  
This article provides an overview not only of how one can construct self-aware autonomous systems, but also of how one can potentially have verifiable, self-aware behavior.  ...  Beyond being a useful abstract concept, agents also provide a practical engineering approach for building the core software in autonomous systems such as robots and vehicles.  ...  Answering 6) requires the agent to monitor its progress toward its goals.  ... 
doi:10.1109/jproc.2020.2991262 fatcat:s27fwtk7bnelrfau66ddp6cbtu

APEX: A Verified Architecture for Proofs of Execution on Remote Devices under Full Software Compromise

Ivan De Oliveira Nunes, Karim Eldefrawy, Norrathep Rattanavipanon, Gene Tsudik
2020 USENIX Security Symposium  
This prompts the following three questions: (1) How to trust data produced, or verify that commands were performed, by a simple remote embedded device?  ...  In this paper we answer these questions by designing, demonstrating security of, and formally verifying, APEX: an Architecture for Provable Execution.  ...  number of valid control flow paths for a given program, and verify a valid response for each.  ... 
dblp:conf/uss/NunesERT20 fatcat:hs4xcyazzbeenjvdh5ladqpzqu

VRASED: A Verified Hardware/Software Co-Design for Remote Attestation

Ivan De Oliveira Nunes, Karim Eldefrawy, Norrathep Rattanavipanon, Michael Steiner, Gene Tsudik
2019 USENIX Security Symposium  
In this work, we take the first step towards formal verification of RA by designing and verifying an architecture called VRASED: Verifiable Remote Attestation for Simple Embedded Devices.  ...  Remote Attestation (RA) is a distinct security service that allows a trusted verifier (V rf) to measure the software state of an untrusted remote prover (P rv).  ...  The authors thank the paper's shepherd, Stephen McCamant, and the anonymous reviewers for their valuable comments.  ... 
dblp:conf/uss/NunesERST19 fatcat:c4pds7wqszcata2jskh2s4og7a
« Previous Showing results 1 — 15 out of 15,986 results