A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Filters
Verification of a Practical Hardware Security Architecture Through Static Information Flow Analysis
2017
ACM SIGOPS Operating Systems Review
Preserved Fulltext
In our approach, hardware is developed using a lightweight security-typed hardware description language (HDL) that performs static information flow analysis. ...
We show the practicality of our approach by implementing and verifying a simplified but realistic multi-core prototype of the ARM TrustZone architecture. ...
We show how to use static analysis of information flow to check that the security goals of this architecture are met. ...
doi:10.1145/3093315.3037739
fatcat:oodlt4wftbfqlggzbwgt5lfxdq
Verification of a Practical Hardware Security Architecture Through Static Information Flow Analysis
2017
SIGARCH Computer Architecture News
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
In our approach, hardware is developed using a lightweight security-typed hardware description language (HDL) that performs static information flow analysis. ...
We show the practicality of our approach by implementing and verifying a simplified but realistic multi-core prototype of the ARM TrustZone architecture. ...
We show how to use static analysis of information flow to check that the security goals of this architecture are met. ...
doi:10.1145/3093337.3037739
fatcat:6krhpkwm7rgxffphqlttolbkeu
Verification of a Practical Hardware Security Architecture Through Static Information Flow Analysis
2017
SIGPLAN notices
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
In our approach, hardware is developed using a lightweight security-typed hardware description language (HDL) that performs static information flow analysis. ...
We show the practicality of our approach by implementing and verifying a simplified but realistic multi-core prototype of the ARM TrustZone architecture. ...
We show how to use static analysis of information flow to check that the security goals of this architecture are met. ...
doi:10.1145/3093336.3037739
fatcat:gh34pjg7u5givesjrzib3ohw2e
Verification of a Practical Hardware Security Architecture Through Static Information Flow Analysis
2017
Proceedings of the Twenty-Second International Conference on Architectural Support for Programming Languages and Operating Systems - ASPLOS '17
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
In our approach, hardware is developed using a lightweight security-typed hardware description language (HDL) that performs static information flow analysis. ...
We show the practicality of our approach by implementing and verifying a simplified but realistic multi-core prototype of the ARM TrustZone architecture. ...
We show how to use static analysis of information flow to check that the security goals of this architecture are met. ...
doi:10.1145/3037697.3037739
dblp:conf/asplos/FerraiuoloXZMS17
fatcat:drlwqqelynagbau4wovubnsp2m
Position paper
2013
Proceedings of the Eighth ACM SIGPLAN workshop on Programming languages and analysis for security - PLAS '13
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL.
The file type is application/pdf.
We describe Sapper, a language for creating critical hardware components that have provably secure information flow. ...
Sapper uses a hybrid approach that leverages unique language features and static analysis to determine a set of dynamic checks that are automatically inserted into the hardware design. ...
The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of the ...
doi:10.1145/2465106.2465214
dblp:conf/pldi/0001KOTRKSHC13
fatcat:v5mwy4pquzdj5bjo5564tir4yi
Crafting a usable microkernel, processor, and I/O system with strict and provable information flow security
2011
SIGARCH Computer Architecture News
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
To test the viability of this approach we design, test, and statically verify the information-flow security of a hardware/software system complete with support for unbounded operation, inter-process communication ...
This skeleton couples a critical slice of the low level hardware implementation with a microkernel in a way that allows information flow properties of the entire construction to be statically verified ...
The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of the ...
doi:10.1145/2024723.2000087
fatcat:touo4wpb3zbedmxuwa6hesdlpi
Crafting a usable microkernel, processor, and I/O system with strict and provable information flow security
2011
Proceeding of the 38th annual international symposium on Computer architecture - ISCA '11
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
To test the viability of this approach we design, test, and statically verify the information-flow security of a hardware/software system complete with support for unbounded operation, inter-process communication ...
This skeleton couples a critical slice of the low level hardware implementation with a microkernel in a way that allows information flow properties of the entire construction to be statically verified ...
The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of the ...
doi:10.1145/2000064.2000087
dblp:conf/isca/TiwariOLVLHKCS11
fatcat:n4fu5qhf2zdktmnly66wx4ihli
Secure information flow analysis for hardware design
2010
Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security - PLAS '10
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Language-based information flow analyses can be applied to hardware description languages, but a straight-forward application either conservatively rules out many secure hardware designs, or constrains ...
We demonstrate that choosing the right level of abstraction for the analysis, by working on Finite State Machines instead of the hardware code, allows both precise information flow analysis and high-level ...
Approaches based on program analysis have been proposed to help functional hardware verification, i.e, static analysis [9] and model checking [6] . ...
doi:10.1145/1814217.1814225
dblp:conf/pldi/0001THSC10
fatcat:xmafkdzyz5erbppl5v7cbojita
A high assurance virtualization platform for ARMv8
2016
2016 European Conference on Networks and Communications (EuCNC)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Formal verification at machine code level guarantees information isolation between different guest systems (e.g. OSs) running on the platform. ...
Besides the hypervisor, a secure boot component is included and verified to ensure system integrity. ...
Parts of the verification work are supported by a framework grant from the Swedish Foundation for Strategic Research. ...
doi:10.1109/eucnc.2016.7561034
dblp:conf/eucnc/BaumannNGST16
fatcat:ntvwca4gefb4tbreqetcyxuj5u
Dynamic Information Flow Tracking: Taxonomy, Challenges, and Opportunities
2021
Micromachines
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
Based on the analysis, we classify the existing solutions into three categories, i.e., software, hardware, software and hardware co-design. ...
Dynamic information flow tracking (DIFT) has been proven an effective technique to track data usage; prevent control data attacks and non-control data attacks at runtime; and analyze program performance ...
In addition to software-based DIFT design, Ferraiuolo et al. in [14] verified practical security architecture through static information flow analysis. ...
doi:10.3390/mi12080898
fatcat:zfkiddrjvbfjli7ht6x5jgyp7q
A multi-flow information flow tracking approach for proving quantitative hardware security properties
2021
Tsinghua Science and Technology
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Experimental results show that our method can be used to prove a new type of information flow security property with verification performance benefits. ...
a small amount of information flows to enable desirable interactions. ...
Caisson [18] is a novel Hardware Description Language (HDL) with a static type system dedicated to security analysis. ...
doi:10.26599/tst.2019.9010042
fatcat:k6unmub46rcqhitpadnxg2reru
On the Complexity of Generating Gate Level Information Flow Tracking Logic
2012
IEEE Transactions on Information Forensics and Security
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2012; you can also visit the original URL.
The file type is application/pdf.
Recently, gate level information flow tracking (GLIFT) has been proposed to verify information flow security at the level of Boolean gates. ...
Index Terms-Algorithm design and analysis, Boolean functions, computational complexity, gate level information flow tracking, information security. ...
ACKNOWLEDGMENT The authors would like to thank the reviewers for their valuable feedback, which was of great help in improving this paper. ...
doi:10.1109/tifs.2012.2189105
fatcat:qx4hz5m4vra7dex2zxoippiphm
Hardware supported Software and Control Flow Integrity
2017
Zenodo
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
This includes developing the first known Control Flow Integrity architecture based on instruction-set randomisation, that also enforces software integrity through modifications to a processor. ...
The main contributions of this thesis are two-fold. First, we analyse existing hardware-based Control Flow Integrity (CFI) architectures. ...
A major problem is that high-security CFI, aka fine-grained CFI, relies on a CFG which is generated through static analysis. ...
doi:10.5281/zenodo.2643373
fatcat:3elmla7my5fa5jyeti73b7pnkm
Analysis of three multilevel security architectures
2007
Proceedings of the 2007 ACM workshop on Computer security architecture - CSAW '07
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
This paper provides an analysis of the relative merits of three architectural types -one based on a security kernel, another based on a traditional separation kernel, and a third based on a least-privilege ...
Various system architectures have been proposed for high assurance enforcement of multilevel security. ...
Verification of Configuration Data Verification of configuration data in PK-based architectures is a significant concern, as this data determines the system's security policy. ...
doi:10.1145/1314466.1314473
dblp:conf/ccs/LevinIWN07
fatcat:pvyu3olitnc5bp7rfstjauujwq
PRIMA
2006
Proceedings of the eleventh ACM symposium on Access control models and technologies - SACMAT '06
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2007; you can also visit the original URL.
The file type is application/pdf.
The recent availability of secure hardware has made it practical for a system to measure its own integrity, such that it can generate an integrity proof for remote parties. ...
A PRIMA prototype has been built based on the open-source Linux Integrity Measurement Architecture (IMA) using SELinux policies to provide the information flow. ...
CW-Lite is a pared-down version of Clark-Wilson integrity that relaxes its formal verification requirement and uses the system security policy's implied information flows to reduce requirements on trusted ...
doi:10.1145/1133058.1133063
dblp:conf/sacmat/JaegerSS06
fatcat:77fzik5uufanfphs2guctu6phi
« Previous
Showing results 1 — 15 out of 9,983 results