A Unified Formal Model for Proving Security and Reliability Properties

被引：2

作者：

Hu, Wei ^{[1
]}

Wu, Lingjuan ^{[1
,2
]}

Tai, Yu ^{[1
]}

Tan, Jing ^{[1
]}

Zhang, Jiliang ^{[3
,4
]}

机构：

[1] Northwestern Polytech Univ, Sch Cybersecur, Xian 710072, Peoples R China

[2] Huazhong Agr Univ, Coll Informat, Wuhan 430070, Peoples R China

[3] Hunan Univ, Coll Comp Sci & Elect Engn, Changsha 410082, Peoples R China

[4] Peng Cheng Lab, Cyberspace Secur Res Ctr, Shenzheng 518055, Peoples R China

来源：

2020 IEEE 29TH ASIAN TEST SYMPOSIUM (ATS) | 2020年

基金：

中国国家自然科学基金;

关键词：

Taint-propagation; X-propagation; formal model; formal verification; design property; INFORMATION-FLOW TRACKING;

D O I：

10.1109/ats49688.2020.9301533

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

Taint-propagation and X-propagation analyses are important tools for enforcing circuit design properties such as security and reliability. Fundamental to these tools are effective models for accurately measuring the propagation of information and calculating metadata. In this work, we formalize a unified model for reasoning about taint- and X-propagation behaviors and verifying design properties related to these behaviors. Our model are developed from the perspective of information flow and can be described using standard hardware description language (HDL), which allows formal verification of both taint-propagation (i.e., security) and X-propagation (i.e., reliability) related properties using standard electronic design automation (EDA) verification tools. Experimental results show that our formal model can be used to prove both security and reliability properties in order to uncover unintended design flaw, timing channel and intentional malicious undocumented functionality in circuit designs.

引用

页码：30 / 35

页数：6

共 50 条

[41] What are Security Patterns? A Formal Model for Security and Design of Software
Behrens, Anika
13TH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY (ARES 2018), 2019,
[42] Proving security protocols with model checkers by data independence techniques
Roscoe, AW
11TH IEEE COMPUTER SECURITY FOUNDATIONS WORKSHOP - PROCEEDINGS, 1998, : 84 - 95
[43] Towards formal specification of abstract security properties
Mana, Antonio
Pujol, Gimena
ARES 2008: PROCEEDINGS OF THE THIRD INTERNATIONAL CONFERENCE ON AVAILABILITY, SECURITY AND RELIABILITY, 2008, : 80 - +
[44] Research on formal security policy model specification and its formal analysis
Institute of Software, Chinese Academy of Sciences, Beijing 100080, China
不详
不详
Tongxin Xuebao, 2006, 6 (94-101):
[45] A formal method for proving programs correct
Chiang, CC
Neubart, D
2001 IEEE INTERNATIONAL CONFERENCE ON SYSTEMS, MAN, AND CYBERNETICS, VOLS 1-5: E-SYSTEMS AND E-MAN FOR CYBERNETICS IN CYBERSPACE, 2002, : 718 - 723
[46] Formal Verification of Application-Specific Security Properties in a Model-Driven Approach
Moebius, Nina
Stenzel, Kurt
Reif, Wolfgang
ENGINEERING SECURE SOFTWARE AND SYSTEMS, PROCEEDINGS, 2010, 5965 : 166 - 181
[47] A formal model for data storage security evaluation
Bilski, Tomasz
ICCSA 2007: Proceedings of the Fifth International Conference on Computational Science and Applications, 2007, : 253 - 257
[48] A Security Formal Model for Multiple Channels Communication
Fu, Yulong
Yuan, Xinyi
Wang, Ke
Yan, Zheng
Li, Hui
2019 IEEE SMARTWORLD, UBIQUITOUS INTELLIGENCE & COMPUTING, ADVANCED & TRUSTED COMPUTING, SCALABLE COMPUTING & COMMUNICATIONS, CLOUD & BIG DATA COMPUTING, INTERNET OF PEOPLE AND SMART CITY INNOVATION (SMARTWORLD/SCALCOM/UIC/ATC/CBDCOM/IOP/SCI 2019), 2019, : 1425 - 1430
[49] A Formal Model for the Security of Proxy Signature Schemes
GU Chun-xiang
WuhanUniversityJournalofNaturalSciences, 2005, (01) : 275 - 278
[50] A formal specification of the MIDP 2.0 security model
Beguelin, Santiago Zanella
Betarte, Gustavo
Luna, Carlos
FORMAL ASPECTS IN SECURITY AND TRUST, 2007, 4691 : 220 - +

← 1 2 3 4 5 →