SpecCert: Specifying and Verifying Hardware-Based Security Enforcement

被引：3

作者：

Letan, Thomas ^{[1
,2
]}

Chifflier, Pierre ^{[1
]}

Hiet, Guillaume ^{[2
]}

Neron, Pierre ^{[1
]}

Morin, Benjamin ^{[1
]}

机构：

[1] French Network Informat Secur Agcy ANSSI, Paris, France

[2] Cent Supelec, IRISA, CIDRE Inria, Rennes, France

来源：

FM 2016: FORMAL METHODS | 2016年 / 9995卷

关键词：

D O I：

10.1007/978-3-319-48989-6_30

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

Over time, hardware designs have constantly grown in complexity and modern platforms involve multiple interconnected hardware components. During the last decade, several vulnerability disclosures have proven that trust in hardware can be misplaced. In this article, we give a formal definition of Hardware-based Security Enforcement (HSE) mechanisms, a class of security enforcement mechanisms such that a software component relies on the underlying hardware platform to enforce a security policy. We then model a subset of a x86-based hardware platform specifications and we prove the soundness of a realistic HSE mechanism within this model using Coq, a proof assistant system.

引用

页码：496 / 512

页数：17

共 27 条

[21]

Makris Y., 2015, TECHNICAL REPORT

[22] RockSalt: Better, Faster, Stronger SFI for the x86 [J].

Morrisett, Greg ;

Tan, Gang ;

Tassarotti, Joseph ;

Tristan, Jean-Baptiste ;

Gan, Edward .

ACM SIGPLAN NOTICES, 2012, 47 (06) :395-404

[23]

Rutkowska J., 2008, Blackhat Briefings USA

[24]

Schneider F. B., 2000, ACM Transactions on Information and Systems Security, V3, P30, DOI 10.1145/353323.353382

[25] x86-TSO: A Rigorous and Usable Programmer's Model for x86 Multiprocessors [J].

Sewell, Peter ;

Sarkar, Susmit ;

Owens, Scott ;

Nardelli, Francesco Zappa ;

Myreen, Magnus O. .

COMMUNICATIONS OF THE ACM, 2010, 53 (07) :89-97

[26]

Wojtczuk R., 2009, Attacking SMM Memory via Intel CPU Cache Poisoning

[27]

Wojtczuk R., 2009, BLACK HAT DC C FEBR

← 1 2 3 →