List of ways to find side channels in hardware/software 1
a guest Jan 8th, 2018 702 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
- Prior Work in Finding Information-Flow Violations in Hardware and/or Software (Jan 2018)
- I'm throwing this list together for anyone curious about how people are tackling these issues in CompSci and/or industry. Didn't have much time for revision. So, hopefully there's not much redundancy or something off-topic in here. A few are definitely good: I read them a few times starting when they were published. They're really getting to the fundamentals with some of this stuff plus creating tight integration between what's stated about hardware and software.
- Here's a commercialized one:
- Formal verification of specs, microcode, and security policy they hold in ACL2. Part of that is embedding a separation kernel a la MILS or SKPP model. It also has triplicated registers for fault-tolerance. Then, they integrate high-level languages like SPARK and microCryptol with that using certified compilers or equivalence checking.
- Here's some examples from CompSci work:
- Just also found a super-old one that tries to do it with capability-based mechanisms.
- Most hardware work in information-flow analysis and control is currently focused on making hardware that controls bad software. I don't think most of them consider a CPU failure. If anything, they might be more vulnerable from a practical strategy of trying to reuse existing cores by making info-flow components that operate side-by-side with them. Here's an example from that area, though, since they could be modified to address recent concerns.
- Nick P.
- Security Engineer/Researcher
- (High-assurance focus)
RAW Paste Data