db4sil2 kernel assurance data for sil2linuxmp
play

DB4SIL2 - Kernel assurance data for SIL2LinuxMP OpenTech Andreas - PowerPoint PPT Presentation

Jan 03, 2023 •2.4k likes •2.81k views

DB4SIL2 - Kernel assurance data for SIL2LinuxMP OpenTech Andreas Platschek < andreas.platschek@opentech.at > May 11, 2016 Andreas Platschek (OpenTech) c December 1, 2016 1 / 30 Independence of Layers of LOPA Protection

  1. DB4SIL2 - Kernel assurance data for SIL2LinuxMP OpenTech Andreas Platschek < andreas.platschek@opentech.at > May 11, 2016 � Andreas Platschek (OpenTech) c December 1, 2016 1 / 30

  2. Independence of Layers of LOPA Protection Independence Analysis Data NCC callgraph data Path Path Comparision Coverage trace .cfg Data data Aquisition Consecutive Independence Path of consecutive Analysis calls timing data List of test- executables Other analysis tools used to extract di ✁ ernt kind of data meta will be added here over time. data Inherent Inherent Diversity Diversity Analysis Data testexec N ...... ftrace tracing testexec 3 data con ✂ g testexec 2 testexec 1 � Andreas Platschek (OpenTech) c December 1, 2016 2 / 30

  3. SIL4LinuxDB Student project at DSLab, Lanzhou University Uses ftrace and gcov for kernel tracing Automated by means of python scripts Input restricted to openposix-testsuite-1.52 (latest) Running on Linux 4.1 voluntary, preemptive, PREEMPT RT 100HZ, 1000HZ � Andreas Platschek (OpenTech) c December 1, 2016 3 / 30

  4. DB4SIL2 Re-Implementation of backend Uses ftrace for kernel tracing (at the moment no gcov) Tests better configurable (posix test-suite, LTP, etc.) Designed for use on embedded targets, with post-processing on a server. Meta-Data is kept test that performed this syscall trace position of asynchronous events (interrupts, page faults, etc.) � Andreas Platschek (OpenTech) c December 1, 2016 4 / 30

  5. ftrace Internal tracer of the Linux Kernel. ftrace can trace Kernel functions Latencies (IRQs on/off, preemption, scheduling, etc.) Events (hundreds of static event points in the kernel) ... SYSCALLS � Andreas Platschek (OpenTech) c December 1, 2016 5 / 30

  6. DB4SIL2 Principle configure ftrace to trace system calls fork() a new process Configure ftrace to trace the new processes PID Start ftrace exec() the test Stop ftrace Store the trace Signal post-processing part to do its job on the trace � Andreas Platschek (OpenTech) c December 1, 2016 6 / 30

  7. Per-Test Metadata /home/andi/project/posixtestsuite/conformance/interfaces/sigdelset/1-4.test CALLSTART:1-4.tes-18753:156:SyS_mmap() CALLEND:1-4.tes-18753:342:1f65d059d567679f76dfdb4ae297b4f9 CALLSTART:1-4.tes-18753:1085:SyS_access() CALLEND:1-4.tes-18753:1154:0e8295ee790df45d12d93c9a82e038c3 CALLSTART:1-4.tes-18753:1155:SyS_open() ASYNCSTART:1407, smp_reschedule_interrupt() ASYNCEND:1409 CALLEND:1-4.tes-18753:1560:3bce71a2da4d26eac1d41a2448a83750 CALLSTART:1-4.tes-18753:1561:SyS_read() CALLEND:1-4.tes-18753:1600:474a8b4ed6cff638a4a47d7c93581991 CALLSTART:1-4.tes-18753:1652:SyS_mmap() CALLEND:1-4.tes-18753:1726:e4e8a3af87cd057615669ed8247de76d CALLSTART:1-4.tes-18753:1840:SyS_mmap() CALLEND:1-4.tes-18753:2044:e5140607342f88b02bd32e4fb4945992 CALLSTART:1-4.tes-18753:2212:SyS_mmap() CALLEND:1-4.tes-18753:2365:2c9b2d82941ad9df6ada92fe56572215 CALLSTART:1-4.tes-18753:3330:SyS_mmap() CALLEND:1-4.tes-18753:3387:26087860ce47d7beb5d05cdbfaece99a CALLSTART:1-4.tes-18753:3511:SyS_mmap() CALLEND:1-4.tes-18753:3568:26087860ce47d7beb5d05cdbfaece99a � Andreas Platschek (OpenTech) c December 1, 2016 7 / 30 CALLSTART:1-4.tes-18753:3691:SyS_mmap()

  8. Tracing Data SyS_lseek() __fdget_pos() __fget_light() btrfs_file_llseek [btrfs]() _mutex_lock() rt_mutex_lock() generic_file_llseek() generic_file_llseek_size() migrate_disable() preempt_count_add() pin_current_cpu() preempt_count_sub() rt_spin_lock() rt_spin_unlock() migrate_enable() preempt_count_add() unpin_current_cpu() preempt_count_sub() _mutex_unlock() rt_mutex_unlock() � Andreas Platschek (OpenTech) c December 1, 2016 8 / 30

  9. Metadata /home/andi/project/posixtestsuite/conformance/interfaces/shm_open/26-2.test ASYNCSTART:587, __do_page_fault() ASYNCEND:664 � Andreas Platschek (OpenTech) c December 1, 2016 9 / 30

  10. Path Comparison Static Code DB4SIL2 Analysis List of functions List of functions called by every that may be function during called by every tests. function. T est coverage based on calls Comparison between functions. � Andreas Platschek (OpenTech) c December 1, 2016 10 / 30

  12. Comparison CFG ⇔ Trace � Andreas Platschek (OpenTech) c December 1, 2016 12 / 30

  13. Comparison CFG ⇔ Trace � Andreas Platschek (OpenTech) c December 1, 2016 13 / 30

  14. Comparison CFG ⇔ Trace � Andreas Platschek (OpenTech) c December 1, 2016 14 / 30

  15. Comparison CFG ⇔ Trace � Andreas Platschek (OpenTech) c December 1, 2016 15 / 30

  16. Comparison CFG ⇔ Trace � Andreas Platschek (OpenTech) c December 1, 2016 16 / 30

  17. Hardened NooM Container SIL2LinuxMP base system SIL 2 SIL 2 Safety app. Safety app. Monitoring 32bit FP 64bit INT SIL 0 busybox glibc 32bit glibc 64bit Debian Container seccomp seccomp glibc CPU 1 CPU 2 CPU 3 CPU 0 RAMbank n+1..m RAMbank i+1..j RAMbank 0..n RAMbank m+1..i � Andreas Platschek (OpenTech) c December 1, 2016 17 / 30

  18. Independence of Layers How to perform LOPA and show INDEPENDENCE of those different protection layers? � Andreas Platschek (OpenTech) c December 1, 2016 18 / 30

  19. Independence of Layers How to perform LOPA and show INDEPENDENCE of those different protection layers? Static code analysis Development data � Andreas Platschek (OpenTech) c December 1, 2016 18 / 30

  20. Static Code Analysis Analyze functions called by subsystems (callgraphs) Find and analyze overlaps in callgraphs � Andreas Platschek (OpenTech) c December 1, 2016 19 / 30

  21. Intersection of Configurations Basecon ✁ g+Seccomp (SEC) Basecon ✁ g (BASE) � Andreas Platschek (OpenTech) c December 1, 2016 20 / 30

  22. Intersection outside of Baseconfig Basecon ✁ g+Seccomp (SEC) Basecon ✁ g (BASE) (SEC ✂ CGR) \ BASE = ∅ Basecon ✁ g+CGROUPS (CGR) � Andreas Platschek (OpenTech) c December 1, 2016 21 / 30

  23. Intersection in Baseconfig Basecon ✁ g � Andreas Platschek (OpenTech) c December 1, 2016 22 / 30

  24. Analysis of Subsystems funcs_base_both RCU f3 new_funcs_base_both atomic � Andreas Platschek (OpenTech) c December 1, 2016 23 / 30

  25. Preliminary Results baseconfig: 20829 baseconfig+seccomp: 21401 seccomp: 572 baseconfig+cgroups: 21120 cgoups: 679 both_not_in_baseconfig: 0 funcs_base: 13792 funcs_base_seccomp: 7131 funcs_base_cgroups: 7391 funcs_base_both: 6665 rcu_funcs: 6511 atomic_funcs: 294 new_funcs_base_both: 185 � Andreas Platschek (OpenTech) c December 1, 2016 24 / 30

  26. seccomp developers 384 Kees Cook 255 Will Drewry 192 Andy Lutomirski 54 Linus Torvalds 52 Daniel Borkmann 52 Alexei Starovoitov 48 David Howells 30 AKASHI Takahiro 26 Andrea Arcangeli 5 Guenter Roeck 2 Thomas Gleixner 2 Roland McGrath 2 Ralf Baechle 2 Fabian Frederick 2 Eric Paris � Andreas Platschek (OpenTech) c December 1, 2016 25 / 30

  27. cgroup developers 1079 Paul Menage 11 Mike Galbraith 2 Diego Calleja 505 Aristeu Rozanski 10 Hugh Dickins 2 Aneesh Kumar K.V 361 Li Zefan 10 Gao feng 2 Andrew Morton 258 Serge E. Hallyn 9 Greg Kroah-Hartman 2 Alexey Perevalov 211 Ben Blum 8 Gui Jianfeng 2 Alexey Dobriyan 203 Daniel Borkmann 7 Michael S. Tsirkin 1 stephen hemminger 178 KAMEZAWA Hiroyuki 7 Jiri Slaby 1 WANG Cong 149 Neil Horman 7 Jens Axboe 1 SeongJae Park 119 Vivek Goyal 7 Eric W. Biederman 1 Sasha Levin 116 Balbir Singh 7 Daniel Wagner 1 Paul Gortmaker 106 Matt Helsley 6 Lai Jiangshan 1 Paul E. McKenney 59 Zefan Li 6 Jianyu Zhan 1 Oleg Nesterov 54 Daniel Lezcano 5 Srivatsa Vaddagiri 1 Lucas De Marchi 38 Mandeep Singh Baines 5 Jun’ichi Nomura 1 Jiri Pirko 36 Johannes Weiner 5 Alban Crequy 1 Jesper Juhl 33 Herbert Xu 4 Thadeu Lima de Souza Cascardo 1 H Hartley Sweeten 27 Al Viro 4 Kirill A. Shutemov 1 Fabian Frederick 21 Bob Liu 4 Anjana V Kumar 1 Eric Dumazet 19 Peter Zijlstra 3 Thomas Graf 1 Bart Van Assche 19 Daisuke Nishimura 3 Frederic Weisbecker 1 Bandan Das 17 Joe Perches 3 David Howells 1 Arun Sharma 17 Divyesh Shah 3 Dan Carpenter 1 Adrian Bunk 16 Pavel Emelyanov 2 eparis@redhat 14 Namhyung Kim 2 Wanpeng Li 13 John Fastabend 2 Stephen Rothwell 13 Cliff Wickman 2 Sridhar Samudrala 12 Stephane Eranian 2 Linus Torvalds 12 Jerry Snitselaar 2 Jaswinder Singh Rajput 11 Vladimir Davydov 2 Dongsheng Yang � Andreas Platschek (OpenTech) c December 1, 2016 26 / 30

  28. Overlap SECCOMP | CGROUPS -----------------------+--------------------------- 54 Linus Torvalds | 2 Linus Torvalds 52 Daniel Borkmann | 203 Daniel Borkmann 48 David Howells | 3 David Howells 2 Fabian Frederick | 1 Fabian Frederick � Andreas Platschek (OpenTech) c December 1, 2016 27 / 30

  29. Questions? Ask now, or e-mail me later! Andreas Platschek < andreas.platschek@opentech.at > � Andreas Platschek (OpenTech) c December 1, 2016 28 / 30

  30. � Andreas Platschek (OpenTech) c December 1, 2016 29 / 30

  31. � Andreas Platschek (OpenTech) c December 1, 2016 30 / 30

Recommend

Census Data Quality Assurance 17 May 2010 Types of Quality Assurance (QA) Quality assurance of

Census Data Quality Assurance 17 May 2010 Types of Quality Assurance (QA) Quality assurance of

Census Data Quality Assurance 17 May 2010 Types of Quality Assurance (QA) Quality assurance of captured and coded data Quality assurance of downstream processes (including data security and integrity) Quality assurance of population counts,

129 views • 12 slides
Muen - An x86/64 Separation Kernel for High Assurance Reto Buerki Adrian-Ken Rueegsegger

Muen - An x86/64 Separation Kernel for High Assurance Reto Buerki Adrian-Ken Rueegsegger

Outline Introduction Implementation Analysis Conclusion Muen - An x86/64 Separation Kernel for High Assurance Reto Buerki Adrian-Ken Rueegsegger Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil

784 views • 27 slides
Learning From Data Lecture 25 The Kernel Trick Learning with only inner products The Kernel M.

Learning From Data Lecture 25 The Kernel Trick Learning with only inner products The Kernel M.

Learning From Data Lecture 25 The Kernel Trick Learning with only inner products The Kernel M. Magdon-Ismail CSCI 4100/6100 recap: Large Margin is Better Controling Overfitting Non-Separable Data 0.08 random hyperplane 2 w t w + C N E

576 views • 18 slides
Data Assurance in Opaque Computations High Assurance Systems Engineering Guy Haworth

Data Assurance in Opaque Computations High Assurance Systems Engineering Guy Haworth

Data Assurance in Opaque Computations High Assurance Systems Engineering Guy Haworth guy.haworth@bnc.oxon.org 1 Data Assurance - ACG12, 2009-05-11 Topics Motivation Systems Engineering Cycle Definition: the Problem Domain and the

824 views • 27 slides
Separation Kernel Protection Profile Revisited: Choices and Rationale Layered Assurance Workshop

Separation Kernel Protection Profile Revisited: Choices and Rationale Layered Assurance Workshop

Separation Kernel Protection Profile Revisited: Choices and Rationale Layered Assurance Workshop 2010 Austin, Texas Timothy Levin, Thuy Nguyen, Cynthia Irvine, Michael McEvilley LAW 2010 Overview Purpose Help users of SKPP understand

383 views • 17 slides
Discussion of Statistical Methods for SIL2LinuxMP Nicholas Mc Guire &lt; safety@osadl.org &gt;

Discussion of Statistical Methods for SIL2LinuxMP Nicholas Mc Guire &lt; safety@osadl.org &gt;

Discussion of Statistical Methods for SIL2LinuxMP Nicholas Mc Guire &lt; safety@osadl.org &gt; July 14, 2016 Outline Discussion of Statistical Methods for SIL2LinuxMP Nicholas Mc Introdution Guire &lt; safety@osadl.o Overall approach to

1.57k views • 68 slides
1 CPU Events: Interrupts and Exceptions CPU Events: Interrupts and Exceptions Protecting Entry

1 CPU Events: Interrupts and Exceptions CPU Events: Interrupts and Exceptions Protecting Entry

Processes and the Kernel Processes and the Kernel The kernel sets processes up process in private data data execution Processes, Protection and the Kernel: Processes, Protection and the Kernel: virtual contexts to address

540 views • 9 slides
SeeTest Quality Assurance platform SaaS Digital Assurance Lab SaaS Digital Assurance Lab Access

SeeTest Quality Assurance platform SaaS Digital Assurance Lab SaaS Digital Assurance Lab Access

SeeTest Quality Assurance platform SaaS Digital Assurance Lab SaaS Digital Assurance Lab Access hundreds of browsers &amp; mobile devices (physical/emulated) Hosted in Experitest data centers, from anywhere at anytime Run your tests across

288 views • 18 slides
Learning From Data Lecture 26 Kernel Machines Popular Kernels The Kernel Measures Similarity

Learning From Data Lecture 26 Kernel Machines Popular Kernels The Kernel Measures Similarity

Learning From Data Lecture 26 Kernel Machines Popular Kernels The Kernel Measures Similarity Kernels in Different Applications M. Magdon-Ismail CSCI 4100/6100 recap: The Kernel Allows Us to Bypass Z -space Solve the QP 1

356 views • 12 slides
Kernel Implementations III 8 February 2019 OSU CSE 1 Implementing a Kernel Class From the

Kernel Implementations III 8 February 2019 OSU CSE 1 Implementing a Kernel Class From the

Kernel Implementations III 8 February 2019 OSU CSE 1 Implementing a Kernel Class From the examples so far, you should see there are two major questions to address: Q1 : What data representation (a.k.a. data structure ) should be used

474 views • 44 slides
GNU/Linux for safety-related systems - SIL2LinuxMP Nicholas Mc Guire &lt; safety@osadl.org &gt;

GNU/Linux for safety-related systems - SIL2LinuxMP Nicholas Mc Guire &lt; safety@osadl.org &gt;

GNU/Linux for safety-related systems - SIL2LinuxMP Nicholas Mc Guire &lt; safety@osadl.org &gt; January 28, 2016 Outline GNU/Linux for safety-related systems - SIL2LinuxMP Nicholas Mc Guire &lt; safety@osadl.o Context Outline Process

369 views • 15 slides
MATERIALS AND TESTING QUALITY ASSURANCE QUALITY ASSURANCE What is Quality Assurance? Why

MATERIALS AND TESTING QUALITY ASSURANCE QUALITY ASSURANCE What is Quality Assurance? Why

Luanna Cambas, P.E. LADOTD District 02 Lab Engineer Jason Davis, P.E. LADOTD Field Quality Assurance Administrator MATERIALS AND TESTING QUALITY ASSURANCE QUALITY ASSURANCE What is Quality Assurance? Why needed? Sampling &amp;

1.01k views • 63 slides
SIL2LinuxMP Linux Qualification - Process Overview Nicholas Mc Guire &lt; safety@osadl.org &gt;

SIL2LinuxMP Linux Qualification - Process Overview Nicholas Mc Guire &lt; safety@osadl.org &gt;

SIL2LinuxMP Linux Qualification - Process Overview Nicholas Mc Guire &lt; safety@osadl.org &gt; January 25, 2016 Outline SIL2LinuxMP Linux Qualification - Process Overview Nicholas Mc Guire &lt; safety@osadl.o Context Outline Process

642 views • 10 slides
Appendix C: Quality Assurance Process PowerPoint Slides C-2 Appendix C: Quality Assurance Process

Appendix C: Quality Assurance Process PowerPoint Slides C-2 Appendix C: Quality Assurance Process

Appendix C: Quality Assurance Process Slides Description The Quality Assurance for Tuberculosis Surveillance Data: A Guide and Toolkit is accompanied by a PowerPoint slide set for use in presentations and training programs. Images of the

474 views • 18 slides
Kernel Properties - Convexity Leila Wehbe October 1st 2013 Leila Wehbe Kernel Properties -

Kernel Properties - Convexity Leila Wehbe October 1st 2013 Leila Wehbe Kernel Properties -

Kernel Properties Kernel Properties - Convexity Leila Wehbe October 1st 2013 Leila Wehbe Kernel Properties - Convexity Kernel Properties Kernel Properties data is not linearly separable ! use feature vector of the data ( x ) in another

807 views • 37 slides
Considerations of Data Quality Assurance Framework Sue Gordon | Acting Chief Executive Hangzhou

Considerations of Data Quality Assurance Framework Sue Gordon | Acting Chief Executive Hangzhou

Considerations of Data Quality Assurance Framework Sue Gordon | Acting Chief Executive Hangzhou Forum on UN GGIM, 24-25 May 2012 Content NZ general background Who is LINZ? NZ strategic context &amp; data quality assurance framework

196 views • 18 slides
Introduction (1 of 2) Performance and Extension of Developing in-kernel file systems

Introduction (1 of 2) Performance and Extension of Developing in-kernel file systems

4/15/2014 Introduction (1 of 2) Performance and Extension of Developing in-kernel file systems challenging User Space File Understand and deal with kernel code and data structures Steep learning curve for kernel development Aditya

352 views • 11 slides
Processes, Protection and the Kernel: Processes, Protection and the Kernel: Mode, Space, and

Processes, Protection and the Kernel: Processes, Protection and the Kernel: Mode, Space, and

Processes, Protection and the Kernel: Processes, Protection and the Kernel: Mode, Space, and Context Mode, Space, and Context Processes and the Kernel Processes and the Kernel The kernel sets processes up process in private data data

614 views • 50 slides
Session 13 INFM 603 Bugs, process, assurance Software assurance: quality assurance for

Session 13 INFM 603 Bugs, process, assurance Software assurance: quality assurance for

Software Assurance Session 13 INFM 603 Bugs, process, assurance Software assurance: quality assurance for software Particularly assurance of security Bad (buggy, insecure software) comes not from discrete, unpredictable,

561 views • 18 slides
SeeTest Quality Assurance Platform On-premise Digital Assurance Lab On-premise Digital Assurance

SeeTest Quality Assurance Platform On-premise Digital Assurance Lab On-premise Digital Assurance

SeeTest Quality Assurance Platform On-premise Digital Assurance Lab On-premise Digital Assurance Lab Centrally manage browsers &amp; mobile devices (physical/emulated), and allow your team to remotely access them from anywhere at anytime Run

534 views • 17 slides
Tight Kernel Query Complexity of Kernel Ridge Regression and Kernel -means Clustering Manuel

Tight Kernel Query Complexity of Kernel Ridge Regression and Kernel -means Clustering Manuel

Tight Kernel Query Complexity of Kernel Ridge Regression and Kernel -means Clustering Manuel Fernndez V, David P. Woodruff, Taisuke Yasuda Kernel Method Many machine learning tasks can be expressed as a function of the inner product

389 views • 22 slides
1 Kernel methods &amp; optimization One example of a kernel that is frequently used in practice

1 Kernel methods &amp; optimization One example of a kernel that is frequently used in practice

Machine Learning Class Notes 9-25-12 Prof. David Sontag 1 Kernel methods &amp; optimization One example of a kernel that is frequently used in practice and which allows for highly non-linear discriminant functions is the Gaussian kernel,

241 views • 5 slides
An ensemble-based kernel le learning framework to handle data assimilation problems wit ith im

An ensemble-based kernel le learning framework to handle data assimilation problems wit ith im

An ensemble-based kernel le learning framework to handle data assimilation problems wit ith im imperfect forw rward simulators Xiaodong Luo, NORCE Outline Background and motivation An ensemble-based kernel algorithm for supervised

515 views • 35 slides
Enforcing Kernel Security Invariants with Data Flow Integrity Chengyu Song , ByoungyoungLee,

Enforcing Kernel Security Invariants with Data Flow Integrity Chengyu Song , ByoungyoungLee,

Enforcing Kernel Security Invariants with Data Flow Integrity Chengyu Song , ByoungyoungLee, Kangjie Lu, William Harris, Taesoo Kim, Wenke Lee Institute for Information Security &amp; Privacy Georgia Tech Kernel Memory Corruption Vulnerability

493 views • 24 slides

More recommend