formal verification of an open source secure enclave
play

Formal Verification of an Open-Source Secure Enclave Pranav - PowerPoint PPT Presentation

Oct 24, 2023 •331 likes •446 views

Formal Verification of an Open-Source Secure Enclave Pranav Gaddamadugu pranavsaig@berkeley.edu Problem Definition Verifying hyperproperties about the Keystone Security monitor Secure Remote Execution (SRE) : a 2-safety hyperproperty

  1. Formal Verification of an Open-Source Secure Enclave Pranav Gaddamadugu pranavsaig@berkeley.edu

  2. Problem Definition ● Verifying hyperproperties about the Keystone Security monitor ● Secure Remote Execution (SRE) : a 2-safety hyperproperty that can be decomposed into guarantees on: ○ Integrity ○ Confidentiality ○ Measurement Previous models assume a fixed implementation of a TEE, our work ● allows for easy compositional verification of various hardware components and Keystone plugins

  3. Prior Work ● ‘A Formal Foundation for Secure Remote Execution of Enclaves’ ○ Subramanyan, Sinha, et al. at CCS ‘17 ● Introduces a model of a Trusted Abstract Platform (TAP) ● Defines three separate adversary models: M, MC, MCP ○ ● Proves SRE for Intel SGX and MIT Sanctum

  4. Proof Methodology ● Show that TAP guarantees SRE under the three adversary models ● Show that models of SGX and Sanctum are refinements of the TAP model under specific adversarial parameters

  5. Redesigning the Model for Modular Verification ● Translated TAP model from Boogie to UCLID5 ○ Toolkit for formal specification and verification of compositional systems ○ Suited for reasoning about the composition of Keystone and additional plugins ○ Future work on automatic invariant generation ● Extensions to UCLID5 ○ Support for modular procedure-level verification, additional features for easier programmability, modifications to proof techniques

  6. Extending the Model ● Extension of the adversary model to physical attackers ○ Enclave platforms also provide guarantees ‘physical attackers’ ○ We define a physical attackers as ‘an adversary with the capability to observe or tamper with any signal leaving the chip package’ ○ Involves the addition of an abstract memory encryption engine, as well as a semantic embedding of ciphertext and plaintext

  7. TAP Model Design

  8. Keystone Model and Augmentation

  9. Future Work ● Write the Abstract MEE model and augment proofs to show that TAP+MEE provides SRE under a physical adversary ○ Refinement proof (once Memory Encryption is added to Keystone) ● Exploring automatic invariant generation Implementing a native SyGuS solver in UCLID5 ○ ○ Generating invariants based off of TAP and Keystone model sketches

  10. Thank you! Any questions?

Recommend

Bringing Memory-Safety to Keystone Enclave Mingshen Sun Baidu X-Lab Open-Source Enclaves Workshop

Bringing Memory-Safety to Keystone Enclave Mingshen Sun Baidu X-Lab Open-Source Enclaves Workshop

Bringing Memory-Safety to Keystone Enclave Mingshen Sun Baidu X-Lab Open-Source Enclaves Workshop (OSEW 2019) Berkeley, July 2019 https://mesatee.org Rust and Keystone Enclave Open-Source Enclave (RISC-V Hardware/Keystone Enclave) :

662 views • 32 slides
Disentangle Secure-Enclave Hardware from Software Andrew Ferraiuolo, Andrew Baumann, Chris

Disentangle Secure-Enclave Hardware from Software Andrew Ferraiuolo, Andrew Baumann, Chris

Komodo: Using Verification to Disentangle Secure-Enclave Hardware from Software Andrew Ferraiuolo, Andrew Baumann, Chris Hawblitzel, Bryan Parno* Microsoft Research, Cornell University, Carnegie Mellon University* 1 Secure Remote

356 views • 21 slides
Applications of formal verification for secure Cloud environments at CEA LIST Nikolai Kosmatov

Applications of formal verification for secure Cloud environments at CEA LIST Nikolai Kosmatov

Applications of formal verification for secure Cloud environments at CEA LIST Nikolai Kosmatov joint work with A.Blanchard, F.Bobot, M.Lemerre,. . . SEC2, Lille, June 30 th , 2015 N. Kosmatov (CEA LIST) Formal Verification for secure Cloud

597 views • 37 slides
Open Source Hardware Verification A survey and suggestions for future work Ben Marshall

Open Source Hardware Verification A survey and suggestions for future work Ben Marshall

29th March 2019 Open Source Hardware Verification A survey and suggestions for future work Ben Marshall University of Bristol Computer Science Department Open Source Hardware Verification Outline Open Source Hardware Verification 2019-03-07

189 views • 6 slides
Verifying enclave systems with Serval Luke Nelson w/ James Bornholt, Ronghui Gu, Andrew Baumann,

Verifying enclave systems with Serval Luke Nelson w/ James Bornholt, Ronghui Gu, Andrew Baumann,

Open Source Enclave Workshop July 2019 Berkeley, CA Verifying enclave systems with Serval Luke Nelson w/ James Bornholt, Ronghui Gu, Andrew Baumann, Emina Torlak, Xi Wang University of Washington, Columbia University, Microsoft Research 1

435 views • 14 slides
Open Source HDL Synthesis and Verification with Yosys Clifford Wolf Abstract Yosys (Yosys Open

Open Source HDL Synthesis and Verification with Yosys Clifford Wolf Abstract Yosys (Yosys Open

Open Source HDL Synthesis and Verification with Yosys Clifford Wolf Abstract Yosys (Yosys Open Synthesis Suite) is an open source project aiming at creating a fully-featured HDL synthesis tool, and more. Lately a lot of features related to

302 views • 28 slides
Open Source Hardware Verification A survey and suggestions for future work Ben Marshall

Open Source Hardware Verification A survey and suggestions for future work Ben Marshall

29th March 2019 Open Source Hardware Verification A survey and suggestions for future work Ben Marshall University of Bristol Computer Science Department Open Source Hardware Verification 29th March 2019 Outline Introduction & Motivation

958 views • 17 slides
Model-Checking Acknowledgment Formal Verification Formal verification means to apply

Model-Checking Acknowledgment Formal Verification Formal verification means to apply

Model-Checking Acknowledgment Formal Verification Formal verification means to apply mathematical arguments to prove the correctness of systems Systems have bugs Formal verification aims to find and correct such bugs Why? Computer systems

1.42k views • 122 slides
Formal Verification and Computer Architecture A Validated Formal Model of the x86 ISA for

Formal Verification and Computer Architecture A Validated Formal Model of the x86 ISA for

Formal Verification and Computer Architecture A Validated Formal Model of the x86 ISA for Analyzing Computing Systems Shilpi Goel shilpi@centtech.com Formal Verification Engineer Centaur Technology, Inc. Software and Reliability Can we rely

1.14k views • 78 slides
Formal Hardware Verification: getting started Mary Sheeran Making Formal Verification work Aim

Formal Hardware Verification: getting started Mary Sheeran Making Formal Verification work Aim

Formal Hardware Verification: getting started Mary Sheeran Making Formal Verification work Aim for automation (bit level) Find niches where formal methods work well Use assertions/ properties first in sim. and then in FV (the acronym is ABV,

1.14k views • 65 slides
Leading ticketing to open source A challenge for Calypso Calypso, an Open and Secure Contactless

Leading ticketing to open source A challenge for Calypso Calypso, an Open and Secure Contactless

Leading ticketing to open source A challenge for Calypso Calypso, an Open and Secure Contactless Ticketing Standard Calypso deployement 125 cities & regions 25 countries 150 million transportation smart cards 490 000 readers Challenges

287 views • 16 slides
End-to-end formal ISA verification of RISC-V processors with riscv-formal Clifford Wolf About

End-to-end formal ISA verification of RISC-V processors with riscv-formal Clifford Wolf About

End-to-end formal ISA verification of RISC-V processors with riscv-formal Clifford Wolf About RISC-V RISC-V is an Open Instruction Set Architecture (ISA) Can be freely used for any purpose Many implementations are available from

677 views • 22 slides
On the Formal Verification of Open Multi-agent Systems F. Belardinelli 1 1 Laboratoire IBISC

On the Formal Verification of Open Multi-agent Systems F. Belardinelli 1 1 Laboratoire IBISC

On the Formal Verification of Open Multi-agent Systems F. Belardinelli 1 1 Laboratoire IBISC Universit e dEvry joint work with D. Grossi and A. Lomuscio LAMAS SING 23 September 2015 1 Overview Background: 1 plenty of work on

627 views • 23 slides
Formal Verification in Industry John Harrison Intel Corporation The cost of bugs Formal

Formal Verification in Industry John Harrison Intel Corporation The cost of bugs Formal

Formal Verification in Industry 1 Formal Verification in Industry John Harrison Intel Corporation The cost of bugs Formal verification Machine-checked proof Automatic and interactive approaches HOL Light Floating point

366 views • 25 slides
About imec-DistriNet enclave research https://distrinet.cs.kuleuven.be/ Trusted computing across

About imec-DistriNet enclave research https://distrinet.cs.kuleuven.be/ Trusted computing across

About imec-DistriNet enclave research https://distrinet.cs.kuleuven.be/ Trusted computing across the system stack: hardware, compiler, OS, application Integrated attack-defense perspective and open-source prototypes SGX-Step framework Sancus

925 views • 75 slides
Secure Drupal Development Steven Van den Hout Steven Van den Hout

Secure Drupal Development Steven Van den Hout Steven Van den Hout

Secure Drupal Development Steven Van den Hout Steven Van den Hout @stevenvdhout http://dgo.to/@svdhout SECURE? 1 IS D DRUPAL AL S IS OPEN SOURCE SECURE? MANY EYES MAKE FOR SECURE CODE - Security by obscurity - Open

641 views • 51 slides
A Secure Data Enclave and Analytics Platform For Social Scientists Yadu N. Babuji, Kyle Chard,

A Secure Data Enclave and Analytics Platform For Social Scientists Yadu N. Babuji, Kyle Chard,

A Secure Data Enclave and Analytics Platform For Social Scientists Yadu N. Babuji, Kyle Chard, Aaron Gerow, & Eamon Duede Computation Institute, The University of Chicago and Argonne National Laboratory

473 views • 24 slides
Formal Verification of Floating-Point Arithmetic John Harrison Intel Corporation Formal

Formal Verification of Floating-Point Arithmetic John Harrison Intel Corporation Formal

Formal Verification of Floating-Point Arithmetic 1 Formal Verification of Floating-Point Arithmetic John Harrison Intel Corporation Formal verification Machine-checked proof Automatic and interactive approaches HOL Light

539 views • 19 slides
Towards an Open-Source, Formally-Verified Secure Processor Srini Devadas Massachusetts

Towards an Open-Source, Formally-Verified Secure Processor Srini Devadas Massachusetts

Towards an Open-Source, Formally-Verified Secure Processor Srini Devadas Massachusetts Institute of Technology Architectural Isolation of Processes Fundamental to maintaining correctness and privacy! 2 Performance Dictates

959 views • 43 slides
Make Money With Open Source What is Open Source? Community Free software vs. open source

Make Money With Open Source What is Open Source? Community Free software vs. open source

Make Money With Open Source What is Open Source? Community Free software vs. open source Licenses: GPL vs. LGPL vs. MIT/Apache Foundations: Linux, Apache, Eclipse, Similar: Open Data, Open Hardware, Open Knowledge, ... Advantages of OS

508 views • 13 slides
seL4: Formal Verification of an OS Kernel . Marek.Sapota@students.mimuw.edu.pl December 15, 2010

seL4: Formal Verification of an OS Kernel . Marek.Sapota@students.mimuw.edu.pl December 15, 2010

seL4: Formal Verification of an OS Kernel . seL4: Formal Verification of an OS Kernel . Marek.Sapota@students.mimuw.edu.pl December 15, 2010 . . . . . . seL4: Formal Verification of an OS Kernel About seL4 What is seL4? Secure

169 views • 16 slides
Formal Verification of Mathematical Algorithms John Harrison Intel Corporation The cost of

Formal Verification of Mathematical Algorithms John Harrison Intel Corporation The cost of

Formal Verification of Mathematical Algorithms 1 Formal Verification of Mathematical Algorithms John Harrison Intel Corporation The cost of bugs Formal verification Levels of verification HOL Light Formalizing mathematics

353 views • 19 slides
Formal Verification of RISC-V cores with riscv-formal Clifford Wolf CTO, Symbiotic EDA

Formal Verification of RISC-V cores with riscv-formal Clifford Wolf CTO, Symbiotic EDA

Formal Verification of RISC-V cores with riscv-formal Clifford Wolf CTO, Symbiotic EDA http://www.clifford.at/papers/2018/riscv-formal/ About assertion based formal verification (formal ABV) Assertion based verification (ABV) Uses

781 views • 39 slides
Formal Verification with Yosys-SMTBMC Clifford Wolf Yosys Flows Synthesis Formal

Formal Verification with Yosys-SMTBMC Clifford Wolf Yosys Flows Synthesis Formal

Formal Verification with Yosys-SMTBMC Clifford Wolf Yosys Flows Synthesis Formal Verification Yosys-STMBMC iCE40 FPGAs Bounded Model Checking (Project IceStorm) Using any SMT-LIB2 solver (using QF_AUFBV logic) Xilinx

707 views • 56 slides

More recommend