formal verification of low level execution platforms
play

Formal verification of low-level execution platforms Roberto - PowerPoint PPT Presentation

Jan 02, 2023 •175 likes •895 views

Roberto Guanciale Estonian Winter School Day 01 Formal verification of low-level execution platforms Roberto Guanciale Assistant professor Computer Security Department of Theoretical Computer Science @KTH Research interest in Formal

  1. Roberto Guanciale Estonian Winter School Day 01 Formal verification of low-level execution platforms

  2. Roberto Guanciale Assistant professor Computer Security Department of Theoretical Computer Science @KTH Research interest in Formal Verification Enthusiast software developer

  3. Distributed Attacks B A

  4. Distributed Attacks Software vulnerabilities Design flows ● Web parameter injection • Broken authentication •

  5. Distributed Attacks Software vulnerabilities Password re-usage ● Poor Management Social engineering ● Misconfiguration ●

  6. Distributed Attacks Software vulnerabilities Poor Management

  10. OpenSSL 500 000 Lines of Code 1 Buffer Overflow Introduced 2012 Discovered 2014

  11. Apps OS Hardware Host 1 Motivations

  16. Apps OS Hardware Host 1 Motivations

  17. Apps OS Hardware Host 1 Motivations

  18. Apps OS Hardware Host 1 Motivations

  19. Apps OS Hardware Host 1 Motivations

  20. Apps Crypto Service OS Hypervisor Hardware Host 1 Motivations

  21. ∀ s. secure ( s ) Assumptions Models Verifjcation Formal Verification

  22. CPU MEMORY Assumptions Models Verifjcation Formal Verification

  23. OS Hypervisor CPU MEMORY Assumptions Models Verifjcation Formal Verification

  24. OS Hypervisor CPU MEMORY Assumptions Models Verifjcation Formal Verification

  25. Lecture plan 1) Formal verification 2) CPU models and proof strategy 3) Verification of memory virtualization 4) When the models are incorrect

  26. Formal verification

  27. Formal models states of the system ● Deterministic Finite Automata: integers • Stack, Heap, Current instruction: Java • … •

  28. Formal models states of the system ● Deterministic Finite Automata: integers • Stack, Heap, Current instruction: Java • … • transition relation (behavior of the system) ● DFA: depends on the transition function • Java: depends on the program and the Java semantics •

  29. Formal models states of the system ● Deterministic Finite Automata: integers • Stack, Heap, Current instruction: Java • … • transition relation (behavior of the system) ● DFA: depends on the transition function • Java: depends on the program and the Java semantics • labeled transition system ● • DFA: labels represent the accepted input characters • weak transition system (when some event is not important) •

  30. Contract Verification  {P} C {Q} : when the precondition P is met, executing the program C establishes the postcondition Q. 

  31. Contract Verification: Hoare logic  {P} C {Q} : when the precondition P is met, executing the program C establishes the postcondition Q.  

  32. Contract verification: Hoare logic  {P} C {Q} : when the precondition P is met, executing the program C establishes the postcondition Q.    Java Modeling Language (JML)

  33. Contract verification int SQRT(x) { int r = 0; while (r*r<=x) r++; return r; }

  34. Hoare logic: weakest preconditon  Find the weakest precondition that guarantees that executing the program C establishes the postcondition Q.  Then prove P => WP

  35. Hoare logic: weakest preconditon  Find the weakest precondition that guarantees that executing the program C establishes the postcondition Q  x:= exp {Q(x)}  WP = Q(exp)  Example  x:= 5 {Q(x) = x > y}  WP = Q(5) = 5 > y

  36. Hoare logic: weakest preconditon  Find the weakest precondition that guarantees that executing the program C establishes the postcondition Q.  x:= exp {Q(x)}  WP = Q(exp)  Example  x:= y+1 {Q(x) = x > y}  WP = Q(y+1) = y+1 > y

  37. Hoare logic: weakest preconditon  Find the weakest precondition that guarantees that executing the program C establishes the postcondition Q.  WP (C1; C2, Q) = WP(C1; WP(C2, Q))  Example x:=z+1 y:=x+y 1) WP(y:=x+y, y>5) = x+y > 5 Q = y > 5 2) WP(x:=z+1, x+y > 5) = z+1+y>5

  38. Hoare logic: weakest preconditon  Find the weakest precondition that guarantees that executing the program C establishes the postcondition Q.  WP (IF C THEN C1 ELSE C2, Q) if (x>y) then z = x = else z=y  Example Q: z >= x /\ z >= y x>y => WP(z=x, z >= x /\ z >= y) eq x>y => x >= x /\ x >= y x<=y => WP(z=y, z >= x /\ z >= y) eq x<=y => y >= x /\ y >= y

  39. Trace inclusion  Implementation model  Java Classes  DFA  Specification model  Interfaces  NFA

  40. Trace inclusion  Implementation model  trace  traces  Specification model

  41. Trace inclusion  Implementation model  trace  traces  Specification model

  42. Trace inclusion  Implementation model  trace  traces  Specification model  Trace Inclusion

  43. Formal verification: Trace inclusion

  44. Formal verification: Trace inclusion

  45. Formal verification: Trace inclusion

  46. Formal verification: Trace inclusion  Implementation model  Specification model  Trace Inclusion  Contract verification  Then

  47. Formal verification: Trace inclusion   Relation

  48. Formal verification: Trace inclusion   Relation  Trace Inclusion  Contract verification  Property transfer

  49. Formal verification: Trace inclusion   Relation  Trace Inclusion  Contract verification  Property transfer

  50. Formal verification: simulation   Relation  Trace Inclusion 

  51. Formal verification: express secrecy  K1 and K2 are secret variables (e.g. keys) int F (P1) { P2 := K1; }  P1 and P2 are public variables  The attacker can invoke the function F  F should not leak the value of Ks

  52. Formal verification: express secrecy  K1 and K2 are secret variables (e.g. keys) int F (P1) { P2 := K1; }  P1 and P2 are public variables  The attacker can invoke the function F  F should not leak the value of Ks

  53. Formal verification: express secrecy  K1 and K2 are secret variables (e.g. keys) int F (P1) { P2 := P1; }  P1 and P2 are public variables  The attacker can invoke the function F  F should not leak the value of Ks

  54. Formal verification: express secrecy  K1 and K2 are secret variables (e.g. keys) int F (P1) { P2 := P1+K1; }  P1 and P2 are public variables  The attacker can invoke the function F  F should not leak the value of Ks

  55. Formal verification: express secrecy  K1 and K2 are secret variables (e.g. keys) int F (P1) { if (K1 < 10) P2 := P1;  P1 and P2 are public variables }  The attacker can invoke the function F  F should not leak the value of Ks

  56. Formal verification: express secrecy  K1 and K2 are secret variables (e.g. keys) int F (P1) { if (P1 < 10) P2 := P1;  P1 and P2 are public variables K2 := K1 + P1; }  The attacker can invoke the function F  F should not leak the value of Ks

  57. Information flow security  K1 and K2 are secret variables (e.g. keys)  P1 and P2 are public variables

  58. Information flow security: refinement

  59. Information flow security: refinement 

  60. Information flow security: refinement 

  61. Information flow security: refinement 

  62. Information flow security: refinement int S() { P := RND()*2; } P:2 P:1 P:4 K:0 P:0 P:2 P:1 P:4 K:1 P:0

  63. Information flow security: refinement int I() { int S() { P := K*2; P := RND()*2; } } P:2 P:1 P:4 K:0 P:0 P:2 P:1 P:4 K:1 P:0

  64. Information flow security: refinement int I() { int S() { P := K*2; P := RND()*2; } } P:2 P:2 P:1 P:1 P:4 K:0 P:0 P:4 K:0 P:0 P:2 P:1 P:4 K:1 P:0

  65. Information flow security: refinement int I() { int S() { P := K*2; P := RND()*2; } } P:2 P:2 P:1 P:1 P:4 K:0 P:0 P:4 K:0 P:0 P:2 P:2 P:1 P:1 P:4 K:1 P:0 P:4 K:1 P:0

  66. Information flow security: refinement 

  67. Formal verification: bisimulation   Relation  Trace Inclusion 

  68. Theorem prover Fully automated (propositional logic)  Automated, but not necessarily terminating (first order logic)  With automation, but mainly interactive (higher-order logic)  Isabelle  HOL4 

  69. Isabelle/HOL4 A generic interactive proof assistant  Interactive:  more than just yes/no, you can interactively guide the system  Proof assistant:  helps to explore, find, and maintain proofs  Widely used systems, Active development, Reasonably easy to use  Internal Logic and object logic (HOL) 

  70. Summary Motivations ● Refinements ● Information flow security ● Upcoming ● Formal models of CPUs • High level proof •

  71. THANKS! Any questions? You can find me at robertog@kth.se http://prosper.sics.se/ References

Recommend

Formal verification of low-level execution platforms Apps OS Hardware Host 1 Motivations

Formal verification of low-level execution platforms Apps OS Hardware Host 1 Motivations

Roberto Guanciale Estonian Winter School Day 02 Formal verification of low-level execution platforms Apps OS Hardware Host 1 Motivations Apps Crypto Service OS Hypervisor/ Separation Kernel Hardware Host 1 Motivations Separation

850 views • 63 slides
Compositional Verification of Security Properties for Embedded Execution Platforms Christoph

Compositional Verification of Security Properties for Embedded Execution Platforms Christoph

Compositional Verification of Security Properties for Embedded Execution Platforms Christoph Baumann , Oliver Schwarz , Mads Dam KTH Royal Institute of Technology, Stockholm, Sweden RISE.SICS, Kista, Sweden cbaumann@kth.se

903 views • 65 slides
Formal Hardware Verification: getting started Mary Sheeran Making Formal Verification work Aim

Formal Hardware Verification: getting started Mary Sheeran Making Formal Verification work Aim

Formal Hardware Verification: getting started Mary Sheeran Making Formal Verification work Aim for automation (bit level) Find niches where formal methods work well Use assertions/ properties first in sim. and then in FV (the acronym is ABV,

1.14k views • 65 slides
Formal Hardware Verification (some key ideas) Mary Sheeran Idealised Flow High level Not

Formal Hardware Verification (some key ideas) Mary Sheeran Idealised Flow High level Not

4/3/2008 Formal Hardware Verification (some key ideas) Mary Sheeran Idealised Flow High level Not formal 1 4/3/2008 Idealised Flow High level Not formal Equally high level Formal spec. Math, expressive logic Idealised Flow High level

402 views • 22 slides
Provably Secure Execution Platforms - Lecture Four: A Simple Separation Kernel and Its

Provably Secure Execution Platforms - Lecture Four: A Simple Separation Kernel and Its

Provably Secure Execution Platforms - Lecture Four: A Simple Separation Kernel and Its Verification Mads Dam KTH Royal Institute of Technology BISS spring school, Bertinoro 2018 The Goal Hypervisor Context switch: Fixed round-robin

1.16k views • 67 slides
Formal Verification of Stack Manipulation in the SCIP Processor J. Aaron Pendergrass High Level

Formal Verification of Stack Manipulation in the SCIP Processor J. Aaron Pendergrass High Level

Formal Verification of Stack Manipulation in the SCIP Processor J. Aaron Pendergrass High Level Challenges to developing capability in formal methods: Perceived high barrier to entry, Specialized tools and jargon, Need for a

424 views • 23 slides
Model-Checking Acknowledgment Formal Verification Formal verification means to apply

Model-Checking Acknowledgment Formal Verification Formal verification means to apply

Model-Checking Acknowledgment Formal Verification Formal verification means to apply mathematical arguments to prove the correctness of systems Systems have bugs Formal verification aims to find and correct such bugs Why? Computer systems

1.42k views • 122 slides
Formal Verification and Computer Architecture A Validated Formal Model of the x86 ISA for

Formal Verification and Computer Architecture A Validated Formal Model of the x86 ISA for

Formal Verification and Computer Architecture A Validated Formal Model of the x86 ISA for Analyzing Computing Systems Shilpi Goel shilpi@centtech.com Formal Verification Engineer Centaur Technology, Inc. Software and Reliability Can we rely

1.14k views • 78 slides
Formal Verification in Industry John Harrison Intel Corporation The cost of bugs Formal

Formal Verification in Industry John Harrison Intel Corporation The cost of bugs Formal

Formal Verification in Industry 1 Formal Verification in Industry John Harrison Intel Corporation The cost of bugs Formal verification Machine-checked proof Automatic and interactive approaches HOL Light Floating point

366 views • 25 slides
WP verification methodology and tools Paul Jackson School of Informatics University of Edinburgh

WP verification methodology and tools Paul Jackson School of Informatics University of Edinburgh

WP verification methodology and tools Paul Jackson School of Informatics University of Edinburgh Formal Verification Spring 2017 Levels of formal verification Checking freedom from run-time exceptions Dominant level for Spark tools

263 views • 8 slides
Multi-Level Formal Analysis A New Direction for Fault Injection Attack? L. Sauvage, T. Graba, T.

Multi-Level Formal Analysis A New Direction for Fault Injection Attack? L. Sauvage, T. Graba, T.

Institut Mines-Tlcom Multi-Level Formal Analysis A New Direction for Fault Injection Attack? L. Sauvage, T. Graba, T. Porteboeuf PROOFS September 17, 2015 Presentation Outline Introduction, Motivation Multi-level Formal Verification

485 views • 27 slides
Formal Verification of Floating-Point Arithmetic John Harrison Intel Corporation Formal

Formal Verification of Floating-Point Arithmetic John Harrison Intel Corporation Formal

Formal Verification of Floating-Point Arithmetic 1 Formal Verification of Floating-Point Arithmetic John Harrison Intel Corporation Formal verification Machine-checked proof Automatic and interactive approaches HOL Light

539 views • 19 slides
Formal Verification of an Open-Source Secure Enclave Pranav Gaddamadugu pranavsaig@berkeley.edu

Formal Verification of an Open-Source Secure Enclave Pranav Gaddamadugu pranavsaig@berkeley.edu

Formal Verification of an Open-Source Secure Enclave Pranav Gaddamadugu pranavsaig@berkeley.edu Problem Definition Verifying hyperproperties about the Keystone Security monitor Secure Remote Execution (SRE) : a 2-safety hyperproperty

446 views • 10 slides
Formal Verification of Mathematical Algorithms John Harrison Intel Corporation The cost of

Formal Verification of Mathematical Algorithms John Harrison Intel Corporation The cost of

Formal Verification of Mathematical Algorithms 1 Formal Verification of Mathematical Algorithms John Harrison Intel Corporation The cost of bugs Formal verification Levels of verification HOL Light Formalizing mathematics

353 views • 19 slides
Formal Verification of RISC-V cores with riscv-formal Clifford Wolf CTO, Symbiotic EDA

Formal Verification of RISC-V cores with riscv-formal Clifford Wolf CTO, Symbiotic EDA

Formal Verification of RISC-V cores with riscv-formal Clifford Wolf CTO, Symbiotic EDA http://www.clifford.at/papers/2018/riscv-formal/ About assertion based formal verification (formal ABV) Assertion based verification (ABV) Uses

781 views • 39 slides
Formal Verification with Yosys-SMTBMC Clifford Wolf Yosys Flows Synthesis Formal

Formal Verification with Yosys-SMTBMC Clifford Wolf Yosys Flows Synthesis Formal

Formal Verification with Yosys-SMTBMC Clifford Wolf Yosys Flows Synthesis Formal Verification Yosys-STMBMC iCE40 FPGAs Bounded Model Checking (Project IceStorm) Using any SMT-LIB2 solver (using QF_AUFBV logic) Xilinx

707 views • 56 slides
Towards Formal Verification in Cryptographic Web Applications A Three Year Evolution Nadim

Towards Formal Verification in Cryptographic Web Applications A Three Year Evolution Nadim

Towards Formal Verification in Cryptographic Web Applications A Three Year Evolution Nadim Kobeissi PROSECCO: Pro gramming Sec urely with C rypt o graphy. Team at INRIA Paris specializing in applied cryptography and formal verification.

357 views • 14 slides
Lecture 17: Wrapup &amp; Questions . Runtime-Verification . Statement-, branch-, term-

Lecture 17: Wrapup &amp; Questions . Runtime-Verification . Statement-, branch-, term-

Topic Area Code Quality Assurance: Content Content Introduction and Vocabulary Formal Program Verification VL 14 Test case, test suite, test execution. Proof System PD . . Positive and negative outcomes. Softwaretechnik /

246 views • 13 slides
Effective Word-Level Interpolation for Software Verification Alberto Griggio FBK-IRST

Effective Word-Level Interpolation for Software Verification Alberto Griggio FBK-IRST

FMCAD 2011 Effective Word-Level Interpolation for Software Verification Alberto Griggio FBK-IRST Motivations Craig interpolation applied succesfully for Formal Verification of both hardware and software Ongoing research (at least for

572 views • 41 slides
Boundaries of Formal Program Verification Yannick Moy AdaCore SPARK the language strong

Boundaries of Formal Program Verification Yannick Moy AdaCore SPARK the language strong

Boundaries of Formal Program Verification Yannick Moy AdaCore SPARK the language strong typing low level programming generics object orientation concurrency Abstract_State pointers Initializes Core Ada exception handlers

730 views • 17 slides
Formal Specification and Verification Formal specification (2) 29.11.2016 Viorica

Formal Specification and Verification Formal specification (2) 29.11.2016 Viorica

Formal Specification and Verification Formal specification (2) 29.11.2016 Viorica Sofronie-Stokkermans e-mail: sofronie@uni-koblenz.de 1 Until now Logic Formal specification (generalities) Algebraic specification 2 Formal

627 views • 19 slides
Formal Specification and Verification Formal specification (2) 6.12.2016 Viorica

Formal Specification and Verification Formal specification (2) 6.12.2016 Viorica

Formal Specification and Verification Formal specification (2) 6.12.2016 Viorica Sofronie-Stokkermans e-mail: sofronie@uni-koblenz.de 1 Until now Logic Formal specification (generalities) Algebraic specification Transition systems 2

798 views • 62 slides
A Formal Verification Tool for Ethereum VM Bytecode Daejun Park Yi Zhang Manasvi Saxena

A Formal Verification Tool for Ethereum VM Bytecode Daejun Park Yi Zhang Manasvi Saxena

A Formal Verification Tool for Ethereum VM Bytecode Daejun Park Yi Zhang Manasvi Saxena Philip Daian Grigore Rosu Nov 7, 2018 @ FSE18 Smart contracts Programs that run on blockchain Usually written in a high-level

537 views • 28 slides
Browsers: Critical Infrastructure Ubiquitous: many platforms, sensitive apps Vulnerable:

Browsers: Critical Infrastructure Ubiquitous: many platforms, sensitive apps Vulnerable:

Browser Security Guarantees through Formal Shim Verification Zachary Tatlock Dongseok Jang Sorin Lerner UC San Diego Browsers: Critical Infrastructure Ubiquitous: many platforms, sensitive apps Vulnerable: Pwn2Own, just a click to

862 views • 73 slides

More recommend