SMASHUP: a toolchain for unified verification of hardware/software co-designs

Lugou, Florian; Apvrille, Ludovic; Francillon, Aurélien

doi:10.1007/s13389-016-0145-2

Cited by 9 publications

(4 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A full or partial resolution of this problem could facilitate the cybersecurity certification of complex IoT system on the basis of the certification and labelling of the single components. In this direction, the use of hardware-software co-verification methods could be considered as part of the overall certification process of composed devices or systems [114]. However, these techniques need to be further analyzed in the coming years to check their suitability in the context of IoT.…”

Section: Recommendations and Potential Ways Forwardmentioning

confidence: 99%

A Survey of Cybersecurity Certification for the Internet of Things

et al. 2020

View full text Add to dashboard Cite

In recent years, cybersecurity certification is gaining momentum as the baseline to build a structured approach to mitigate cybersecurity risks in the Internet of Things (IoT). This initiative is driven by industry, governmental institutions, and research communities, which have the goal to make IoT more secure for the end-users. In this survey, we analyze the current cybersecurity certification schemes, as well as the potential challenges to make them applicable for the IoT ecosystem. We also examine current efforts related to risk assessment and testing processes, which are widely recognized as the processes to build a cybersecurity certification framework. Our work provides a multidisciplinary perspective of a possible IoT cybersecurity certification framework by integrating research and technical tools and processes with policies and governance structures, which are analyzed against a set of identified challenges. This survey is intended to give a comprehensive overview of cybersecurity certification to facilitate the definition of a framework that fits in emerging scenarios, such as the IoT paradigm.

show abstract

Section: Recommendations and Potential Ways Forwardmentioning

confidence: 99%

A Survey of Cybersecurity Certification for the Internet of Things

et al. 2020

View full text Add to dashboard Cite

show abstract

“…They dedicated a protected memory region to store the secret. Lugou et al [10] tried to propose a unified method to verify hardware/software co-designs. They applied this method on SMART and modelled the system with Proverif.…”

Section: State Of the Artmentioning

confidence: 99%

Remote Attestation of Bare-Metal Microprocessor Software: A Formally Verified Security Monitor

Certes

Morgan

2021

Communications in Computer and Information Science

View full text Add to dashboard Cite

Remote attestation is a protocol to verify that a remote algorithm satisfies security properties, allowing to establish dynamic root of trust. Modern architectures for remote attestation combine signature or MAC primitives with hardware monitors to enforce secret confidentiality. Our works are based on a verified hardware/software co-design for remote attestation, VRASED. Its proof is established using formal methods and its implementation is conducted on a simple embedded device based on a single core microcontroller. A heavy modification of the core, along with a hardware monitor, enforces security properties. We propose to extend this method to microprocessors where cores cannot be modified. In this paper, we tackle this problem with support from the microprocessor's debug interface and demonstrate that the same security properties also hold.

show abstract

“…Figure 4 and Figure 5 gives the properties under verification. Column [1][2][3][4][5][6][7][8][9][10][11][12] in Table 1 report the property id, type of property, the bound up to which the HW transition system is unwound, the unwind depth for the SW, number of SAT clauses, number of variables, the verification result (safe or unsafe), the source of the bug (HW or SW or Interface logic) if unsafe, and the total verification run time and memory consumption for bit-level and word-level backend solvers, respectively. Note that the value of bound must be greater or equal to the number of next_time f rame() calls.…”

Section: Case Study: Text Analytics Fpga Accelerator Co-designmentioning

confidence: 99%

“…The work of [8,17] concerns co-verification for the case of an RTL HW. Unified high-level HW/SW models for co-verification have been pursued in the past [9]. Notably, Monniaux [11] model HW and SW as C programs, which are formalized as pushdown systems (PDS), Li et al [8] use Büchi Automata to model HW and a PDS to model SW to generate a unified model, called Büchi Pushdown System (BPDS).…”

Section: Related Workmentioning

confidence: 99%

Formal Techniques for Effective Co-verification of Hardware/Software Co-designs

Mukherjee

Purandare

Polig

et al. 2017

Proceedings of the 54th Annual Design Automation Conference 2017

View full text Add to dashboard Cite

Verification is indispensable for building reliable of hardware/software co-designs. However, the scope of formal methods in this domain is limited. This is attributed to the lack of unified property specification languages, the semantic gap between hardware and software components, and the lack of verifiers that support both C and Verilog/VHDL. To address these limitations, we present an approach that uses a bounded co-verification tool, HW-CBMC, for formally validating hardware/software co-designs written in Verilog and C. Properties are expressed in C enriched with specialpurpose primitives that capture temporal correlation between hardware and software events. We present an industrial case-study, proving bounded safety properties as well as discovering critical codesign bugs on a large and complex text analytics FPGA accelerator from IBM R .

show abstract

SMASHUP: a toolchain for unified verification of hardware/software co-designs

Cited by 9 publications

References 25 publications

A Survey of Cybersecurity Certification for the Internet of Things

A Survey of Cybersecurity Certification for the Internet of Things

Remote Attestation of Bare-Metal Microprocessor Software: A Formally Verified Security Monitor

Formal Techniques for Effective Co-verification of Hardware/Software Co-designs

Contact Info

Product

Resources

About