• DocumentCode
    3452546
  • Title

    Specifying and verifying hardware for tamper-resistant software

  • Author

    Lie, David ; Mitchell, John ; Thekkath, Chandramohan A. ; Horowitz, Mark

  • Author_Institution
    Comput. Syst. Lab., Stanford Univ., CA, USA
  • fYear
    2003
  • fDate
    11-14 May 2003
  • Firstpage
    166
  • Lastpage
    177
  • Abstract
    We specify a hardware architecture that supports tamper-resistant software by identifying an "idealized" model, which gives the abstracted actions available to a single user program. This idealized model is compared to a concrete "actual" model that includes actions of an adversarial operating system. The architecture is verified by using a finite-state enumeration tool (a model checker) to compare executions of the idealized and actual models. In this approach, software tampering occurs if the system can enter a state where one model is inconsistent with the other in performing the verification, we detected a replay attack scenario and were able to verify the security of our solution to the problem. Our methods were also able to verify that all actions in the architecture are required, as well as come up with a set of constraints on the operating system to guarantee liveness for users.
  • Keywords
    formal specification; formal verification; operating systems (computers); security of data; access control; adversarial operating system; concrete model; cryptographic key embedding; finite-state enumeration tool; hardware architecture; hardware specification; hardware verification; idealized model; liveness guarantee; model checker; operating system constraints; processor chip; replay attack; security; tamper-resistant software; Computer architecture; Concrete; Cryptography; Data security; Hardware; Laboratories; Operating systems; Resource management; Safety; System testing;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Security and Privacy, 2003. Proceedings. 2003 Symposium on
  • ISSN
    1081-6011
  • Print_ISBN
    0-7695-1940-7
  • Type

    conf

  • DOI
    10.1109/SECPRI.2003.1199335
  • Filename
    1199335