Verifying a hardware security architecture

The verification work reported had three goals: (1) to develop a method for specifying components, which may be either software processes or hardware components, in terms of their possible event histories (also called traces); (2) to develop a method of verifying systems built from such components; and (3) to use these techniques to prove security properties about a realistic and substantial design. The approach to specification and verification is described. Although they do not yet have robust enough automated support to aid in the application described, the authors have devoted considerable attention to rigorously defining the logic suited to the method and exploring the type of software support needed. The main part of this study describes the use of the approach to specify and verify the security of the hardware architecture level of a hypothetical secure computing system. As far as the authors know, verification methods already in use are not suited to this sort of problem.<<ETX>>

[1]  Robin Milner,et al.  Calculi for Synchrony and Asynchrony , 1983, Theor. Comput. Sci..

[2]  Virgil D. Gligor Analysis of the Hardware Verification of the Honeywell SCOMP , 1985, 1985 IEEE Symposium on Security and Privacy.

[3]  Roger R. Schell,et al.  Mechanism Sufficiency Validation by Assignment , 1981, 1981 IEEE Symposium on Security and Privacy.

[4]  Morrie Gasser,et al.  Building a Secure Computer System , 1988 .

[5]  L. J. Fraim Scomp: A Solution to the Multilevel Security Problem , 1983, Computer.

[6]  John McLean,et al.  A Formal Method for the Abstract Specification of Software , 1984, JACM.

[7]  Robin Milner,et al.  A Calculus of Communicating Systems , 1980, Lecture Notes in Computer Science.

[8]  Hai-Ping Ko Security properties of ring brackets , 1989, Proceedings of the Computer Security Foundations Workshop II,.

[9]  William M. Farmer,et al.  A partial functions version of Church's simple theory of types , 1990, Journal of Symbolic Logic.

[10]  Jerome H. Saltzer,et al.  A hardware architecture for implementing protection rings , 1972, CACM.

[11]  Alonzo Church,et al.  A formulation of the simple theory of types , 1940, Journal of Symbolic Logic.

[12]  Daryl McCullough,et al.  Specifications for Multi-Level Security and a Hook-Up , 1987, 1987 IEEE Symposium on Security and Privacy.