Formal Modeling and Verification of Security Property in Handel C Program

Multi-million gate system-on-chip SoC designs easily fit into today's Field Programmable Gate Arrays FPGAs. As FPGAs become more common in safety-critical and mission-critical systems, researchers and designers require information flow guarantees for the FPGAs. Tools for designing a secure system of chips SOCs using FPGAs and new techniques to manage and analyze the security properties precisely are desirable. In this work we propose a formal approach to model, analyze and verify a typical set of security properties-noninterference-of Handel C programs using Petri Nets and model checking. This paper presents a method to model Handel C programs using Predicate Transition Nets, a type of Petri Net, and define security properties on the model, plus a verification approach where security properties are checked. Three steps are used. First, a formal specification on the Handel C description using Petri Nets is extracted. Second, the dynamic noninterference properties with respect to the Handel C program statements are defined on the model. To assist in verification, a translation rule from the Petri Nets specification to the Maude programming language is also defined. Thus, the formal specification can be verified against the system properties using model checking. A case study of the pipeline multiplier is discussed to illustrate the concept and validate the approach.

[1]  Yujian Fu,et al.  Modeling, validating and automating composition of web services , 2006, ICWE '06.

[2]  Yi Deng,et al.  Model checking software architecture specifications in SAM , 2002, SEKE '02.

[3]  Tilman Wolf,et al.  Reconfigurable Security Support for Embedded Systems , 2006, Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06).

[4]  José Meseguer,et al.  Membership algebra as a logical framework for equational specification , 1997, WADT.

[5]  M. Gordon,et al.  Introduction to HOL: a theorem proving environment for higher order logic , 1993 .

[6]  Lorenzo Alvisi,et al.  Modeling the effect of technology trends on the soft error rate of combinational logic , 2002, Proceedings International Conference on Dependable Systems and Networks.

[7]  Rahul Dubey,et al.  Introduction to Embedded System Design Using Field Programmable Gate Arrays , 2010 .

[8]  Sumit Ghosh Hardware description languages - concepts and principles , 1999 .

[9]  Amir Pnueli,et al.  The temporal logic of programs , 1977, 18th Annual Symposium on Foundations of Computer Science (sfcs 1977).

[10]  Yujian Fu,et al.  An approach to web services oriented modeling and validation , 2006, SOSE '06.

[11]  Narciso Martí-Oliet,et al.  Maude: specification and programming in rewriting logic , 2002, Theor. Comput. Sci..

[12]  Tadao Murata,et al.  Petri nets: Properties, analysis and applications , 1989, Proc. IEEE.

[13]  Grigore Rosu,et al.  Rewriting-Based Techniques for Runtime Verification , 2005, Automated Software Engineering.

[14]  Ryan Kastner,et al.  Policy-Driven Memory Protection for Reconfigurable Hardware , 2006, ESORICS.

[15]  Yujian Fu,et al.  A Translator of Software Architecture Design from SAM to Java , 2007, Int. J. Softw. Eng. Knowl. Eng..

[16]  José Meseguer,et al.  Conditioned Rewriting Logic as a United Model of Concurrency , 1992, Theor. Comput. Sci..

[17]  M. Clavel,et al.  Principles of Maude , 1996, WRLA.

[18]  Andrew A. Chien,et al.  Safe and protected execution for the Morph/AMRM reconfigurable processor , 1999, Seventh Annual IEEE Symposium on Field-Programmable Custom Computing Machines (Cat. No.PR00375).

[19]  Zohar Manna,et al.  The Temporal Logic of Reactive and Concurrent Systems , 1991, Springer New York.

[20]  Gang Wang,et al.  Moats and Drawbridges: An Isolation Primitive for Reconfigurable Hardware Based Systems , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).