A verified information-flow architecture
A Azevedo de Amorim, N Collins, A DeHon… - Proceedings of the 41st …, 2014 - dl.acm.org
SAFE is a clean-slate design for a highly secure computer system, with pervasive
mechanisms for tracking and limiting information flows. At the lowest level, the SAFE …
mechanisms for tracking and limiting information flows. At the lowest level, the SAFE …
Formal verification of memory isolation for the trustzone-based tee
The trusted execution environment (TEE) is the security basis of embedded systems, which
can provide a hardware-based isolated execution environment for security-sensitive …
can provide a hardware-based isolated execution environment for security-sensitive …
Machine code verification of a tiny ARM hypervisor
Hypervisors are low level execution platforms that provide isolated partitions on shared
resources, allowing to design secure systems without using dedicated hardware devices. A …
resources, allowing to design secure systems without using dedicated hardware devices. A …
Provably secure memory isolation for Linux on ARM
The isolation of security critical components from an untrusted OS allows to both protect
applications and to harden the OS itself. Virtualization of the memory subsystem is a key …
applications and to harden the OS itself. Virtualization of the memory subsystem is a key …
BP: Formal proofs, the fine print and side effects
T Murray, P van Oorschot - 2018 IEEE Cybersecurity …, 2018 - ieeexplore.ieee.org
Given recent high-profile successes in formal verification of security-related properties (eg,
for seL4), and the rising popularity of applying formal methods to cryptographic libraries and …
for seL4), and the rising popularity of applying formal methods to cryptographic libraries and …
Formalizing, verifying and applying ISA security guarantees as universal contracts
Progress has recently been made on specifying instruction set architectures (ISAs) in
executable formalisms rather than through prose. However, to date, those formal …
executable formalisms rather than through prose. However, to date, those formal …
VERONICA: expressive and precise concurrent information flow security
Methods for proving that concurrent software does not leak its secrets has remained an
active topic of research for at least the past four decades. Despite an impressive array of …
active topic of research for at least the past four decades. Despite an impressive array of …
System-level non-interference of constant-time cryptography. Part I: model
This work focuses on the study of constant-time implementations; giving formal guarantees
that such implementations are protected against cache-based timing attacks in virtualized …
that such implementations are protected against cache-based timing attacks in virtualized …
Trustworthy virtualization of the ARMv7 memory subsystem
In order to host a general purpose operating system, hypervisors need to virtualize the CPU
memory subsystem. This entails dynami-cally changing MMU resources, in particular the …
memory subsystem. This entails dynami-cally changing MMU resources, in particular the …
A verified information-flow architecture
A Azevedo de Amorim, N Collins… - Journal of computer …, 2016 - content.iospress.com
SAFE is a clean-slate design for a highly secure computer system, with pervasive
mechanisms for tracking and limiting information flows. At the lowest level, the SAFE …
mechanisms for tracking and limiting information flows. At the lowest level, the SAFE …