Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
184 tokens/sec
GPT-4o
7 tokens/sec
Gemini 2.5 Pro Pro
45 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Runtime Verification for Trustworthy Computing (2310.02341v1)

Published 3 Oct 2023 in cs.CR and cs.RO

Abstract: Autonomous and robotic systems are increasingly being trusted with sensitive activities with potentially serious consequences if that trust is broken. Runtime verification techniques present a natural source of inspiration for monitoring and enforcing the desirable properties of the communication protocols in place, providing a formal basis and ways to limit intrusiveness. A recently proposed approach, RV-TEE, shows how runtime verification can enhance the level of trust to the Rich Execution Environment (REE), consequently adding a further layer of protection around the Trusted Execution Environment (TEE). By reflecting on the implication of deploying RV in the context of trustworthy computing, we propose practical solutions to two threat models for the RV-TEE monitoring process: one where the adversary has gained access to the system without elevated privileges, and another where the adversary gains all privileges to the host system but fails to steal secrets from the TEE.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (44)
  1. Eclipse Cyclone DDS. https://github.com/eclipse-cyclonedds/cyclonedds. Accessed: 2023-07-25.
  2. Linux chroot. https://man7.org/linux/man-pages/man2/chroot.2.html. Accessed: 2023-05-17.
  3. Linux namespaces. https://man7.org/linux/man-pages/man7/namespaces.7.html. Accessed: 2023-05-17.
  4. In: Security and Trust Management - 17th International Workshop, STM 2021, Darmstadt, Germany, October 8, 2021, Proceedings, Lecture Notes in Computer Science 13075, Springer, pp. 103–121, 10.1007/978-3-030-91859-0_6.
  5. Formal Methods Syst. Des. 51(1), pp. 200–265, 10.1007/s10703-017-0274-y.
  6. IEEE Internet of Things Journal 7(8), pp. 7220–7233, 10.1109/JIOT.2020.2983655.
  7. Proceedings of the IEEE 94(2), pp. 357–369, 10.1109/JPROC.2005.862423.
  8. Andreas Bauer & Jan Jürjens (2010): Runtime verification of cryptographic protocols. Computers & Security 29(3), pp. 315–330, 10.1016/j.cose.2009.09.003.
  9. Andrew Baumann, Marcus Peinado & Galen Hunt (2015): Shielding applications from an untrusted cloud with haven. ACM Transactions on Computer Systems (TOCS) 33(3), pp. 1–26, 10.1145/2799647.
  10. Blu5 Labs (2020): SEcube – Reconfigurable silicon. https://www.secube.eu/site/assets/files /1145/secube_datasheet_-_r7.pdf. Accessed: 2022-05-02.
  11. Intelligent Systems with Applications 18, p. 200237, 10.1016/j.iswa.2023.200237.
  12. Christian Colombo, Gordon J. Pace & Gerardo Schneider (2009): LARVA — Safer Monitoring of Real-Time Java Programs (Tool Paper). In: Seventh IEEE International Conference on Software Engineering and Formal Methods (SEFM), IEEE Computer Society, pp. 33–37, 10.1109/SEFM.2009.13.
  13. Axel Curmi, Christian Colombo & Mark Vella (2022): RV-TEE-Based Trustworthy Secure Shell Deployment: An Empirical Evaluation. Journal of Object Technology 21(2), 10.5381/jot.2022.21.2.a4.
  14. In Heng Yin, Angelos Stavrou, Cas Cremers & Elaine Shi, editors: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, CCS 2022, Los Angeles, CA, USA, November 7-11, 2022, ACM, pp. 739–753, 10.1145/3548606.3560681.
  15. In Abdelkhalick Mohammad, Xin Dong & Matteo Russo, editors: Towards Autonomous Robotic Systems - 21st Annual Conference, TAROS 2020, Nottingham, UK, September 16, 2020, Proceedings, Lecture Notes in Computer Science 12228, Springer, pp. 387–399, 10.1007/978-3-030-63486-5_40.
  16. GlobalPlatform (2018): TEE System Architecture Version 1.2. Doc ref: GPD_SPE_009.
  17. Alwyn Goodloe (2016): Challenges in High-Assurance Runtime Verification. In Tiziana Margaria & Bernhard Steffen, editors: Leveraging Applications of Formal Methods, Verification and Validation: Foundational Techniques - 7th International Symposium, ISoLA 2016, Imperial, Corfu, Greece, October 10-14, 2016, Proceedings, Part I, Lecture Notes in Computer Science 9952, pp. 446–460, 10.1007/978-3-319-47166-2_31.
  18. David Kaplan, Jeremy Powell & Tom Woller (2016): AMD memory encryption. White paper.
  19. Acm Sigplan Notices 47(7), pp. 121–132, 10.1145/2365864.2151042.
  20. Machines 11(2), 10.3390/machines11020166.
  21. arXiv preprint arXiv:1801.01203, 10.1109/SP.2019.00002.
  22. In: Security and Privacy (SP), 2010 IEEE Symposium on, IEEE, pp. 143–158, 10.1109/SP.2010.17.
  23. In: Proceedings of the Hardware and Architectural Support for Security and Privacy 2016, ACM, pp. 1–9, 10.1145/2948618.2954331.
  24. Gorka Guardiola Muzquiz & Enrique Soriano-Salvador (2023): SealFSv2: combining storage-based and ratcheting for tamper-evident logging. Int. J. Inf. Sec. 22(2), pp. 447–466, 10.1007/s10207-022-00643-1.
  25. Sandro Pinto & Nuno Santos (2019): Demystifying Arm trustzone: A comprehensive survey. ACM Computing Surveys (CSUR) 51(6), pp. 1–36, 10.1145/3291047.
  26. Special Publication (NIST SP), National Institute of Standards and Technology.
  27. In: 14th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, pp. 57–64, 10.1109/Trustcom.2015.357.
  28. Mohamed Sabt & Jacques Traoré (2016): Breaking into the keystore: A practical forgery attack against Android keystore. In: European Symposium on Research in Computer Security, Springer, pp. 531–548, 10.1007/978-3-319-45741-3_27.
  29. Formal Methods Syst. Des. 54(3), pp. 279–335, 10.1007/s10703-019-00337-w.
  30. In: 2015 IEEE Symposium on Security and Privacy, IEEE, pp. 38–54, 10.1109/SP.2015.10.
  31. Mark Seaborn & Thomas Dullien (2015): Exploiting the DRAM rowhammer bug to gain kernel privileges. Black Hat 15.
  32. R Sekar (2009): An Efficient Black-box Technique for Defeating Web Application Attacks. In: Proceedings of the 16th Annual Network and Distributed System Security Symposium.
  33. In: Computer Aided Verification - 29th International Conference, CAV, pp. 336–355, 10.1007/978-3-319-63387-9_17.
  34. CoRR abs/1808.03406, 10.48550/arXiv.1808.03406.
  35. Enrique Soriano-Salvador & Gorka Guardiola Muzquiz (2021): SealFS: Storage-based tamper-evident logging. Comput. Secur. 108, p. 102325, 10.1016/j.cose.2021.102325.
  36. OMG Available Specification (2015): Data distribution service for real-time systems version 1.4. Object Management Group (OMG) (formal/2015-04-10).
  37. Mariacarla Staffa, Giovanni Mazzeo & Luigi Sgaglione (2018): Hardening ROS via Hardware-assisted Trusted Execution Environment. In: 27th IEEE International Symposium on Robot and Human Interactive Communication, RO-MAN 2018, Nanjing, China, August 27-31, 2018, IEEE, pp. 491–494, 10.1109/ROMAN.2018.8525696.
  38. Thales (2020): High Assurance Hardware Security Modules. https://cpl.thalesgroup.com/encryption/hardware-security-modules/network-hsms. Accessed: 2020-08-10.
  39. Chia-Che Tsai, Donald E Porter & Mona Vij (2017): Graphene-sgx: A practical library OS for unmodified applications on SGX. In: 2017 USENIX Annual Technical Conference (USENIX ATC 17), pp. 645–658.
  40. Journal of Computer Virology and Hacking Techniques, pp. 1–20, 10.1007/s11416-021-00391-1.
  41. Rafal Wojtczuk & Joanna Rutkowska (2009): Attacking Intel trusted execution technology. Black Hat DC 2009.
  42. Yubico (2020): Protect your digital world with YubiKey. https://www.yubico.com/. Accessed: 2020-08-10.
  43. In: Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, pp. 203–216, 10.1145/2043556.2043576.
  44. In: 2016 IEEE International Conference on Electronic Information and Communication Technology (ICEICT), pp. 126–133, 10.1109/ICEICT.2016.7879666.
Citations (1)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now