ACBuilder: A tool for hardware architecture security evaluation

2016 IEEE International Symposium on Hardware Oriented Security and Trust (HOST) Pub Date : 2016-05-03 DOI:10.1109/HST.2016.7495564

Henrique Kawakami, David E. Ott, H. Wong, R. Dahab, R. Gallo

{"title":"ACBuilder: A tool for hardware architecture security evaluation","authors":"Henrique Kawakami, David E. Ott, H. Wong, R. Dahab, R. Gallo","doi":"10.1109/HST.2016.7495564","DOIUrl":null,"url":null,"abstract":"In this work we propose to enable the security analysis of hardware architecture independently of its physical implementation. This will help to discover vulnerabilities and flaws in a broad range of architectures, and to identify problems before the costly process of design and manufacturing. Our approach employs Assurance Cases, proposed in [1] as a flexible methodology that builds upon Safety Case approaches used in such mission-critical industries as aerospace, nuclear power, and national defense. More specifically, in this paper we present our research on software frameworks to aid security analysts in the development of assurance cases. We describe how our research prototype, ACBuilder, can be used to model hardware architectures, apply existing analysis patterns, develop analysis rules, and generate assurance cases. We then apply the methodology to an illustrative example for evaluation, and discuss avenues for developing the software framework further. This includes opportunities for automation and enabling community-based approaches for developing reusable patterns.","PeriodicalId":194799,"journal":{"name":"2016 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","volume":"6 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-05-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/HST.2016.7495564","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

Abstract

In this work we propose to enable the security analysis of hardware architecture independently of its physical implementation. This will help to discover vulnerabilities and flaws in a broad range of architectures, and to identify problems before the costly process of design and manufacturing. Our approach employs Assurance Cases, proposed in [1] as a flexible methodology that builds upon Safety Case approaches used in such mission-critical industries as aerospace, nuclear power, and national defense. More specifically, in this paper we present our research on software frameworks to aid security analysts in the development of assurance cases. We describe how our research prototype, ACBuilder, can be used to model hardware architectures, apply existing analysis patterns, develop analysis rules, and generate assurance cases. We then apply the methodology to an illustrative example for evaluation, and discuss avenues for developing the software framework further. This includes opportunities for automation and enabling community-based approaches for developing reusable patterns.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

ACBuilder:硬件架构安全评估工具

在这项工作中，我们建议使硬件架构的安全分析独立于其物理实现。这将有助于在广泛的体系结构中发现漏洞和缺陷，并在昂贵的设计和制造过程之前识别问题。我们的方法采用了[1]中提出的保证案例，作为一种灵活的方法，它建立在航空航天、核电和国防等关键任务行业中使用的安全案例方法的基础上。更具体地说，在本文中，我们介绍了我们对软件框架的研究，以帮助安全分析师开发保证案例。我们描述了如何使用我们的研究原型ACBuilder对硬件架构建模、应用现有的分析模式、开发分析规则和生成保证用例。然后，我们将该方法应用于评估的说明性示例，并讨论进一步开发软件框架的途径。这包括实现自动化和启用基于社区的方法来开发可重用模式的机会。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2016 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)

自引率

0.00%

发文量