B. Cook, Björn Döbel, D. Kroening, Norbert Manthey, M. Pohlack, E. Polgreen, Michael Tautschnig, Pawel Wieczorkiewicz
{"title":"使用模型检查工具对Xen管理程序中安全漏洞的严重程度进行分类","authors":"B. Cook, Björn Döbel, D. Kroening, Norbert Manthey, M. Pohlack, E. Polgreen, Michael Tautschnig, Pawel Wieczorkiewicz","doi":"10.34727/2020/isbn.978-3-85448-042-6_26","DOIUrl":null,"url":null,"abstract":"In practice, few security bugs found in source code are urgent, but quickly identifying which ones are is hard. We describe the application of bounded model checking to triaging reported issues quickly at the cloud service provider Amazon Web Services (AWS). We focus on the job of reactive security experts who need to determine the severity of bugs found in the Xen hypervisor. We show that, using our publicly available extensions to the model checker CBMC, a security expert can obtain traces to construct security tests and estimate the severity of the reported finding within 15 minutes. We believe that the changes made to the model checker, as well as the methodology for using tools in this scenario, will generalise to other organisations and environments.","PeriodicalId":105705,"journal":{"name":"2020 Formal Methods in Computer Aided Design (FMCAD)","volume":"46 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-09-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"Using model checking tools to triage the severity of security bugs in the Xen hypervisor\",\"authors\":\"B. Cook, Björn Döbel, D. Kroening, Norbert Manthey, M. Pohlack, E. Polgreen, Michael Tautschnig, Pawel Wieczorkiewicz\",\"doi\":\"10.34727/2020/isbn.978-3-85448-042-6_26\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In practice, few security bugs found in source code are urgent, but quickly identifying which ones are is hard. We describe the application of bounded model checking to triaging reported issues quickly at the cloud service provider Amazon Web Services (AWS). We focus on the job of reactive security experts who need to determine the severity of bugs found in the Xen hypervisor. We show that, using our publicly available extensions to the model checker CBMC, a security expert can obtain traces to construct security tests and estimate the severity of the reported finding within 15 minutes. We believe that the changes made to the model checker, as well as the methodology for using tools in this scenario, will generalise to other organisations and environments.\",\"PeriodicalId\":105705,\"journal\":{\"name\":\"2020 Formal Methods in Computer Aided Design (FMCAD)\",\"volume\":\"46 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-09-21\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 Formal Methods in Computer Aided Design (FMCAD)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.34727/2020/isbn.978-3-85448-042-6_26\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 Formal Methods in Computer Aided Design (FMCAD)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.34727/2020/isbn.978-3-85448-042-6_26","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 6
摘要
在实践中,在源代码中发现的安全漏洞很少是紧急的,但是快速识别哪些是困难的。我们描述了在云服务提供商Amazon Web Services (AWS)上使用有界模型检查快速分类报告问题的应用。我们关注的是响应式安全专家的工作,他们需要确定Xen管理程序中发现的错误的严重程度。我们表明,使用我们对模型检查器CBMC的公开可用扩展,安全专家可以获得构建安全测试的跟踪,并在15分钟内估计报告发现的严重性。我们相信对模型检查器所做的更改,以及在此场景中使用工具的方法,将推广到其他组织和环境中。
Using model checking tools to triage the severity of security bugs in the Xen hypervisor
In practice, few security bugs found in source code are urgent, but quickly identifying which ones are is hard. We describe the application of bounded model checking to triaging reported issues quickly at the cloud service provider Amazon Web Services (AWS). We focus on the job of reactive security experts who need to determine the severity of bugs found in the Xen hypervisor. We show that, using our publicly available extensions to the model checker CBMC, a security expert can obtain traces to construct security tests and estimate the severity of the reported finding within 15 minutes. We believe that the changes made to the model checker, as well as the methodology for using tools in this scenario, will generalise to other organisations and environments.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
