Verifying constant-time implementations by abstract interpretation

Verifying Constant-Time Implementations

The constant-time programming discipline is an effective countermeasure against timing attacks, which can lead to complete breaks of otherwise secure systems. However, adhering to constant-time programming is hard on its own, and extremely hard under additional efficiency and legacy constraints. This makes automated verification of constant-time code an essential component for building secure s...

Verifying Secrecy by Abstract Interpretation

Verifying Safety-Critical Properties of Embedded Software by Abstract Interpretation

Static program analysis by abstract interpretation is an efficient method to determine properties of embedded software. One example is value analysis, which determines the values stored in the processor registers. Its results are used as input to more advanced analyses, which ultimately yield information about the stack usage and the timing behavior of embedded software. 1 Abstract Interpretati...

Verifying Timing Behavior by Abstract Interpretation of Executable Code

Many tasks in safety-critical embedded systems have hard real-time characteristics. AbsInt’s worst-case execution time analyzer aiT can estimate precise and safe upper bounds for the WCETs of program tasks, thus providing the basic input for verifying the real-time behavior of embedded applications.

A Compositional Refinement Technique for Verifying Abstract Data Type Implementations

Data Type Implementations Sumesh Divakaran, Deepak D’Souza Anirudh Kushwah, Prahladavaradan Sampath, Nigamanth Sridhar, and Jim Woodcock 1 Indian Institute of Science, Bangalore, {sumeshd,deepakd,anirudhkushwah}@csa.iisc.ernet.in 2 MathWorks India, [email protected] 3 Cleveland State University, [email protected] 4 University of York, [email protected] Abstract. We propose a ...