Automated Verification of Security Protocol Implementations (CMU-CyLab-08-002)

Warning Design Guidelines (CMU-CyLab-13-002)

Towards a Theory of Secure Systems (CMU-CyLab-08-003)

We initiate a program to develop a principled theory of secure systems. Our main technical result is a formal logic for reasoning about a network of shared memory, multi-user systems. The logic is inspired by an existing logic for security protocols. It extends the attacker model and adds shared memory, time, and limited forms of access control. We prove soundness for the proof system in the pr...

Attacking, Repairing, and Verifying SecVisor: A Retrospective on the Security of a Hypervisor (CMU-CyLab-08-008)

SecVisor is a hypervisor designed to guarantee that only code approved by the user of a system executes at the privilege level of the OS kernel [17]. We employ a model checker to verify the design properties of SecVisor and identify two design-level attacks that violate SecVisor’s security requirements. Despite SecVisor’s narrow interface and tiny code size, our attacks were overlooked in both ...

Automated Verification of Security Protocol Implementations

We present a method that combines software model checking with a standard protocol security model to provide meaningful security analysis of protocol implementations in a completely automated manner. Our approach incorporates a standard symbolic attacker model and provides analogous guarantees about protocol implementations as previous work does for protocol specifications. We have implemented ...

Verified Cryptographic Implementations for TLS1

We intend to narrow the gap between concrete implementations of cryptographic protocols and their verified models. We develop and verify a small functional implementation of the Transport Layer Security protocol (TLS 1.0). We make use of the same executable code for interoperability testing against mainstream implementations, for automated symbolic cryptographic verification, and for automated ...