Fault-resilient non-interference
Paper i proceeding, 2016

Environmental noise (e.g. heat, ionized particles, etc.) causes transient faults in hardware, which lead to corruption of stored values. Mission-critical devices require such faults to be mitigated by fault-tolerance - a combination of techniques that aim at preserving the functional behaviour of a system despite the disruptive effects of transient faults. Fault-tolerance typically has a high deployment cost - special hardware might be required to implement it - and provides weak statistical guarantees. It is also based on the assumption that faults are rare. In this paper, we consider scenarios where security, rather than functional correctness, is the main asset to be protected. Our main contribution is a theory for expressing confidentiality of data in the presence of transient faults. We show that the natural probabilistic definition of security in the presence of faults can be captured by a possibilistic definition. Furthermore, the possibilistic definition is implied by a known bisimulation-based property, called Strong Security. We illustrate the utility of these results for a simple RISC architecture for which only the code memory and program counter are assumed fault-tolerant. We present a type-directed compilation scheme that produces RISC code from a higher-level language for which Strong Security holds - i.e. well-typed programs compile to RISC code which is secure despite transient faults. In contrast with fault-tolerance solutions, our technique assumes relatively little special hardware, gives formal guarantees, and works in the presence of an active attacker who aggressively targets parts of a system and induces faults precisely.

Non-interference

faults

Författare

Filippo Del Tedesco

Admeta AB

David Sands

Chalmers, Data- och informationsteknik, Programvaruteknik

Alejandro Russo

Chalmers, Data- och informationsteknik, Programvaruteknik

Proceedings - IEEE Computer Security Foundations Symposium

19401434 (ISSN)

Vol. 2016-August 401-416
978-1-5090-2607-4 (ISBN)

Ämneskategorier

Datavetenskap (datalogi)

DOI

10.1109/CSF.2016.35

ISBN

978-1-5090-2607-4

Mer information

Senast uppdaterat

2024-07-11