System-level non-interference for constant-time cryptography
Cache-based attacks are a class of side-channel attacks that are particularly effective in
virtualized or cloud-based environments, where they have been used to recover secret keys …
virtualized or cloud-based environments, where they have been used to recover secret keys …
Model-driven development for the seL4 microkernel using the HAMR framework
J Belt, J Hatcliff, J Shackleton, J Carciofini… - Journal of Systems …, 2023 - Elsevier
Verified microkernels such as seL4 provide trustworthy foundations for safety-and security-
critical systems. However, their full potential remains unrealized due, in part, to the lack of …
critical systems. However, their full potential remains unrealized due, in part, to the lack of …
Slang: The SIREUM programming language
Robby, J Hatcliff - International Symposium on Leveraging Applications of …, 2021 - Springer
This paper presents design goals, development approaches, and applications for Slang–a
subset of the Scala programming language designed for engineering high assurance …
subset of the Scala programming language designed for engineering high assurance …
A monadic framework for relational verification: applied to information security, program equivalence, and optimizations
Relational properties describe multiple runs of one or more programs. They characterize
many useful notions of security, program refinement, and equivalence for programs with …
many useful notions of security, program refinement, and equivalence for programs with …
Axiomatising an information flow logic based on partial equivalence relations
We present a relational program logic for reasoning about information flow properties
formalised in an assertion language based on partial equivalence relations. We define and …
formalised in an assertion language based on partial equivalence relations. We define and …
A mechanized semantics for component-based systems in the HAMR AADL runtime
S Hallerstede, J Hatcliff - International Conference on Formal Aspects of …, 2023 - Springer
Many visions for model-driven component-based development emphasize models as the
“single source of truth” by which different forms of analysis, specification, verification, and …
“single source of truth” by which different forms of analysis, specification, verification, and …
End-to-end multilevel hybrid information flow control
L Beringer - Asian Symposium on Programming Languages and …, 2012 - Springer
We present models and soundness results for hybrid information flow, ie for mechanisms
that enforce noninterference-style security guarantees using a combination of static analysis …
that enforce noninterference-style security guarantees using a combination of static analysis …
Certification for configurable program analysis
MC Jakobs, H Wehrheim - Proceedings of the 2014 International SPIN …, 2014 - dl.acm.org
Configurable program analysis (CPA) is a generic concept for the formalization of different
software analysis techniques in a single framework. With the tool CPAchecker, this …
software analysis techniques in a single framework. With the tool CPAchecker, this …
[HTML][HTML] Content dependent information flow control
HR Nielson, F Nielson - Journal of Logical and Algebraic Methods in …, 2017 - Elsevier
Abstract Information flow control extends access control by not only regulating who is
allowed to access what data but also the subsequent use of the data. Applications within …
allowed to access what data but also the subsequent use of the data. Applications within …
Using architecture to reason about information security
S Chong, RVD Meyden - ACM Transactions on Information and System …, 2015 - dl.acm.org
We demonstrate, by a number of examples, that information flow security properties can be
proved from abstract architectural descriptions, which describe only the causal structure of a …
proved from abstract architectural descriptions, which describe only the causal structure of a …