Formal Vulnerability Analysis of Security Components

Feiten, Linus; Sauer, Matthias; Schubert, Tobias; Tomashevich, Victor; Polian, Ilia; Becker, Bernd

doi:10.1109/tcad.2015.2448687

Cited by 7 publications

(4 citation statements)

References 38 publications

(63 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Typically, model based simulations are used for analyzing the security vulnerabilities [14], [15], but they cannot cover all possible test cases in complex systems because of their computational constraints (energy and memory) [16] and floating point inaccuracies [17]. To ensure the completeness and accuracy, mathematical modeling and formal verification based vulnerability analysis techniques have been proposed [18], [19], [20], [21], [22], [23], [24], [25], [26], [27], as shown in Table 1. Although, to some extent, mathematical modeling can overcome above-mentioned limitations, it is still prone to human error and increases the design time.…”

Section: Related Workmentioning

confidence: 99%

“…The SAT solver based approaches are used for multistage assertion-based verification, code coverage analysis, redundant circuit removal for isolation of suspicious signals and sequential automatic test pattern generations in vulnerability analysis [18], [19]. However, they provide the information about the satisfaction of certain property but in case of failure they are unable to identify the reason, thus lack completeness in vulnerability analysis [31].…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

ForASec: Formal Analysis of Hardware Trojan-Based Security Vulnerabilities in Sequential Circuits

Khalid

Abbassi

Rehman

et al. 2022

IEEE Trans. Comput.-Aided Des. Integr. Circuits Syst.

View full text Add to dashboard Cite

Security vulnerability analysis of Integrated Circuits using conventional design-time validation and verification techniques is generally a computationally intensive task and incomplete by nature, under limited resources and time. To overcome this limitation, we propose a novel methodology based on model checking to formally analyze security vulnerabilities in sequential circuits considering side-channel parameters like propagation delay, switching and leakage power. In particular, we present a novel algorithm to efficiently partition the state-space into corresponding smaller state-spaces for faster security analysis of complex sequential circuits and thereby mitigating the associated state-space explosion due to their feedback loops. We analyze multiple ISCAS89 and trust-hub benchmarks to demonstrate the efficacy of our framework in identifying security vulnerabilities.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

ForASec: Formal Analysis of Hardware Trojan-Based Security Vulnerabilities in Sequential Circuits

Khalid

Abbassi

Rehman

et al. 2022

IEEE Trans. Comput.-Aided Des. Integr. Circuits Syst.

View full text Add to dashboard Cite

show abstract

“…There are, for example, fault attacks where the attacker aims to induce transient errors into the chip (Bar-El et al, 2006). Making a chip robust against fault attacks can therefore be similar to making it robust against system-inherent errors (Feiten et al, 2015). However, the crucial difference is that system-inherent errors occur anywhere with a given probability, whereas a deliberate fault-attack aims to induce errors at exactly the right time and location.…”

Section: Privacy-respecting Video Surveillancementioning

confidence: 99%

Trust in technology: interlocking trust concepts for privacy respecting video surveillance

Weydner-Volkmann

Feiten

2021

JICES

Self Cite

View full text Add to dashboard Cite

Purpose The purpose of this paper is to defend the notion of “trust in technology” against the philosophical view that this concept is misled and unsuitable for ethical evaluation. In contrast, it is shown that “trustworthy technology” addresses a critical societal need in the digital age as it is inclusive of IT-security risks not only from a technical but also from a public layperson perspective. Design/methodology/approach From an interdisciplinary perspective between philosophy andIT-security, the authors discuss a potential instantiation of a “trustworthy information and communication technology (ICT)”: a solution for privacy respecting video surveillance. Here, strong data protection measures address grave concerns such as the threat of bulk biometric tracking of citizens. In a logical argument, however, the authors show that this technical notion of “trust” needs to be complemented by interlocking trust relations to justify public trust. Findings Based on this argument, the authors demonstrate that the philosophical position considering “trust in technology” to denote either “reliability” or “interpersonal trust” is too limited as it fails to address critical aspects of IT-security. In a broader, socio-technical sense, however, it is shown that several distinct accounts of trust – technical, interpersonal and institutional – should meaningfully interlock, to address concerns with ICTs. Originality/value This conceptual study demonstrates the potential of “trust in technology” for a more comprehensive evaluation of ICTs within the context of operation. Furthermore, it adds to the discussion of trust in IT-security by highlighting the layperson’s challenge of judging a technology’s trustworthiness. Vice versa, it contributes to Ethics of Technology by highlighting crucial IT-security needs.

show abstract

“…The task of computing the number of models of a propositional formula, also referred to as #SAT, has various applications in hardware and software verification [5,4,12,15,11] as well as cryptography [16]. Classical applications are found in the area of probabilistic reasoning [24] as well as Bayesian networks [2,19,27] which are adopted in medical diagnosis and planning.…”

Section: Introductionmentioning

confidence: 99%

Combining Conflict-Driven Clause Learning and Chronological Backtracking for Propositional Model Counting

Möhle¹,

Biere²

EPiC Series in Computing

View full text Add to dashboard Cite

In propositional model counting, also named #SAT, the search space needs to be explored exhaustively, in contrast to SAT, where the task is to determine whether a propositional formula is satisfiable. While state-of-the-art SAT solvers are based on non- chronological backtracking, it has also been shown that backtracking chronologically does not significantly degrade solver performance. Hence investigating the combination of chronological backtracking with conflict-driven clause learning (CDCL) for #SAT seems evident. We present a calculus for #SAT combining chronological backtracking with CDCL and provide a formal proof of its correctness.

show abstract

Formal Vulnerability Analysis of Security Components

Cited by 7 publications

References 38 publications

ForASec: Formal Analysis of Hardware Trojan-Based Security Vulnerabilities in Sequential Circuits

ForASec: Formal Analysis of Hardware Trojan-Based Security Vulnerabilities in Sequential Circuits

Trust in technology: interlocking trust concepts for privacy respecting video surveillance

Combining Conflict-Driven Clause Learning and Chronological Backtracking for Propositional Model Counting

Contact Info

Product

Resources

About