Compilers: principles, techniques, and tools
Compilers: principles, techniques, and tools
The program dependence graph and its use in optimization
ACM Transactions on Programming Languages and Systems (TOPLAS)
PLDI '90 Proceedings of the ACM SIGPLAN 1990 conference on Programming language design and implementation
The use of program dependence graphs in software engineering
ICSE '92 Proceedings of the 14th international conference on Software engineering
A semantic approach to secure information flow
Science of Computer Programming - Special issue on mathematics of program construction
A Formal Security Model for Microprocessor Hardware
IEEE Transactions on Software Engineering
Java bytecode verification for secure information flow
ACM SIGPLAN Notices
Enforcing robust declassification and qualified robustness
Journal of Computer Security - Special issue on CSFW17
Information-Flow Security for Interactive Programs
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Efficient path conditions in dependence graphs for software safety analysis
ACM Transactions on Software Engineering and Methodology (TOSEM)
Information Flow Analysis for Fail-Secure Devices
The Computer Journal
Verifying abstract information flow properties in fault tolerant security devices
ICFEM'06 Proceedings of the 8th international conference on Formal Methods and Software Engineering
SIFA: a tool for evaluation of high-grade security devices
ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
The physically observable security of signature schemes
IMA'05 Proceedings of the 10th international conference on Cryptography and Coding
Information flow for Algol-like languages
Computer Languages, Systems and Structures
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Tool-supported dataflow analysis of a security-critical embedded device
AISC '12 Proceedings of the Tenth Australasian Information Security Conference - Volume 125
Hi-index | 0.00 |
Security-critical communications devices must be evaluated to the highest possible standards before they can be deployed. This process includes tracing potential information flow through the device's electronic circuitry, for each of the device's operating modes. Increasingly, however, security functionality is being entrusted to embedded software running on microprocessors within such devices, so new strategies are needed for integrating information flow analyses of embedded program code with hardware analyses. Here we show how standard compiler principles can augment high-integrity security evaluations to allow seamless tracing of information flow through both the hardware and software of embedded systems. This is done by unifying input/output statements in embedded program execution paths with the hardware pins they access, and by associating significant software states with corresponding operating modes of the surrounding electronic circuitry.