Salvato in:
Dettagli Bibliografici
Autori principali: Fiedler, Ben, Gruetter, Samuel, Roscoe, Timothy
Natura: Preprint
Pubblicazione: 2025
Soggetti:
Accesso online:https://arxiv.org/abs/2510.27485
Tags: Aggiungi Tag
Nessun Tag, puoi essere il primo ad aggiungerne!!
_version_ 1866915945247670272
author Fiedler, Ben
Gruetter, Samuel
Roscoe, Timothy
author_facet Fiedler, Ben
Gruetter, Samuel
Roscoe, Timothy
contents The ever increasing complexity of hardware platforms poses a challenge to systems programmers. Correctly programming a multitude of components, providing functionality and security, is difficult: semantics of individual units are described in prose, underspecified, and prone to inaccuracies. Rigorous statements about platform security are often impossible. We introduce a domain-specific language to describe hardware semantics, assumptions about software behavior, and desired security properties. We then create machine-readable specifications for a diverse set of eight platforms from their reference manuals, and formally prove their (in-)security. In addition to security proofs about memory confidentiality and integrity, we discover a handful of documentation errors. Finally, our analysis also revealed a vulnerability on a real-world server chip, which was confirmed by the vendor to apply to a wide family of deployed network appliances. Our tooling offers system integrators a way of formally describing security properties for whole platforms, and the means to find counterexamples, or proving them correct.
format Preprint
id arxiv_https___arxiv_org_abs_2510_27485
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Sockeye: a language for analyzing hardware documentation
Fiedler, Ben
Gruetter, Samuel
Roscoe, Timothy
Cryptography and Security
Operating Systems
Programming Languages
The ever increasing complexity of hardware platforms poses a challenge to systems programmers. Correctly programming a multitude of components, providing functionality and security, is difficult: semantics of individual units are described in prose, underspecified, and prone to inaccuracies. Rigorous statements about platform security are often impossible. We introduce a domain-specific language to describe hardware semantics, assumptions about software behavior, and desired security properties. We then create machine-readable specifications for a diverse set of eight platforms from their reference manuals, and formally prove their (in-)security. In addition to security proofs about memory confidentiality and integrity, we discover a handful of documentation errors. Finally, our analysis also revealed a vulnerability on a real-world server chip, which was confirmed by the vendor to apply to a wide family of deployed network appliances. Our tooling offers system integrators a way of formally describing security properties for whole platforms, and the means to find counterexamples, or proving them correct.
title Sockeye: a language for analyzing hardware documentation
topic Cryptography and Security
Operating Systems
Programming Languages
url https://arxiv.org/abs/2510.27485