Portable Software Fault Isolation

Author

Kroll, Joshua A. ; Stewart, Gordon ; Appel, Andrew W.

Author_Institution

Comput. Sci. Dept., Princeton Univ., Princeton, NJ, USA

fYear

2014

fDate

19-22 July 2014

Firstpage

18

Lastpage

32

Abstract

We present a new technique for architecture portable software fault isolation (SFI), together with a prototype implementation in the Coq proof assistant. Unlike traditional SFI, which relies on analysis of assembly-level programs, we analyze and rewrite programs in a compiler intermediate language, the Cminor language of the Comp Cert C compiler. But like traditional SFI, the compiler remains outside of the trusted computing base. By composing our program transformer with the verified back-end of Comp Cert and leveraging Comp Cert´s formally proved preservation of the behavior of safe programs, we can obtain binary modules that satisfy the SFI memory safety policy for any of Comp Cert´s supported architectures (currently: Power PC, ARM, and x86-32). This allows the same SFI analysis to be used across multiple architectures, greatly simplifying the most difficult part of deploying trustworthy SFI systems.

Keywords

program compilers; software fault tolerance; theorem proving; trusted computing; Cminor language; CompCert C compiler; Coq proof assistant; SFI memory safety policy; architecture portable software fault isolation; assembly-level program analysis; compiler intermediate language; trusted computing base; trustworthy SFI systems; Abstracts; Assembly; Computer architecture; Program processors; Safety; Security; Semantics; Architecture Portability; Memory Safety; Software Fault Isolation; Verified Compilers;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Security Foundations Symposium (CSF), 2014 IEEE 27th

Conference_Location

Vienna

Type

conf

DOI

10.1109/CSF.2014.10

Filename

6957100