cybersecurity for iot verify your software today
play

Cybersecurity for IoT: Verify your Software Today! Allan Blanchard, - PowerPoint PPT Presentation

Feb 01, 2024 •106 likes •694 views

Cybersecurity for IoT: Verify your Software Today! Allan Blanchard, Nikolai Kosmatov (based on a tutorial prepared with Frdric Loulergue) Outline Introduction Verification of absence of runtime errors using Frama-C/Eva Deductive

  1. Cybersecurity for IoT: Verify your Software Today! Allan Blanchard, Nikolai Kosmatov (based on a tutorial prepared with Frédéric Loulergue)

  2. Outline Introduction Verification of absence of runtime errors using Frama-C/Eva Deductive verification using Frama-C/WP Runtime Verification using Frama-C/E-ACSL Conclusion A. Blanchard, N. Kosmatov Cybersecurity for IoT: Verify your Software Today! FIC 2019 2 / 48

  3. Introduction Security in the IoT Outline Introduction Security in the IoT An overview of Frama-C The Contiki operating system Verification of absence of runtime errors using Frama-C/Eva Deductive verification using Frama-C/WP Runtime Verification using Frama-C/E-ACSL Conclusion A. Blanchard, N. Kosmatov Cybersecurity for IoT: Verify your Software Today! FIC 2019 3 / 48

  4. Introduction Security in the IoT Internet of Things ◮ connect all devices and services ◮ 46 billions devices by 2021 ◮ transport huge amounts of data (c) Internet Security Buzz A. Blanchard, N. Kosmatov Cybersecurity for IoT: Verify your Software Today! FIC 2019 4 / 48

  5. Introduction Security in the IoT And Security? A. Blanchard, N. Kosmatov Cybersecurity for IoT: Verify your Software Today! FIC 2019 5 / 48

  6. Introduction Security in the IoT And Security? A. Blanchard, N. Kosmatov Cybersecurity for IoT: Verify your Software Today! FIC 2019 5 / 48

  7. Introduction Security in the IoT And Security? A. Blanchard, N. Kosmatov Cybersecurity for IoT: Verify your Software Today! FIC 2019 5 / 48

  8. Introduction Security in the IoT And Security? A. Blanchard, N. Kosmatov Cybersecurity for IoT: Verify your Software Today! FIC 2019 5 / 48

  9. Introduction Security in the IoT And Security? A. Blanchard, N. Kosmatov Cybersecurity for IoT: Verify your Software Today! FIC 2019 5 / 48

  10. Introduction An overview of Frama-C Outline Introduction Security in the IoT An overview of Frama-C The Contiki operating system Verification of absence of runtime errors using Frama-C/Eva Deductive verification using Frama-C/WP Runtime Verification using Frama-C/E-ACSL Conclusion A. Blanchard, N. Kosmatov Cybersecurity for IoT: Verify your Software Today! FIC 2019 6 / 48

  11. Introduction An overview of Frama-C Frama-C Open-Source Distribution Framework for Analysis of C source code http://frama-c.com ◮ offers a specification language called ACSL ◮ targets both academic and industrial usage A. Blanchard, N. Kosmatov Cybersecurity for IoT: Verify your Software Today! FIC 2019 7 / 48

  12. Introduction An overview of Frama-C Frama-C, a Collection of Tools Several tools inside a single platform ◮ plugin architecture like in Eclipse ◮ over 20 plugins in the open-source distribution ◮ also close-source plugins, either at CEA (about 20) or outside ◮ a common kernel ◮ provides a uniform setting ◮ provides general services A. Blanchard, N. Kosmatov Cybersecurity for IoT: Verify your Software Today! FIC 2019 8 / 48

  13. Introduction An overview of Frama-C Plugin Gallery Eva Jessie Wp Aora¨ ı RTE Abstract Interpretation Specification Generation Deductive Verification Slicing Sparecode Formal Methods PathCrawler E-ACSL Clang Plugins Code Transformation Dynamic Analysis StaDy Semantic constant folding Browsing of unfamiliar code Sante Ltest Metrics Callgraph Impact Occurrence Scope & Data-flow browsing A. Blanchard, N. Kosmatov Cybersecurity for IoT: Verify your Software Today! FIC 2019 9 / 48

  14. Introduction An overview of Frama-C Use the Right Tool for the Right Task We may want to assure different degrees of confidence: ◮ absence of runtime errors or functional correctness ◮ partial/complete analysis (testing vs. verification) Different tools require from us more or less work: ◮ Just provide the source code ◮ Configure tool parameters ◮ Provide code annotations The higher the confidence is, the more information we have to provide A. Blanchard, N. Kosmatov Cybersecurity for IoT: Verify your Software Today! FIC 2019 10 / 48

  15. Introduction The Contiki operating system Outline Introduction Security in the IoT An overview of Frama-C The Contiki operating system Verification of absence of runtime errors using Frama-C/Eva Deductive verification using Frama-C/WP Runtime Verification using Frama-C/E-ACSL Conclusion A. Blanchard, N. Kosmatov Cybersecurity for IoT: Verify your Software Today! FIC 2019 11 / 48

  16. Introduction The Contiki operating system A lightweight OS for IoT Contiki is a lightweight operating system for IoT It provides a lot of features: ◮ (rudimentary) memory and process management ◮ networking stack and cryptographic functions ◮ ... Typical hardware platform: ◮ 8, 16, or 32-bit MCU (little or big-endian), ◮ low-power radio, some sensors and actuators, ... ms Group Note for security: there is no memory protection unit. A. Blanchard, N. Kosmatov Cybersecurity for IoT: Verify your Software Today! FIC 2019 12 / 48

  17. Introduction The Contiki operating system Contiki: Typical Applications ◮ IoT scenarios: smart cities, building automation, ... ◮ Multiple hops to cover large areas ◮ Low-power for battery-powered scenarios ◮ Nodes are interoperable and addressable (IP) Traffjc lights Parking spots Public transport Street lights Smart metering … Light bulbs Thermostat Power sockets CO2 sensors Door locks Smoke detectors 5 5 SICS Networked Embedded Systems Group … Sics th Sense A. Blanchard, N. Kosmatov Cybersecurity for IoT: Verify your Software Today! FIC 2019 13 / 48

  18. Verification of absence of runtime errors using Frama-C/Eva Runtime errors and the Eva plugin Outline Introduction Verification of absence of runtime errors using Frama-C/Eva Runtime errors and the Eva plugin Simple Example An application to Contiki Deductive verification using Frama-C/WP Runtime Verification using Frama-C/E-ACSL Conclusion A. Blanchard, N. Kosmatov Cybersecurity for IoT: Verify your Software Today! FIC 2019 14 / 48

  19. Verification of absence of runtime errors using Frama-C/Eva Runtime errors and the Eva plugin Runtime errors Runtime errors in C are undefined behaviors: ◮ out-of-bound accesses, ◮ integer overflows, ◮ division by 0, ◮ invalid pointers ◮ . . . They can raise important security issues ◮ For example, HeartBleed vulnerability (found in 2014 in OpenSSL) A. Blanchard, N. Kosmatov Cybersecurity for IoT: Verify your Software Today! FIC 2019 15 / 48

  20. Verification of absence of runtime errors using Frama-C/Eva Runtime errors and the Eva plugin Value Analysis Overview Compute possible values of variables at each program point ◮ an automatic analysis based on abstract interpretation ◮ computes a correct over-approximation ◮ reports alarms for potential runtime errors ◮ reports alarms for potentially invalid annotations ◮ can prove the absence of runtime errors ◮ graphical interface: displays the domains of each variable A. Blanchard, N. Kosmatov Cybersecurity for IoT: Verify your Software Today! FIC 2019 16 / 48

  21. Verification of absence of runtime errors using Frama-C/Eva Simple Example Outline Introduction Verification of absence of runtime errors using Frama-C/Eva Runtime errors and the Eva plugin Simple Example An application to Contiki Deductive verification using Frama-C/WP Runtime Verification using Frama-C/E-ACSL Conclusion A. Blanchard, N. Kosmatov Cybersecurity for IoT: Verify your Software Today! FIC 2019 17 / 48

  22. Verification of absence of runtime errors using Frama-C/Eva Simple Example Example 1 Run Eva: frama-c-gui div1.c -val -main=f int f ( int a ) { int x, y; int sum, result; if (a == 0) { x = 0; y = 0; } else { x = 5; y = 5; } sum = x + y; // sum can be 0 result = 10/sum; // risk of division by 0 return result; } A. Blanchard, N. Kosmatov Cybersecurity for IoT: Verify your Software Today! FIC 2019 18 / 48

  23. Verification of absence of runtime errors using Frama-C/Eva Simple Example Example 1 Run Eva: frama-c-gui div1.c -val -main=f int f ( int a ) { int x, y; int sum, result; if (a == 0) { x = 0; y = 0; } else { x = 5; y = 5; } sum = x + y; // sum can be 0 result = 10/sum; // risk of division by 0 return result; } Risk of division by 0 is detected, it is real. A. Blanchard, N. Kosmatov Cybersecurity for IoT: Verify your Software Today! FIC 2019 18 / 48

  24. Verification of absence of runtime errors using Frama-C/Eva Simple Example Example 2 Run Eva: frama-c-gui div2.c -val -main=f int f ( int a ) { int x, y; int sum, result; if (a == 0) { x = 0; y = 5; } else { x = 5; y = 0; } sum = x + y; // sum cannot be 0 result = 10/sum; // no div. by 0 return result; } A. Blanchard, N. Kosmatov Cybersecurity for IoT: Verify your Software Today! FIC 2019 19 / 48

  25. Verification of absence of runtime errors using Frama-C/Eva Simple Example Example 2 Run Eva: frama-c-gui div2.c -val -main=f int f ( int a ) { int x, y; int sum, result; if (a == 0) { x = 0; y = 5; } else { x = 5; y = 0; } sum = x + y; // sum cannot be 0 result = 10/sum; // no div. by 0 return result; } Risk of division by 0 is detected, but it is a false alarm. A. Blanchard, N. Kosmatov Cybersecurity for IoT: Verify your Software Today! FIC 2019 19 / 48

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Cybersecurity Today CYBERSECURITY IN TODAYS WORLD Cyberattacks in Wyoming Medical

Cybersecurity Today CYBERSECURITY IN TODAYS WORLD Cyberattacks in Wyoming Medical

Cybersecurity Today CYBERSECURITY IN TODAYS WORLD Cyberattacks in Wyoming Medical Facilities Local Government Schools Law Enforcement Media Outlets The threat and how to think about it Ransomware has rapidly emerged as the most

398 views • 15 slides
Fuzzing for CyberSecurity Abe Cohen 2019-11-13 Fuzzing for CyberSecurity What is

Fuzzing for CyberSecurity Abe Cohen 2019-11-13 Fuzzing for CyberSecurity What is

Fuzzing for CyberSecurity Abe Cohen 2019-11-13 Fuzzing for CyberSecurity What is fuzzing/fuzz testing? Why AFL? How does it work with GNAT Pro/Ada? Premise: Fuzz Testing Definition: Stable Software Software that is highly

649 views • 16 slides
CS 335 Software Development Introduction Jan 13, 2014 Healthcare.gov must verify a would-be

CS 335 Software Development Introduction Jan 13, 2014 Healthcare.gov must verify a would-be

CS 335 Software Development Introduction Jan 13, 2014 Healthcare.gov must verify a would-be applicants eligibility from Homeland Security, IRS and Social Security systems, in real time, plus enroll members electronically to any

346 views • 8 slides
U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity cybersecurity? William J. Perry Martin Casado Keith Coleman Dan Wendlandt MS&E 91SI Spring 2004 Stanford University U.S. National Cybersecurity

79 views • 7 slides
cybersecurity & compliance automation platform delivered in software as a service model

cybersecurity & compliance automation platform delivered in software as a service model

cybersecurity & compliance automation platform delivered in software as a service model plug&play cybersecurity plug&play compliance Defenselayers company purpose Defenselayers is an innovative, global cybersecurity startup. We

460 views • 13 slides
Trust But Verify Trust But Verify Trust But Verify Trust But Verify What Is CEC Entertainment?

Trust But Verify Trust But Verify Trust But Verify Trust But Verify What Is CEC Entertainment?

Trust But Verify Trust But Verify Trust But Verify Trust But Verify What Is CEC Entertainment? CEC Entertainment, Irving TX Founded by Nolan Bushnell Revenue What Is CEC Entertainment? What Is CEC Entertainment? What Is CEC Entertainment?

305 views • 19 slides
Verify 1099 Data 3 3 1 Verify 1099 Data Verify Vendors that will receive 1099s and their

Verify 1099 Data 3 3 1 Verify 1099 Data Verify Vendors that will receive 1099s and their

2019 CALENDAR YEAR-END CLOSING PROCEDURES 1 USAS-R CYE Procedures Verify 1099 Data Month End Close Calendar Year End Close 1099 Procedures TR1099 Program 2 2 Verify 1099 Data 3 3 1 Verify 1099 Data Verify Vendors

357 views • 8 slides
KAI Software YOUR IDEA.OUR SOFTWARE. Overview KAI SOFTWARE INC was founded in 1994 and today we

KAI Software YOUR IDEA.OUR SOFTWARE. Overview KAI SOFTWARE INC was founded in 1994 and today we

KAI Software YOUR IDEA.OUR SOFTWARE. Overview KAI SOFTWARE INC was founded in 1994 and today we create new software development solutions for projects with sizable data requirements. Having a background in mining industry, KAI Software have

267 views • 26 slides
Towards Secure Things, or How to Verify IoT Software with Frama-C Tutorial at ZINC 2018 Allan

Towards Secure Things, or How to Verify IoT Software with Frama-C Tutorial at ZINC 2018 Allan

Towards Secure Things, or How to Verify IoT Software with Frama-C Tutorial at ZINC 2018 Allan Blanchard, Nikolai Kosmatov, Fr ed eric Loulergue some slides authored by Julien Signoles Email: allan.blanchard@inria.fr,

1.79k views • 151 slides
Designing Robust Software Analysis and Artificial Intelligence Approaches For Cybersecurity

Designing Robust Software Analysis and Artificial Intelligence Approaches For Cybersecurity

Designing Robust Software Analysis and Artificial Intelligence Approaches For Cybersecurity Giacomo Iadarola Research fellow (Assegnista di Ricerca) at IIT-CNR PhD student at Department of Computer Science (University of Pisa) TUTOR: Fabio

850 views • 49 slides
Trust, but Verify: An Improved Estimating Technique Using the Integrated Master Schedule (IMS)

Trust, but Verify: An Improved Estimating Technique Using the Integrated Master Schedule (IMS)

Trust, but verify is a form of advice given which recommends that while a source of information might be considered reliable, one should perform additional research to verify that such information is accurate, or trustworthy. The original

437 views • 32 slides
Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives:

Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives:

Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives: Define Cybersecurity & why its important Provide information about Dept. Homeland Security Cybersecurity Campaigns: National

328 views • 22 slides
Practical BDD with Behat and Mink Jeremy Mikola (@jmikola) In order to verify application

Practical BDD with Behat and Mink Jeremy Mikola (@jmikola) In order to verify application

Practical BDD with Behat and Mink Jeremy Mikola (@jmikola) In order to verify application behavior As a software developer I need tests In order to verify application behavior As a software developer I need tests Preferably automated tests

482 views • 44 slides
Software Assurance and Cybersecurity William L Scherlis Professor of Computer Science

Software Assurance and Cybersecurity William L Scherlis Professor of Computer Science

Software Assurance and Cybersecurity William L Scherlis Professor of Computer Science Director, Institute for Software Research School of Nuclear Regulatory Commission Computer Science 17 December 2015 School of Computer Science Assurance

304 views • 6 slides
verify for NETCONF <draft-cole-netconf-verify-00.txt>

verify for NETCONF <draft-cole-netconf-verify-00.txt>

verify for NETCONF <draft-cole-netconf-verify-00.txt> <draft-cole-netconf-transaction-test-00.txt> Robert G. Cole 1 Dan Romascanu 2 Andy Bierman 3 1 U.S. Army CERDEC 2 Avaya dromasca@avaya.com 3 Netconf Central

87 views • 5 slides
SOFTWARE ENGINEERING SOFTWARE QUALITY - SOFTWARE QUALITY QUALITY COMPONENTS Today we talk

SOFTWARE ENGINEERING SOFTWARE QUALITY - SOFTWARE QUALITY QUALITY COMPONENTS Today we talk

SOFTWARE ENGINEERING SOFTWARE QUALITY - SOFTWARE QUALITY QUALITY COMPONENTS Today we talk about software process quality and certification Objective quality component: properties that can be Jyrki Nummenmaa University of Tampere, CS

438 views • 5 slides
W HAT S SPECIAL ABOUT S YSTEM C ALLS ? From the point of view of a programmer, system calls

W HAT S SPECIAL ABOUT S YSTEM C ALLS ? From the point of view of a programmer, system calls

I NTRODUCTION S IMULATION AND R EASONING F RAMEWORK C ODE P ROOFS C ONCLUSION AND F UTURE W ORK S IMULATION AND F ORMAL V ERIFICATION OF X 86 M ACHINE -C ODE P ROGRAMS THAT MAKE S YSTEM C ALLS Shilpi Goel Warren A. Hunt, Jr. Matt Kaufmann

889 views • 54 slides
87th Air Base Wing Joint Base McGuire-Dix-Lakehurst Restoration Advisory Board 16 March 2017

87th Air Base Wing Joint Base McGuire-Dix-Lakehurst Restoration Advisory Board 16 March 2017

87th Air Base Wing Joint Base McGuire-Dix-Lakehurst Restoration Advisory Board 16 March 2017 87th Air Base Wing Review of Action Items Mr. Curtis Frye, P.E. Chief, JBMDL Environmental Restoration Program AFCEC/CZOE Action Items JBMDL

1.49k views • 112 slides
Materials 2 Avoiding Mechanical Failure Week 8 Demo Personal body armour Ned Kellys

Materials 2 Avoiding Mechanical Failure Week 8 Demo Personal body armour Ned Kellys

Materials 2 Avoiding Mechanical Failure Week 8 Demo Personal body armour Ned Kellys armour in the State Library of Victoria by Chensiyuan Personal armour has always been a trade-off between protection and movement Steel armour ~ 1550

348 views • 10 slides
Command(s) Answer 4. 4. Write a function that accepts an array A in its arguments and returns the

Command(s) Answer 4. 4. Write a function that accepts an array A in its arguments and returns the

UNIVERSITY OF JORDAN UNIVERSITY OF JORDAN COMP CO MPUTER ENGI UTER ENGINEERIN NEERING DEPARTM G DEPARTMENT NT CPE0907311 COMPUTER CPE0907311 COMPUTER APPLICATIONS LAB APPLICATIONS LAB EXERCISE SHEET 5 EXERC SE SHEET 5 STUDY THE S

669 views • 3 slides
Gneiss A nice component framework in SPARK Johannes Kliemann FOSDEM, Brussels, 2020-02-02

Gneiss A nice component framework in SPARK Johannes Kliemann FOSDEM, Brussels, 2020-02-02

Gneiss A nice component framework in SPARK Johannes Kliemann FOSDEM, Brussels, 2020-02-02 Component-based Architectures Trusted Components Cant reimplement everything Solution: software reuse Protocol validator Untrusted

413 views • 17 slides
Absence of the singular spectrum in a twisted Dirichlet-Neumann waveguide Ph. Briet 1 J.Dittrich 2

Absence of the singular spectrum in a twisted Dirichlet-Neumann waveguide Ph. Briet 1 J.Dittrich 2

The Dittrich-K r problem References Questions The spectrum Mourre estimate Absence of the singular spectrum in a twisted Dirichlet-Neumann waveguide Ph. Briet 1 J.Dittrich 2 rk 3 D. Krej ci 1 Centre de Physique Thorique,CNRS,

216 views • 19 slides
strt r r

strt r r

strt r r r t ss rr

425 views • 24 slides
Security proofs in the symbolic model web services security, manual and automated proofs

Security proofs in the symbolic model web services security, manual and automated proofs

Security proofs in the symbolic model web services security, manual and automated proofs Karthikeyan Bhargavan INRIA karthikeyan.bhargavan@inria.fr http://prosecco.inria.fr/personal/karthik September 2013 Karthikeyan Bhargavan (INRIA)

800 views • 58 slides

More recommend