Skip to Main content Skip to Navigation
Conference papers

High-Precision Sound Analysis to Find Safety and Cybersecurity Defects

Abstract : In recent years, security concerns have become more and more relevant for safety-critical systems. Many cy-bersecurity vulnerabilities are caused by runtime errors, hence sound static runtime error analysis contributes to meeting both safety and security goals. In addition, for cybersecurity goals, often sophisticated data and control flow analyses are needed, e.g., to track the effects of corrupted values, or determine dependence on potentially corrupted inputs. A sound analysis can guarantee that neither control flow paths nor read or write accesses are missed, even in case of data or function pointer accesses. To be feasible for industrial use, a static analyzer must be precise, i.e., produce few false alarms, and it must be user-configurable to allow analyzing specific data and control flow properties. It must also support efficient alarm investigation to minimize the manual effort needed to review the findings of the analyzer. In this article we give an overview of novel extensions of the sound static analyzer Astrée to minimize the false alarm rate, and to support advanced data and control flow analysis by taint analysis and analysis-enhanced program slicing. We describe an application of Astrée's taint analysis framework to detect Spectre v1/1.1/SplitSpectre vulnerabilities. Astrée's program slicer can also be applied for alarm slicing, which can significantly reduce the manual effort of reviewing the analyzer findings. Practical experience is reported on industrial avionic and automotive applications.
Complete list of metadatas

Cited literature [18 references]  Display  Hide  Download

https://hal.archives-ouvertes.fr/hal-02479217
Contributor : Daniel Kästner <>
Submitted on : Friday, February 14, 2020 - 1:28:43 PM
Last modification on : Thursday, February 20, 2020 - 1:35:27 AM
Long-term archiving on: : Friday, May 15, 2020 - 4:04:13 PM

File

ERTS2020_paper_24.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-02479217, version 1

Collections

Citation

Daniel Kästner, Laurent Mauborgne, Stephan Wilhelm, Christian Ferdinand. High-Precision Sound Analysis to Find Safety and Cybersecurity Defects. 10th European Congress on Embedded Real Time Software and Systems (ERTS 2020), Jan 2020, TOULOUSE, France. ⟨hal-02479217⟩

Share

Metrics

Record views

44

Files downloads

56