Towards Completeness: Security Coverage Metrics for System Level Information Flow
Konferenz: MBMV 2024 - 27. Workshop
14.02.2024-15.02.2024 in Kaiserslautern
Tagungsband: ITG-Fb. 314: MBMV 2024
Seiten: 4Sprache: EnglischTyp: PDF
Autoren:
Demirhan Coskun, Ece Nur (Cyber-Physical Systems, DFKI GmbH, Bremen, Germany)
Ahmadi-Pour, Sallar; Hassan, Muhammad; Drechsler, Rolf (Cyber-Physical Systems, DFKI GmbH, Bremen, Germany & Institute of Computer Science, University of Bremen, Germany)
Inhalt:
The increasing use of complex, feature-rich systems necessitates robust security measures. A single vulnerability can trigger far-reaching and disastrous outcomes, such as rendering various Intellectual Properties (IPs) unavailable and causing system malfunction. It is crucial to integrate security policies early in the design phase and to define specific Security Properties (SPs) regarding threat models. To tackle various threat models and pinpoint potential violations, we assess the SPs using Security Coverage Metrics (SCMs). This paper provides an overview of SCMs targeting availability threats and related weaknesses for system level information flow. To implement the SCMs, we show SiMiT; a tool that leverages Virtual Prototypes (VP) and uses Static and Dynamic Information Flow Tracking (IFT) techniques. We demonstrate the applicability of the SCMs on an open-source RISC-V VP to show how these metrics advance the concept of security-aware Completeness Driven Development (CDD) and secure System-on-Chip (SOC) designs. Finally, we discuss the future direction of SCMs.