The HACMS program: using formal methods to eliminate exploitable bugs-Reference-Cited by-同舟云学术

The HACMS program: using formal methods to eliminate exploitable bugs

Published:2017-09-04 Issue:2104 Volume:375 Page:20150401
ISSN:1364-503X
Container-title:Philosophical Transactions of the Royal Society A: Mathematical, Physical and Engineering Sciences
language:en
Short-container-title:Phil. Trans. R. Soc. A.

Author:

Fisher Kathleen¹^ORCID,Launchbury John²,Richards Raymond²

Affiliation:

1. Department of Computer Science, Tufts University, Medford, MA, USA

2. DARPA, Arlington, VA, USA

Abstract

For decades, formal methods have offered the promise of verified software that does not have exploitable bugs. Until recently, however, it has not been possible to verify software of sufficient complexity to be useful. Recently, that situation has changed. SeL4 is an open-source operating system microkernel efficient enough to be used in a wide range of practical applications. Its designers proved it to be fully functionally correct, ensuring the absence of buffer overflows, null pointer exceptions, use-after-free errors, etc., and guaranteeing integrity and confidentiality. The CompCert Verifying C Compiler maps source C programs to provably equivalent assembly language, ensuring the absence of exploitable bugs in the compiler. A number of factors have enabled this revolution, including faster processors, increased automation, more extensive infrastructure, specialized logics and the decision to co-develop code and correctness proofs rather than verify existing artefacts. In this paper, we explore the promise and limitations of current formal-methods techniques. We discuss these issues in the context of DARPA’s HACMS program, which had as its goal the creation of high-assurance software for vehicles, including quadcopters, helicopters and automobiles. This article is part of the themed issue ‘Verified trustworthy software systems’.

Publisher

The Royal Society

Subject

General Physics and Astronomy,General Engineering,General Mathematics

Link

https://royalsocietypublishing.org/doi/pdf/10.1098/rsta.2015.0401

Reference53 articles.

1. Smith T. 2001 Hacker jailed for revenge sewage attacks. See http://www.theregister.co.uk/2001/10/31/hacker_jailed_for_revenge_sewage/.

2. Zetter K. 2011 Even prisons can be hacked now. See http://gizmodo.com/5826291/researchers-say-vulnerabilities-could-let-hackers-spring-prisoners-from-cells.

3. Radcliffe J. 2011 Hacking medical devices for fun and insulin: breaking the human SCADA system. See https://media.blackhat.com/bh-us-11/Radcliffe/BH_US_11_Radcliffe_Hacking_Medical_Devices_WP.pdf.

4. Storm D. 2015 Researchers hack a pacemaker kill a man(nequin). See http://www.computerworld.com/article/2981527/cybercrime-hacking/researchers-hack-a-pacemaker-kill-a-man-nequin.html.

5. Cui A Stolfo SJ. 2011 Print me if you dare: firmware modification attacks and the rise of printer malware. In The 28th Chaos Communication Congress . See http://ids.cs.columbia.edu/sites/default/files/CuiPrintMeIfYouDare.pdf.

Cited by 29 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Building a Scientific Foundation for Security: Multilayer Network Model Insights for System Security Engineering;INCOSE International Symposium;2024-07

2. Next Generation Vehicles, Safety, and Cybersecurity—The CMX Framework;IEEE Transactions on Intelligent Transportation Systems;2024-02

3. CoqMatrix: Formal matrix library with multiple models in Coq;Journal of Systems Architecture;2023-10

4. An analysis of how many undiscovered vulnerabilities remain in information systems;Computers & Security;2023-08

5. A Research Agenda for Space Flight Software Security;2023 IEEE 9th International Conference on Space Mission Challenges for Information Technology (SMC-IT);2023-07