Authors: Byron Cook, Kareem Khazem, Daniel Kroening, Serdar Tasiran, Michael Tautschnig and Mark R. Tuttle
Paper Information
| Title: | Model Checking Boot Code from AWS Data Centers |
| Authors: | Byron Cook, Kareem Khazem, Daniel Kroening, Serdar Tasiran, Michael Tautschnig and Mark R. Tuttle |
| Proceedings: | CAV All Papers |
| Editors: | Georg Weissenbacher, Hana Chockler and Igor Konnov |
| Keywords: | Boot code, Firmware, Symbolic execution, Hardware/software interfaces, Model checking |
| Abstract: | ABSTRACT. This paper describes our experience with symbolic model checking in an industrial setting. We have proved that the initial boot code running in data centers at Amazon Web Services is memory safe, an essential step in establishing the security of any data center. Standard static analysis tools cannot be easily used on boot code without modification due to issues not commonly found in higher-level code, including memory-mapped device interfaces, byte-level memory access, and linker scripts. This paper describes automated solutions to these issues and their implementation in the C Bounded Model Checker (CBMC). CBMC is now the first source-level static analysis tool to extract the memory layout described in a linker script for use in its analysis. |
| Pages: | 20 |
| Talk: | Jul 17 16:45 (Session 122A: CPS, Hardware, Industrial Applications) |
| Paper: |  |