Automatic and Incremental Repair for Speculative Information Leaks (VMCAI 2024) - POPL 2024

Sun 14 - Sat 20 January 2024 London, United Kingdom

Who

Joachim Bard, Swen Jacobs, Yakir Vizel

Track

Time Zone

The program is currently displayed in (GMT) London.

Use conference time zone: (GMT) LondonSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

When

Mon 15 Jan 2024 14:00 - 14:20 at Marconi Room - Session 3: Security and Privacy, Model Checking and Synthesis Chair(s): Caterina Urban

Abstract

We present CureSpec, the first model-checking based framework for automatic repair of programs with respect to information leaks in the presence of side-channels and speculative execution. CureSpec is based on formal models of attacker capabilities, including observable side channels, inspired by the Spectre-PHT attacks. For a given attacker model, CureSpec is able to either prove that the program is secure, or detect potential side-channel vulnerabilities and automatically insert mitigations such that the resulting code is provably secure. Moreover, CureSpec can provide a certificate for the security of the program that can be independently checked. We have implemented CureSpec in the SeaHorn framework and show that it can effectively repair security-critical code, for example the AES encryption from the OpenSSL library.

Joachim Bard

CISPA Helmholtz Center for Information Security

Germany

Swen Jacobs

CISPA

Germany

Yakir Vizel

Technion—Israel Institute of Technology

Israel

Time Zone

The program is currently displayed in (GMT) London.

Use conference time zone: (GMT) LondonSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

Session Program

Mon 15 Jan
Displayed time zone: London change

	14:00 - 15:30	Session 3: Security and Privacy, Model Checking and SynthesisVMCAI at Marconi Room Chair(s): Caterina Urban Inria & École Normale Supérieure \| Université PSL

	14:00 20m Talk		Automatic and Incremental Repair for Speculative Information Leaks VMCAI Joachim Bard CISPA Helmholtz Center for Information Security, Swen Jacobs CISPA, Yakir Vizel Technion—Israel Institute of Technology
	14:20 20m Talk		Sound Abstract Nonexploitability Analysis VMCAI Francesco Parolini Sorbonne Université, Antoine Miné Sorbonne Université Pre-print
	14:40 20m Talk		Solving Two-Player Games under Progress Assumptions VMCAI Anne-Kathrin Schmuck MPI-SWS, K. S. Thejaswini The University of Warwick, Irmak Saglam Max Planck Institute for Software Systems (MPI-SWS), Satya Prakash Nayak Max Planck Institute for Software Systems (MPI-SWS) Pre-print
	15:00 20m Talk		Model-Guided Synthesis for LTL over Finite Traces VMCAI Shengping Xiao East China Normal University, Yongkang Li East China Normal University, Xinyue Huang East China Normal University, Yicong Xu East China Normal University, Jianwen Li East China Normal University, China, Geguang Pu East China Normal University, Ofer Strichman Technion, Moshe Vardi Rice University
	15:20 10m Talk		Generic Model Checking for Modal Fixpoint Logics in COOL-MC VMCAI Daniel Hausmann University of Gothenburg, Merlin Humml Friedrich-Alexander Universität Erlangen-Nürnberg, Simon Prucker Friedrich-Alexander Universität Erlangen-Nürnberg, Lutz Schröder University of Erlangen-Nuremberg, Aaron Strahlberger Friedrich-Alexander-Universität Erlangen-Nürnberg Pre-print