TY - GEN
T1 - A framework for testing hardware-software security architectures
AU - Dwoskin, Jeffrey S.
AU - Gomathisankaran, Mahadevan
AU - Chen, Yu Yuan
AU - Lee, Ruby B.
PY - 2010
Y1 - 2010
N2 - New security architectures are difficult to prototype and test at the design stage. Fine-grained monitoring of the interactions between hardware, the operating system and applications is required. We have designed and prototyped a testing framework, using virtualization, that can emulate the behavior of new hardware mechanisms in the virtual CPU and can perform a wide range of hardware and software attacks on the system under test. Our testing framework provides APIs for monitoring hardware and software events in the system under test, launching attacks, and observing their effects. We demonstrate its use by testing the security properties of the Secret Protection (SP) architecture using a suite of attacks. We show two important lessons learned from the testing of the SP architecture that affect the design and implementation of the architecture. Our framework enables extensive testing of hardware-software security architectures, in a realistic and flexible environment, with good performance provided by virtualization.
AB - New security architectures are difficult to prototype and test at the design stage. Fine-grained monitoring of the interactions between hardware, the operating system and applications is required. We have designed and prototyped a testing framework, using virtualization, that can emulate the behavior of new hardware mechanisms in the virtual CPU and can perform a wide range of hardware and software attacks on the system under test. Our testing framework provides APIs for monitoring hardware and software events in the system under test, launching attacks, and observing their effects. We demonstrate its use by testing the security properties of the Secret Protection (SP) architecture using a suite of attacks. We show two important lessons learned from the testing of the SP architecture that affect the design and implementation of the architecture. Our framework enables extensive testing of hardware-software security architectures, in a realistic and flexible environment, with good performance provided by virtualization.
UR - http://www.scopus.com/inward/record.url?scp=78751506009&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=78751506009&partnerID=8YFLogxK
U2 - 10.1145/1920261.1920318
DO - 10.1145/1920261.1920318
M3 - Conference contribution
AN - SCOPUS:78751506009
SN - 9781450301336
T3 - Proceedings - Annual Computer Security Applications Conference, ACSAC
SP - 387
EP - 397
BT - Proceedings - 26th Annual Computer Security Applications Conference, ACSAC 2010
PB - IEEE Computer Society
ER -