Continuous Formal Verification of Amazon s2n

@inproceedings{Chudnov2018ContinuousFV,
  title={Continuous Formal Verification of Amazon s2n},
  author={Andrey Chudnov and Nathan Collins and Byron Cook and Joey Dodds and Brian Huffman and Colm MacC{\'a}rthaigh and Stephen Magill and Eric Mertens and Eric Mullen and Serdar Tasiran and Aaron Tomb and Edwin M. Westbrook},
  booktitle={CAV},
  year={2018}
}
We describe formal verification of s2n, the open source TLS implementation used in numerous Amazon services. A key aspect of this proof infrastructure is continuous checking, to ensure that properties remain proven during the lifetime of the software. At each change to the code, proofs are automatically re-established with little to no interaction from the developers. We describe the proof itself and the technical decisions that enabled integration into development. 
View via Publisher
link.springer.com
40 Citations
Highly Influential Citations
1
Background Citations
13
Methods Citations
8

40 Citations

Citation Type

Citation Type

Code-Level Model Checking in the Software Development Workflow
  • Nathan Chong, B. Cook, M. Tuttle
  • Computer Science
    2020 IEEE/ACM 42nd International Conference on Software Engineering: Software Engineering in Practice (ICSE-SEIP)
  • 2020
TLDR
This experience report describes a style of applying symbolic model checking developed over the course of four years at Amazon Web Services that can prove the correctness of industrial low-level C-based systems with reasonable effort and predictability.
Verifying Verified Code
TLDR
This paper port the verification tasks for aws-c-common library to SeaHorn and KLEE, and shows the benefits of using compiler semantics and crosschecking specifications with different verification techniques, and calls for standardizing proof library extensions to increase specification reuse.
Formal Reasoning About the Security of Amazon Web Services
We report on the development and use of formal verification tools within Amazon Web Services (AWS) to increase the security assurance of its cloud infrastructure and to help customers secure
Boost the Impact of Continuous Formal Verification in Industry
TLDR
The proposed approach looks at the modifications to the software system since its last verification, and submits them to a continuous formal verification process, guided by a set of regression test cases.
End-to-End Formal Verification of Ethereum 2.0 Deposit Smart Contract
TLDR
This work verified the correctness of the compiled bytecode of the deposit contract to avoid the need to trust the underlying compiler, and found several critical issues during the verification process.
Lemma Functions for Frama-C: C Programs as Proofs
TLDR
The lemma functions method is outlined and the corresponding ACSL extension is presented, its implementation in Frama-C, and evaluation on a set of string-manipulating functions from the Linux kernel.
Formal specification and testing of QUIC
TLDR
This work develops a formal specification of the wire protocol, and uses this specification to generate automated randomized testers for implementations of QUIC, and describes the experience applying a methodology of compositional specification-based testing to QUIC.
Compositional Testing of Internet Protocols
TLDR
A methodology of Network-centric Compositional Testing (NCT) is introduced to develop formal wire specifications of Internet protocols and to test protocol implementations for compliance to a common standard, and its specific application to QUIC is summarized.
Applying formal verification to microkernel IPC at meta
TLDR
The verification effort proved that the queue algorithms are correct and uncovered four algorithmic simplifications as well as bugs in client code, all in a performance-sensitive part of the OS.
Scaling symbolic evaluation for automated verification of systems code with Serval
This paper presents Serval, a framework for developing automated verifiers for systems software. Serval provides an extensible infrastructure for creating verifiers by lifting interpreters under
...
1
2
3
4
...

References

SHOWING 1-10 OF 24 REFERENCES
Verified Correctness and Security of OpenSSL HMAC
TLDR
This is the first machine-checked cryptographic proof that combines a source-program implementation proof, a compiler-correctness proof, and a cryptographic-security proof, with no gaps at the specification interfaces.
Not-quite-so-broken TLS: lessons in re-engineering a security protocol specification and implementation
Transport Layer Security (TLS) implementations have a history of security flaws. The immediate causes of these are often programming errors, e.g. in memory management, but the root causes are more
Not-Quite-So-Broken TLS: Lessons in Re-Engineering a Security Protocol Specification and Implementation
Transport Layer Security (TLS) implementations have a history of security flaws. The immediate causes of these are often programming errors, e.g. in memory management, but the root causes are more
Pragmatic equivalence and safety checking in Cryptol
TLDR
An overview of Cryptol's verification toolset is provided, describing the experiences with building a practical programming environment with dedicated support for formal verification.
Compiling CAO: From Cryptographic Specifications to C Implementations
We present a compiler for CAO, an imperative DSL for the cryptographic domain. The tool takes high-level cryptographic algorithm specifications and translates them into C implementations through a
Protocol State Fuzzing of TLS Implementations
TLDR
This approach can catch an interesting class of implementation flaws that is apparently common in security protocol implementations: in three of the TLS implementations analysed new security flaws were found (in GnuTLS, the Java Secure Socket Extension, and OpenSSL).
Implementing TLS with Verified Cryptographic Security
TLDR
A verified reference implementation of TLS 1.2 is developed, including security specifications for its main components, such as authenticated stream encryption for the record layer and key establishment for the handshake, and typecheck the protocol state machine.
A Messy State of the Union: Taming the Composite State Machines of TLS
TLDR
This work systematically test popular open-source TLS implementations for state machine bugs and discovers several critical security vulnerabilities that have lain hidden in these libraries for years, and have now finally been patched due to the disclosures.
Continuous Reasoning: Scaling the impact of formal methods
TLDR
The rationale for continuous reasoning is described, some success cases from within industry are outlined, and directions for work by the scientific community are proposed.
Jasmin: High-Assurance and High-Speed Cryptography
TLDR
Using the supercop framework, this work evaluates the Jasmin compiler on representative cryptographic routines and concludes that the code generated by the compiler is as efficient as fast, hand-crafted, implementations.
...
1
2
3
...