Verifying security invariants in expressoS

Haohui Mai; Edgar Pek; Hui Xue; Samuel T. King; P. Madhusudan

doi:10.1145/2499368.2451148

Verifying security invariants in expressoS

Haohui Mai, Edgar Pek, Hui Xue, Samuel T. King, P. Madhusudan

Research output: Contribution to journal › Article › peer-review

Abstract

Security for applications running on mobile devices is important. In this paper we present ExpressOS, a new OS for enabling highassurance applications to run on commodity mobile devices securely. Our main contributions are a new OS architecture and our use of formal methods for proving key security invariants about our implementation. In our use of formal methods, we focus solely on proving that our OS implements our security invariants correctly, rather than striving for full functional correctness, requiring significantly less verification effort while still proving the security relevant aspects of our system. We built ExpressOS, analyzed its security, and tested its performance. Our evaluation shows that the performance of ExpressOS is comparable to an Android-based system. In one test, we ran the same web browser on ExpressOS and on an Android-based system, and found that ExpressOS adds 16% overhead on average to the page load latency time for nine popular web sites.

Original language	English (US)
Pages (from-to)	293-303
Number of pages	11
Journal	ACM SIGPLAN Notices
Volume	48
Issue number	4
DOIs	https://doi.org/10.1145/2499368.2451148
State	Published - Apr 2013

Keywords

Automatic theorem proving
Microkernel
Mobile security
Programming by contracts

ASJC Scopus subject areas

Computer Science(all)

Online availability

10.1145/2499368.2451148

Library availability

Discover UIUC Full Text

Cite this

@article{0766dc8500fa4a4a9f480c2c375834d1,

title = "Verifying security invariants in expressoS",

abstract = "Security for applications running on mobile devices is important. In this paper we present ExpressOS, a new OS for enabling highassurance applications to run on commodity mobile devices securely. Our main contributions are a new OS architecture and our use of formal methods for proving key security invariants about our implementation. In our use of formal methods, we focus solely on proving that our OS implements our security invariants correctly, rather than striving for full functional correctness, requiring significantly less verification effort while still proving the security relevant aspects of our system. We built ExpressOS, analyzed its security, and tested its performance. Our evaluation shows that the performance of ExpressOS is comparable to an Android-based system. In one test, we ran the same web browser on ExpressOS and on an Android-based system, and found that ExpressOS adds 16% overhead on average to the page load latency time for nine popular web sites.",

keywords = "Automatic theorem proving, Microkernel, Mobile security, Programming by contracts",

author = "Haohui Mai and Edgar Pek and Hui Xue and King, {Samuel T.} and P. Madhusudan",

year = "2013",

month = apr,

doi = "10.1145/2499368.2451148",

language = "English (US)",

volume = "48",

pages = "293--303",

journal = "ACM SIGPLAN Notices",

issn = "1523-2867",

publisher = "Association for Computing Machinery (ACM)",

number = "4",

}

TY - JOUR

T1 - Verifying security invariants in expressoS

AU - Mai, Haohui

AU - Pek, Edgar

AU - Xue, Hui

AU - King, Samuel T.

AU - Madhusudan, P.

PY - 2013/4

Y1 - 2013/4

N2 - Security for applications running on mobile devices is important. In this paper we present ExpressOS, a new OS for enabling highassurance applications to run on commodity mobile devices securely. Our main contributions are a new OS architecture and our use of formal methods for proving key security invariants about our implementation. In our use of formal methods, we focus solely on proving that our OS implements our security invariants correctly, rather than striving for full functional correctness, requiring significantly less verification effort while still proving the security relevant aspects of our system. We built ExpressOS, analyzed its security, and tested its performance. Our evaluation shows that the performance of ExpressOS is comparable to an Android-based system. In one test, we ran the same web browser on ExpressOS and on an Android-based system, and found that ExpressOS adds 16% overhead on average to the page load latency time for nine popular web sites.

AB - Security for applications running on mobile devices is important. In this paper we present ExpressOS, a new OS for enabling highassurance applications to run on commodity mobile devices securely. Our main contributions are a new OS architecture and our use of formal methods for proving key security invariants about our implementation. In our use of formal methods, we focus solely on proving that our OS implements our security invariants correctly, rather than striving for full functional correctness, requiring significantly less verification effort while still proving the security relevant aspects of our system. We built ExpressOS, analyzed its security, and tested its performance. Our evaluation shows that the performance of ExpressOS is comparable to an Android-based system. In one test, we ran the same web browser on ExpressOS and on an Android-based system, and found that ExpressOS adds 16% overhead on average to the page load latency time for nine popular web sites.

KW - Automatic theorem proving

KW - Microkernel

KW - Mobile security

KW - Programming by contracts

UR - http://www.scopus.com/inward/record.url?scp=84880117726&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84880117726&partnerID=8YFLogxK

U2 - 10.1145/2499368.2451148

DO - 10.1145/2499368.2451148

M3 - Article

AN - SCOPUS:84880117726

SN - 1523-2867

VL - 48

SP - 293

EP - 303

JO - ACM SIGPLAN Notices

JF - ACM SIGPLAN Notices

IS - 4

ER -

Verifying security invariants in expressoS

Abstract

Keywords

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this