UCL  IRIS
Institutional Research Information Service
UCL Logo
Please report any queries concerning the funding data grouped in the sections named "Externally Awarded" or "Internally Disbursed" (shown on the profile page) to your Research Finance Administrator. Your can find your Research Finance Administrator at https://www.ucl.ac.uk/finance/research/rs-contacts.php by entering your department
Please report any queries concerning the student data shown on the profile page to:

Email: portico-services@ucl.ac.uk

Help Desk: http://www.ucl.ac.uk/ras/portico/helpdesk
Publication Detail
Using model checking tools to triage the severity of security bugs in the Xen hypervisor
  • Publication Type:
    Conference
  • Authors:
    Cook B, Dobel B, Kroening D, Manthey N, Pohlack M, Polgreen E, Tautschnig M, Wieczorkiewicz P
  • Publication date:
    24/09/2020
  • Pagination:
    185, 193
  • Published proceedings:
    Proceedings of the 20th Conference on Formal Methods in Computer-Aided Design, FMCAD 2020
  • ISBN-13:
    9783854480426
  • Status:
    Published
  • Name of conference:
    20th Conference on Formal Methods in Computer-Aided Design, FMCAD 2020
Abstract
© 2020 FMCAD Association. In practice, few security bugs found in source code are urgent, but quickly identifying which ones are is hard. We describe the application of bounded model checking to triaging reported issues quickly at the cloud service provider Amazon Web Services (AWS). We focus on the job of reactive security experts who need to determine the severity of bugs found in the Xen hypervisor. We show that, using our publicly available extensions to the model checker CBMC, a security expert can obtain traces to construct security tests and estimate the severity of the reported finding within 15 minutes. We believe that the changes made to the model checker, as well as the methodology for using tools in this scenario, will generalise to other organisations and environments.
Publication data is maintained in RPS. Visit https://rps.ucl.ac.uk
 More search options
UCL Researchers
Author
Dept of Computer Science
University College London - Gower Street - London - WC1E 6BT Tel:+44 (0)20 7679 2000

© UCL 1999–2011

Search by