DeepAI AI Chat
Log In Sign Up

LIO*: Low Level Information Flow Control in F*

by   Jean-Joseph Marty, et al.

We present Labeled Input Output in F* (LIO*), a verified framework that enforces information flow control (IFC) policies developed in F* and automatically extracted to C. Inspired by LIO, we encapsulated IFC policies into effects, but using F* we derived efficient, low level, and provably correct code. Concretely, runtime checks are lifted to static proof obligations, the developed code is automatically extracted to C and proved non-interferent using metaprogramming. We benchmarked our framework on three clients and observed up to 54 statically. Our framework is designed to aid development of embedded devices where both enforcement of security policies and low level efficient code is critical.


page 1

page 2

page 3

page 4


VST-Flow: Fine-grained low-level reasoning about real-world C code

We show how support for information-flow security proofs could be added ...

An Instrumenting Compiler for Enforcing Confidentiality in Low-Level Code

We present an instrumenting compiler for enforcing data confidentiality ...

Static Deadlock Detection in Low-Level C Code

We present a novel scalable deadlock analyser L2D2 capable of handling C...

Towards Neural Decompilation

We address the problem of automatic decompilation, converting a program ...

Sim-to-(Multi)-Real: Transfer of Low-Level Robust Control Policies to Multiple Quadrotors

Quadrotor stabilizing controllers often require careful, model-specific ...

The Effectiveness of Low-Level Structure-based Approach Toward Source Code Plagiarism Level Taxonomy

Low-level approach is a novel way to detect source code plagiarism. Such...

FineIBT: Fine-grain Control-flow Enforcement with Indirect Branch Tracking

We present the design, implementation, and evaluation of FineIBT: a CFI ...