Fault-Tolerant Non-interference

• Published in: Engineering Secure Software and Systems Vol. 8364 LNCS; pp. 60 - 76
• Main Authors: Del Tedesco, Filippo, Russo, Alejandro, Sands, David
• Format: Book Chapter Conference Proceeding
• Language: English
• Published: Cham Springer International Publishing 2014
• Series: Lecture Notes in Computer Science
• Subjects: Assembly Program; Fault Tolerance; Label Transition System; Non-interference; Secret Data; security; Security Property; transient faults
• ISBN: 3319048961; 9783319048963
• ISSN: 0302-9743; 1611-3349; 1611-3349
• DOI: 10.1007/978-3-319-04897-0_5

This paper is about ensuring security in unreliable systems. We study systems which are subject to transient faults – soft errors that cause stored values to be corrupted. The classic problem of fault tolerance is to modify a system so that it works despite a limited number of faults. We introduce a novel variant of this problem. Instead of demanding that the system works despite faults, we simply require that it remains secure: wrong answers may be given but secrets will not be revealed. We develop a software-based technique to achieve this fault-tolerant non-interference property. The method is defined on a simple assembly language, and guarantees security for any assembly program provided as input. The security property is defined on top of a formal model that encompasses both the fault-prone machine and the faulty environment. A precise characterization of the class of programs for which the method guarantees transparency is provided.