Conferences in Research and Practice in Information Technology
  

Online Version - Last Updated - 20 Jan 2012

 

 
Home
 

 
Procedures and Resources for Authors

 
Information and Resources for Volume Editors
 

 
Orders and Subscriptions
 

 
Published Articles

 
Upcoming Volumes
 

 
Contact Us
 

 
Useful External Links
 

 
CRPIT Site Search
 
    

Tool-Supported Dataflow Analysis of a Security-Critical Embedded Device

Mills, C., Fidge, C. J. and Corney, D.

    Defence organisations perform information security evaluations to confirm that electronic communications devices are safe to use in security-critical situations. Such evaluations include tracing all possible dataflow paths through the device, but this process is tedious and error-prone, so automated reachability analysis tools are needed to make security evaluations faster and more accurate. Previous research has produced a tool, SIFA, for dataflow analysis of basic digital circuitry, but it cannot analyse dataflow through microprocessors embedded within the circuit since this depends on the software they run. We have developed a static analysis tool that produces SIFA-compatible dataflow graphs from embedded microcontroller programs written in C. In this paper we present a case study which shows how this new capability supports combined hardware and software dataflow analyses of a security-critical communications device.
Cite as: Mills, C., Fidge, C. J. and Corney, D. (2012). Tool-Supported Dataflow Analysis of a Security-Critical Embedded Device. In Proc. Australasian Information Security Conference (AISC 2012) Melbourne, Australia. CRPIT, 125. Pieprzyk, J.and Thomborson, C. Eds., ACS. 59-70
pdf (from crpit.com) pdf (local if available) BibTeX EndNote GS