SlideShare une entreprise Scribd logo

OSIS18_IoT : Ada and SPARK - Defense in Depth for Safe Micro-controller Programming, by Fabien CHOUTEAU & Yannick MOY (Adacore)

Pôle Systematic Paris-Region
Pôle Systematic Paris-Region

The programming language Ada offers unique features to safely program a micro-controller. From the start, Ada was designed to make it difficult to introduce errors, and to make it easy to discover errors that were introduced. For example, language rules enforced at compile time make it possible to have safe concurrency by design. And run-time checking allows immediate detection of what would be "undefined behavior" in C/C++. In the first part of this presentation, we will present the benefits of using Ada for micro-controller programming, including support for debugging on a board. In the second part of this presentation, we will present how the Ada language and its subset SPARK provide a strong foundation for static analyzers, that make it possible to detect errors and provide guarantees on embedded software in Ada/SPARK.

Technologie
1  sur  15
Télécharger pour lire hors ligne
SPARK for Security Yannick Moy – AdaCore OSIS – May 24, 2018
Specification of effects Flow analysis Program implements specification SPARK – Flow Analysis 2
Specification of properties Proof Program implements specification SPARK – Proof 3
SPARK – a Subset of Ada pointers exception handlers controlled types function with effects 4 Ada features outside the SPARK subset Core language constructs common to Ada and SPARK Additional SPARK aspects Ada SPARK Abstract_State Initializes Initial_Condition Contract_Cases Global Depends strong typing low level programming generics object orientation concurrency
SPARK – a Simple Example 5 procedure Increment (X : in out Integer) with Global => null, Depends => (X => X), Pre => X < Integer'Last, Post => X = X'Old + 1; procedure Increment (X : in out Integer) is begin X := X + 1; end Increment; data dependencies flow dependencies functionality absence of runtime error
Software Assurance Levels 6
www.adacore.com/tokeneer github.com/AdaCore/spark2014/tree/master/testsuite/gnatprove/tests/tokeneer 7
Muen Separation Kernel The Muen Separation Kernel is the world’s first Open Source microkernel that has been formally proven to contain no runtime errors at the source code level. Runs on Intel x86/64 platform - developed at University of Rapperswil (Switzerland) with secunet (Germany) 8
Muen Separation Kernel https://muen.sk/ 9 2013 – 1st release 3000 sloc SPARK 300 sloc assembly 2014 – Linux subject support Migration to SPARK 2014 2017 – release 0.9 project website runs on MirageOS on Muen! 2015 – Genode subject support 2016 – Windows support via VirtualBox/Genode 2018 – MirageOS subject support
Componolit Secure Phone Aim at building a trustworthy mobile OS based on Genode + SPARK 10
Componolit Secure Phone https://github.com/Componolit Genode provides isolation between trusted (green) and untrusted SPARK provides confidence in trusted Secure architectures: policy objects, trusted wrapper, transient component 11
WooKey Secure USB Key Answer to BadUSB threat disclosed in 2014 Custom STM32 USB thumb drive designed for security Custom microkernel for security: MPU, safe languages, formal methods 12 Figure from the article accepted at SSTIC 2018 – “WooKey: USB Devices Strike Back”
Conclusion 13
SPARK for Security 14 SPARK supports 5 levels of increasing software assurance From strong semantic coding standard to full functional correctness Bronze level (correct information flow) is key for confidentiality Silver level (AoRTE) is a must-have for secure software SPARK can be combined with Ada at fine-grain (subprogram) level SPARK can be combined with C at coarser-grain (file) level Common Code Generator (CCG) generates C code from SPARK
SPARK Resources SPARK toolset http://www.adacore.com/sparkpro http://www.adacore.com/community SPARK adoption guidance www.adacore.com/knowledge/technical-papers/implementation-guidance-spark AdaCore Technologies for Cyber Security booklet https://www.adacore.com/books/adacore-tech-for-cyber-security SPARK reference documents (User’s Guide + Reference Manual) https://www.adacore.com/documentation/#SPARK SPARK online training http://u.adacore.com 15

Recommandé

Slide presentation of "How Bad Can a Bug Get? An Empirical Analysis of Softwa...
Slide presentation of "How Bad Can a Bug Get? An Empirical Analysis of Softwa...Slide presentation of "How Bad Can a Bug Get? An Empirical Analysis of Softwa...
Slide presentation of "How Bad Can a Bug Get? An Empirical Analysis of Softwa...
Pietro Liguori
 
Incident Response in Cyber-Relevant Time - OpenC2
Incident Response in Cyber-Relevant Time - OpenC2Incident Response in Cyber-Relevant Time - OpenC2
Incident Response in Cyber-Relevant Time - OpenC2
Vasileios Mavroeidis
 
Netw450 advanced network security with lab entire class
Netw450 advanced network security with lab entire classNetw450 advanced network security with lab entire class
Netw450 advanced network security with lab entire class
EugenioBrown1
 
EVIL: Exploiting Software via Natural Language
EVIL: Exploiting Software via Natural LanguageEVIL: Exploiting Software via Natural Language
EVIL: Exploiting Software via Natural Language
Pietro Liguori
 
Nareshkumar_CV
Nareshkumar_CVNareshkumar_CV
Nareshkumar_CV
Naresh Kumar
 
Sogeti Software Maintainability Roadshow
Sogeti Software Maintainability RoadshowSogeti Software Maintainability Roadshow
Sogeti Software Maintainability Roadshow
Peter Rombouts
 
Enhancing the Analysis of Software Failures in Cloud Computing Systems with D...
Enhancing the Analysis of Software Failures in Cloud Computing Systems with D...Enhancing the Analysis of Software Failures in Cloud Computing Systems with D...
Enhancing the Analysis of Software Failures in Cloud Computing Systems with D...
Pietro Liguori
 
[HES2013] Hacking apple accessories to pown iDevices – Wake up Neo! Your phon...
[HES2013] Hacking apple accessories to pown iDevices – Wake up Neo! Your phon...[HES2013] Hacking apple accessories to pown iDevices – Wake up Neo! Your phon...
[HES2013] Hacking apple accessories to pown iDevices – Wake up Neo! Your phon...
Hackito Ergo Sum
 

Recommandé

Slide presentation of "How Bad Can a Bug Get? An Empirical Analysis of Softwa...
Slide presentation of "How Bad Can a Bug Get? An Empirical Analysis of Softwa...Slide presentation of "How Bad Can a Bug Get? An Empirical Analysis of Softwa...
Slide presentation of "How Bad Can a Bug Get? An Empirical Analysis of Softwa...
Pietro Liguori
 
Incident Response in Cyber-Relevant Time - OpenC2
Incident Response in Cyber-Relevant Time - OpenC2Incident Response in Cyber-Relevant Time - OpenC2
Incident Response in Cyber-Relevant Time - OpenC2
Vasileios Mavroeidis
 
Netw450 advanced network security with lab entire class
Netw450 advanced network security with lab entire classNetw450 advanced network security with lab entire class
Netw450 advanced network security with lab entire class
EugenioBrown1
 
EVIL: Exploiting Software via Natural Language
EVIL: Exploiting Software via Natural LanguageEVIL: Exploiting Software via Natural Language
EVIL: Exploiting Software via Natural Language
Pietro Liguori
 
Nareshkumar_CV
Nareshkumar_CVNareshkumar_CV
Nareshkumar_CV
Naresh Kumar
 
Sogeti Software Maintainability Roadshow
Sogeti Software Maintainability RoadshowSogeti Software Maintainability Roadshow
Sogeti Software Maintainability Roadshow
Peter Rombouts
 
Enhancing the Analysis of Software Failures in Cloud Computing Systems with D...
Enhancing the Analysis of Software Failures in Cloud Computing Systems with D...Enhancing the Analysis of Software Failures in Cloud Computing Systems with D...
Enhancing the Analysis of Software Failures in Cloud Computing Systems with D...
Pietro Liguori
 
[HES2013] Hacking apple accessories to pown iDevices – Wake up Neo! Your phon...
[HES2013] Hacking apple accessories to pown iDevices – Wake up Neo! Your phon...[HES2013] Hacking apple accessories to pown iDevices – Wake up Neo! Your phon...
[HES2013] Hacking apple accessories to pown iDevices – Wake up Neo! Your phon...
Hackito Ergo Sum
 
Ug soar 22sep21
Ug soar 22sep21Ug soar 22sep21
Ug soar 22sep21
Eric Gardner
 
Patrick_Cross_Resume
Patrick_Cross_ResumePatrick_Cross_Resume
Patrick_Cross_Resume
Patrick Cross
 
Sogeti Java Meetup - How to ensure your code is maintainable
Sogeti Java Meetup - How to ensure your code is maintainableSogeti Java Meetup - How to ensure your code is maintainable
Sogeti Java Meetup - How to ensure your code is maintainable
Peter Rombouts
 
Devcon3 : iExec Allowing Scalable, Efficient, and Virtualized Off-chain Execu...
Devcon3 : iExec Allowing Scalable, Efficient, and Virtualized Off-chain Execu...Devcon3 : iExec Allowing Scalable, Efficient, and Virtualized Off-chain Execu...
Devcon3 : iExec Allowing Scalable, Efficient, and Virtualized Off-chain Execu...
Gilles Fedak
 
Maintainability Sogeti Qx Day 2020
Maintainability Sogeti Qx Day 2020Maintainability Sogeti Qx Day 2020
Maintainability Sogeti Qx Day 2020
Peter Rombouts
 
Network Security Open Source Software Developer Certification
Network Security Open Source Software Developer CertificationNetwork Security Open Source Software Developer Certification
Network Security Open Source Software Developer Certification
Vskills
 
Open Source IoT at Eclipse
Open Source IoT at EclipseOpen Source IoT at Eclipse
Open Source IoT at Eclipse
Ian Skerrett
 
Demystifying Software Defined Networking (SDN)
Demystifying Software Defined Networking (SDN)Demystifying Software Defined Networking (SDN)
Demystifying Software Defined Networking (SDN)
Matt Bynum
 
Make Your Home Smarter
Make Your Home SmarterMake Your Home Smarter
Make Your Home Smarter
Sameer Khandekar
 
Hacking & Securing of iOS Apps by Saurabh Mishra
Hacking & Securing of iOS Apps by Saurabh MishraHacking & Securing of iOS Apps by Saurabh Mishra
Hacking & Securing of iOS Apps by Saurabh Mishra
OWASP Delhi
 
Kavita resume startup
Kavita resume startupKavita resume startup
Kavita resume startup
Kavita Raghunathan
 
Resume_Appaji
Resume_AppajiResume_Appaji
Resume_Appaji
Appaji K
 
Kavita resume
Kavita resume Kavita resume
Kavita resume
Kavita Raghunathan
 
Satyam_Singh_cv
Satyam_Singh_cvSatyam_Singh_cv
Satyam_Singh_cv
Satyam Singh
 
Sagar_Ware_Resume
Sagar_Ware_ResumeSagar_Ware_Resume
Sagar_Ware_Resume
Sagar Ware
 
2018 Genivi Xen Overview Nov Update
2018 Genivi Xen Overview Nov Update2018 Genivi Xen Overview Nov Update
2018 Genivi Xen Overview Nov Update
The Linux Foundation
 
A CASE STUDY ON EMBEDDED SYSTEM SOFTWARE STACK LAYERS
A CASE STUDY ON EMBEDDED SYSTEM SOFTWARE STACK LAYERS A CASE STUDY ON EMBEDDED SYSTEM SOFTWARE STACK LAYERS
A CASE STUDY ON EMBEDDED SYSTEM SOFTWARE STACK LAYERS
MOHAMMED FURQHAN
 
Gnana Prasuna B_5.5 years
Gnana Prasuna B_5.5 yearsGnana Prasuna B_5.5 years
Gnana Prasuna B_5.5 years
Gnana Bocha
 
A Platform for Application Risk Intelligence
A Platform for Application Risk IntelligenceA Platform for Application Risk Intelligence
A Platform for Application Risk Intelligence
Checkmarx
 
Enterprise Java: Just What Is It and the Risks, Threats, and Exposures It Poses
Enterprise Java: Just What Is It and the Risks, Threats, and Exposures It PosesEnterprise Java: Just What Is It and the Risks, Threats, and Exposures It Poses
Enterprise Java: Just What Is It and the Risks, Threats, and Exposures It Poses
Alex Senkevitch
 
Android
Android Android
Android
Nishant Jain
 
Michael_Joshua_Validation
Michael_Joshua_ValidationMichael_Joshua_Validation
Michael_Joshua_Validation
MichaelJoshua
 

Contenu connexe

Tendances

Patrick_Cross_Resume
Patrick_Cross_ResumePatrick_Cross_Resume
Patrick_Cross_Resume
Patrick Cross
 

Tendances (10)

Ug soar 22sep21
Ug soar 22sep21Ug soar 22sep21
Ug soar 22sep21
 
Patrick_Cross_Resume
Patrick_Cross_ResumePatrick_Cross_Resume
Patrick_Cross_Resume
 
Sogeti Java Meetup - How to ensure your code is maintainable
Sogeti Java Meetup - How to ensure your code is maintainableSogeti Java Meetup - How to ensure your code is maintainable
Sogeti Java Meetup - How to ensure your code is maintainable
 
Devcon3 : iExec Allowing Scalable, Efficient, and Virtualized Off-chain Execu...
Devcon3 : iExec Allowing Scalable, Efficient, and Virtualized Off-chain Execu...Devcon3 : iExec Allowing Scalable, Efficient, and Virtualized Off-chain Execu...
Devcon3 : iExec Allowing Scalable, Efficient, and Virtualized Off-chain Execu...
 
Maintainability Sogeti Qx Day 2020
Maintainability Sogeti Qx Day 2020Maintainability Sogeti Qx Day 2020
Maintainability Sogeti Qx Day 2020
 
Network Security Open Source Software Developer Certification
Network Security Open Source Software Developer CertificationNetwork Security Open Source Software Developer Certification
Network Security Open Source Software Developer Certification
 
Open Source IoT at Eclipse
Open Source IoT at EclipseOpen Source IoT at Eclipse
Open Source IoT at Eclipse
 
Demystifying Software Defined Networking (SDN)
Demystifying Software Defined Networking (SDN)Demystifying Software Defined Networking (SDN)
Demystifying Software Defined Networking (SDN)
 
Make Your Home Smarter
Make Your Home SmarterMake Your Home Smarter
Make Your Home Smarter
 
Hacking & Securing of iOS Apps by Saurabh Mishra
Hacking & Securing of iOS Apps by Saurabh MishraHacking & Securing of iOS Apps by Saurabh Mishra
Hacking & Securing of iOS Apps by Saurabh Mishra
 

Similaire à OSIS18_IoT : Ada and SPARK - Defense in Depth for Safe Micro-controller Programming, by Fabien CHOUTEAU & Yannick MOY (Adacore)

Resume_Appaji
Resume_AppajiResume_Appaji
Resume_Appaji
Appaji K
 
Sagar_Ware_Resume
Sagar_Ware_ResumeSagar_Ware_Resume
Sagar_Ware_Resume
Sagar Ware
 
Gnana Prasuna B_5.5 years
Gnana Prasuna B_5.5 yearsGnana Prasuna B_5.5 years
Gnana Prasuna B_5.5 years
Gnana Bocha
 
Enterprise Java: Just What Is It and the Risks, Threats, and Exposures It Poses
Enterprise Java: Just What Is It and the Risks, Threats, and Exposures It PosesEnterprise Java: Just What Is It and the Risks, Threats, and Exposures It Poses
Enterprise Java: Just What Is It and the Risks, Threats, and Exposures It Poses
Alex Senkevitch
 
Michael_Joshua_Validation
Michael_Joshua_ValidationMichael_Joshua_Validation
Michael_Joshua_Validation
MichaelJoshua
 
OWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptxOWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptx
cgt38842
 

Similaire à OSIS18_IoT : Ada and SPARK - Defense in Depth for Safe Micro-controller Programming, by Fabien CHOUTEAU & Yannick MOY (Adacore) (20)

Kavita resume startup
Kavita resume startupKavita resume startup
Kavita resume startup
 
Resume_Appaji
Resume_AppajiResume_Appaji
Resume_Appaji
 
Kavita resume
Kavita resume Kavita resume
Kavita resume
 
Satyam_Singh_cv
Satyam_Singh_cvSatyam_Singh_cv
Satyam_Singh_cv
 
Sagar_Ware_Resume
Sagar_Ware_ResumeSagar_Ware_Resume
Sagar_Ware_Resume
 
2018 Genivi Xen Overview Nov Update
2018 Genivi Xen Overview Nov Update2018 Genivi Xen Overview Nov Update
2018 Genivi Xen Overview Nov Update
 
A CASE STUDY ON EMBEDDED SYSTEM SOFTWARE STACK LAYERS
A CASE STUDY ON EMBEDDED SYSTEM SOFTWARE STACK LAYERS A CASE STUDY ON EMBEDDED SYSTEM SOFTWARE STACK LAYERS
A CASE STUDY ON EMBEDDED SYSTEM SOFTWARE STACK LAYERS
 
Gnana Prasuna B_5.5 years
Gnana Prasuna B_5.5 yearsGnana Prasuna B_5.5 years
Gnana Prasuna B_5.5 years
 
A Platform for Application Risk Intelligence
A Platform for Application Risk IntelligenceA Platform for Application Risk Intelligence
A Platform for Application Risk Intelligence
 
Enterprise Java: Just What Is It and the Risks, Threats, and Exposures It Poses
Enterprise Java: Just What Is It and the Risks, Threats, and Exposures It PosesEnterprise Java: Just What Is It and the Risks, Threats, and Exposures It Poses
Enterprise Java: Just What Is It and the Risks, Threats, and Exposures It Poses
 
Android
Android Android
Android
 
Michael_Joshua_Validation
Michael_Joshua_ValidationMichael_Joshua_Validation
Michael_Joshua_Validation
 
Ankit sarin
Ankit sarinAnkit sarin
Ankit sarin
 
resumePdf
resumePdfresumePdf
resumePdf
 
Security Development Lifecycle Tools
Security Development Lifecycle ToolsSecurity Development Lifecycle Tools
Security Development Lifecycle Tools
 
OWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptxOWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptx
 
Software Bill of Materials - Accelerating Your Secure Embedded Development.pdf
Software Bill of Materials - Accelerating Your Secure Embedded Development.pdfSoftware Bill of Materials - Accelerating Your Secure Embedded Development.pdf
Software Bill of Materials - Accelerating Your Secure Embedded Development.pdf
 
OWASP_Top_Ten_Proactive_Controls_v32.pptx
OWASP_Top_Ten_Proactive_Controls_v32.pptxOWASP_Top_Ten_Proactive_Controls_v32.pptx
OWASP_Top_Ten_Proactive_Controls_v32.pptx
 
Unit testing of spark applications
Unit testing of spark applicationsUnit testing of spark applications
Unit testing of spark applications
 
OWASP_Top_Ten_Proactive_Controls version 2
OWASP_Top_Ten_Proactive_Controls version 2OWASP_Top_Ten_Proactive_Controls version 2
OWASP_Top_Ten_Proactive_Controls version 2
 

Plus de Pôle Systematic Paris-Region

OSIS19_IoT :Transparent remote connectivity to short-range IoT devices, by Na...
OSIS19_IoT :Transparent remote connectivity to short-range IoT devices, by Na...OSIS19_IoT :Transparent remote connectivity to short-range IoT devices, by Na...
OSIS19_IoT :Transparent remote connectivity to short-range IoT devices, by Na...
Pôle Systematic Paris-Region
 
OSIS19_Cloud : Qu’apporte l’observabilité à la gestion de configuration? par ...
OSIS19_Cloud : Qu’apporte l’observabilité à la gestion de configuration? par ...OSIS19_Cloud : Qu’apporte l’observabilité à la gestion de configuration? par ...
OSIS19_Cloud : Qu’apporte l’observabilité à la gestion de configuration? par ...
Pôle Systematic Paris-Region
 
OSIS19_Cloud : Performance and power management in virtualized data centers, ...
OSIS19_Cloud : Performance and power management in virtualized data centers, ...OSIS19_Cloud : Performance and power management in virtualized data centers, ...
OSIS19_Cloud : Performance and power management in virtualized data centers, ...
Pôle Systematic Paris-Region
 
Osis19_IoT: Proof of Pointer Programs with Ownership in SPARK, by Yannick Moy
Osis19_IoT: Proof of Pointer Programs with Ownership in SPARK, by Yannick MoyOsis19_IoT: Proof of Pointer Programs with Ownership in SPARK, by Yannick Moy
Osis19_IoT: Proof of Pointer Programs with Ownership in SPARK, by Yannick Moy
Pôle Systematic Paris-Region
 
Osis18_Cloud : Virtualisation efficace d’architectures NUMA
Osis18_Cloud : Virtualisation efficace d’architectures NUMAOsis18_Cloud : Virtualisation efficace d’architectures NUMA
Osis18_Cloud : Virtualisation efficace d’architectures NUMA
Pôle Systematic Paris-Region
 
OSIS18_IoT: L'approche machine virtuelle pour les microcontrôleurs, le projet...
OSIS18_IoT: L'approche machine virtuelle pour les microcontrôleurs, le projet...OSIS18_IoT: L'approche machine virtuelle pour les microcontrôleurs, le projet...
OSIS18_IoT: L'approche machine virtuelle pour les microcontrôleurs, le projet...
Pôle Systematic Paris-Region
 

Plus de Pôle Systematic Paris-Region (20)

OSIS19_IoT :Transparent remote connectivity to short-range IoT devices, by Na...
OSIS19_IoT :Transparent remote connectivity to short-range IoT devices, by Na...OSIS19_IoT :Transparent remote connectivity to short-range IoT devices, by Na...
OSIS19_IoT :Transparent remote connectivity to short-range IoT devices, by Na...
 
OSIS19_Cloud : SAFC: Scheduling and Allocation Framework for Containers in a ...
OSIS19_Cloud : SAFC: Scheduling and Allocation Framework for Containers in a ...OSIS19_Cloud : SAFC: Scheduling and Allocation Framework for Containers in a ...
OSIS19_Cloud : SAFC: Scheduling and Allocation Framework for Containers in a ...
 
OSIS19_Cloud : Qu’apporte l’observabilité à la gestion de configuration? par ...
OSIS19_Cloud : Qu’apporte l’observabilité à la gestion de configuration? par ...OSIS19_Cloud : Qu’apporte l’observabilité à la gestion de configuration? par ...
OSIS19_Cloud : Qu’apporte l’observabilité à la gestion de configuration? par ...
 
OSIS19_Cloud : Performance and power management in virtualized data centers, ...
OSIS19_Cloud : Performance and power management in virtualized data centers, ...OSIS19_Cloud : Performance and power management in virtualized data centers, ...
OSIS19_Cloud : Performance and power management in virtualized data centers, ...
 
OSIS19_Cloud : Des objets dans le cloud, et qui y restent -- L'expérience du ...
OSIS19_Cloud : Des objets dans le cloud, et qui y restent -- L'expérience du ...OSIS19_Cloud : Des objets dans le cloud, et qui y restent -- L'expérience du ...
OSIS19_Cloud : Des objets dans le cloud, et qui y restent -- L'expérience du ...
 
OSIS19_Cloud : Attribution automatique de ressources pour micro-services, Alt...
OSIS19_Cloud : Attribution automatique de ressources pour micro-services, Alt...OSIS19_Cloud : Attribution automatique de ressources pour micro-services, Alt...
OSIS19_Cloud : Attribution automatique de ressources pour micro-services, Alt...
 
OSIS19_IoT : State of the art in security for embedded systems and IoT, by Pi...
OSIS19_IoT : State of the art in security for embedded systems and IoT, by Pi...OSIS19_IoT : State of the art in security for embedded systems and IoT, by Pi...
OSIS19_IoT : State of the art in security for embedded systems and IoT, by Pi...
 
Osis19_IoT: Proof of Pointer Programs with Ownership in SPARK, by Yannick Moy
Osis19_IoT: Proof of Pointer Programs with Ownership in SPARK, by Yannick MoyOsis19_IoT: Proof of Pointer Programs with Ownership in SPARK, by Yannick Moy
Osis19_IoT: Proof of Pointer Programs with Ownership in SPARK, by Yannick Moy
 
Osis18_Cloud : Pas de commun sans communauté ?
Osis18_Cloud : Pas de commun sans communauté ?Osis18_Cloud : Pas de commun sans communauté ?
Osis18_Cloud : Pas de commun sans communauté ?
 
Osis18_Cloud : Projet Wolphin
Osis18_Cloud : Projet Wolphin Osis18_Cloud : Projet Wolphin
Osis18_Cloud : Projet Wolphin
 
Osis18_Cloud : Virtualisation efficace d’architectures NUMA
Osis18_Cloud : Virtualisation efficace d’architectures NUMAOsis18_Cloud : Virtualisation efficace d’architectures NUMA
Osis18_Cloud : Virtualisation efficace d’architectures NUMA
 
Osis18_Cloud : DeepTorrent Stockage distribué perenne basé sur Bittorrent
Osis18_Cloud : DeepTorrent Stockage distribué perenne basé sur BittorrentOsis18_Cloud : DeepTorrent Stockage distribué perenne basé sur Bittorrent
Osis18_Cloud : DeepTorrent Stockage distribué perenne basé sur Bittorrent
 
Osis18_Cloud : Software-heritage
Osis18_Cloud : Software-heritageOsis18_Cloud : Software-heritage
Osis18_Cloud : Software-heritage
 
OSIS18_IoT: L'approche machine virtuelle pour les microcontrôleurs, le projet...
OSIS18_IoT: L'approche machine virtuelle pour les microcontrôleurs, le projet...OSIS18_IoT: L'approche machine virtuelle pour les microcontrôleurs, le projet...
OSIS18_IoT: L'approche machine virtuelle pour les microcontrôleurs, le projet...
 
OSIS18_IoT: La securite des objets connectes a bas cout avec l'os et riot
OSIS18_IoT: La securite des objets connectes a bas cout avec l'os et riotOSIS18_IoT: La securite des objets connectes a bas cout avec l'os et riot
OSIS18_IoT: La securite des objets connectes a bas cout avec l'os et riot
 
OSIS18_IoT : Solution de mise au point pour les systemes embarques, par Julio...
OSIS18_IoT : Solution de mise au point pour les systemes embarques, par Julio...OSIS18_IoT : Solution de mise au point pour les systemes embarques, par Julio...
OSIS18_IoT : Solution de mise au point pour les systemes embarques, par Julio...
 
OSIS18_IoT : Securisation du reseau des objets connectes, par Nicolas LE SAUZ...
OSIS18_IoT : Securisation du reseau des objets connectes, par Nicolas LE SAUZ...OSIS18_IoT : Securisation du reseau des objets connectes, par Nicolas LE SAUZ...
OSIS18_IoT : Securisation du reseau des objets connectes, par Nicolas LE SAUZ...
 
OSIS18_IoT : RTEMS pour l'IoT professionnel, par Pierre Ficheux (Smile ECS)
OSIS18_IoT : RTEMS pour l'IoT professionnel, par Pierre Ficheux (Smile ECS)OSIS18_IoT : RTEMS pour l'IoT professionnel, par Pierre Ficheux (Smile ECS)
OSIS18_IoT : RTEMS pour l'IoT professionnel, par Pierre Ficheux (Smile ECS)
 
PyParis 2017 / Un mooc python, by thierry parmentelat
PyParis 2017 / Un mooc python, by thierry parmentelatPyParis 2017 / Un mooc python, by thierry parmentelat
PyParis 2017 / Un mooc python, by thierry parmentelat
 
PyParis2017 / Python pour les enseignants des classes préparatoires, by Olivi...
PyParis2017 / Python pour les enseignants des classes préparatoires, by Olivi...PyParis2017 / Python pour les enseignants des classes préparatoires, by Olivi...
PyParis2017 / Python pour les enseignants des classes préparatoires, by Olivi...
 

Dernier

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 

Dernier (20)

Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 

OSIS18_IoT : Ada and SPARK - Defense in Depth for Safe Micro-controller Programming, by Fabien CHOUTEAU & Yannick MOY (Adacore)

  • 1. SPARK for Security Yannick Moy – AdaCore OSIS – May 24, 2018
  • 4. SPARK – a Subset of Ada pointers exception handlers controlled types function with effects 4 Ada features outside the SPARK subset Core language constructs common to Ada and SPARK Additional SPARK aspects Ada SPARK Abstract_State Initializes Initial_Condition Contract_Cases Global Depends strong typing low level programming generics object orientation concurrency
  • 5. SPARK – a Simple Example 5 procedure Increment (X : in out Integer) with Global => null, Depends => (X => X), Pre => X < Integer'Last, Post => X = X'Old + 1; procedure Increment (X : in out Integer) is begin X := X + 1; end Increment; data dependencies flow dependencies functionality absence of runtime error
  • 8. Muen Separation Kernel The Muen Separation Kernel is the world’s first Open Source microkernel that has been formally proven to contain no runtime errors at the source code level. Runs on Intel x86/64 platform - developed at University of Rapperswil (Switzerland) with secunet (Germany) 8
  • 9. Muen Separation Kernel https://muen.sk/ 9 2013 – 1st release 3000 sloc SPARK 300 sloc assembly 2014 – Linux subject support Migration to SPARK 2014 2017 – release 0.9 project website runs on MirageOS on Muen! 2015 – Genode subject support 2016 – Windows support via VirtualBox/Genode 2018 – MirageOS subject support
  • 10. Componolit Secure Phone Aim at building a trustworthy mobile OS based on Genode + SPARK 10
  • 11. Componolit Secure Phone https://github.com/Componolit Genode provides isolation between trusted (green) and untrusted SPARK provides confidence in trusted Secure architectures: policy objects, trusted wrapper, transient component 11
  • 12. WooKey Secure USB Key Answer to BadUSB threat disclosed in 2014 Custom STM32 USB thumb drive designed for security Custom microkernel for security: MPU, safe languages, formal methods 12 Figure from the article accepted at SSTIC 2018 – “WooKey: USB Devices Strike Back”
  • 14. SPARK for Security 14 SPARK supports 5 levels of increasing software assurance From strong semantic coding standard to full functional correctness Bronze level (correct information flow) is key for confidentiality Silver level (AoRTE) is a must-have for secure software SPARK can be combined with Ada at fine-grain (subprogram) level SPARK can be combined with C at coarser-grain (file) level Common Code Generator (CCG) generates C code from SPARK
  • 15. SPARK Resources SPARK toolset http://www.adacore.com/sparkpro http://www.adacore.com/community SPARK adoption guidance www.adacore.com/knowledge/technical-papers/implementation-guidance-spark AdaCore Technologies for Cyber Security booklet https://www.adacore.com/books/adacore-tech-for-cyber-security SPARK reference documents (User’s Guide + Reference Manual) https://www.adacore.com/documentation/#SPARK SPARK online training http://u.adacore.com 15