short-paper

SAW: the software analysis workbench

Authors:

Aaron TombAuthors Info & Claims

HILT '13: Proceedings of the 2013 ACM SIGAda annual conference on High integrity language technology

Pages 15 - 18

https://doi.org/10.1145/2527269.2527277

Published: 10 November 2013 Publication History

Get Access

Abstract

Galois has developed a suite of symbolic simulation and formal analysis tools, collectively called the Software Analysis Workbench (SAW). SAW provides security analysts and engineers with the ability to generate formal models from C and Java programs and prove properties of those programs using several automated verification tools. SAW is primarily used to verify the correctness of cryptographic implementations, and is able to import specifications written in Cryptol, a language developed by Galois for specifying cryptographic primitives.

In this short paper, we describe the main components of SAW. We then given an overview of the cryptographic implementations that have been verified.

References

[1]

R. K. Brayton and A. Mishchenko. ABC: An academic industrial-strength verification tool. In T. Touili, B. Cook, and P. Jackson, editors, CAV, volume 6174 of Lecture Notes in Computer Science, pages 24--40. Springer, 2010.

Digital Library

Google Scholar

[2]

B. Dutertre and L. de Moura. Yices 2.0. Available at http://yices.csl.sri.com/.

Google Scholar

[3]

L. Erkök, M. Carlsson, and A. Wick. Hardware/software co-verification of cryptographic algorithms using cryptol. In FMCAD, pages 188--191. IEEE, 2009.

Crossref

Google Scholar

[4]

National Institute of Standards and Technology. FIPS PUB 186-4: Digital signature standard (DSS), July 2013.

Google Scholar

Cited By

View all

Sun PSong FChen YChen T(2024)EasyBC: A Cryptography-Specific Language for Security Analysis of Block Ciphers against Differential CryptanalysisProceedings of the ACM on Programming Languages10.1145/36328718:POPL(848-881)Online publication date: 5-Jan-2024
https://dl.acm.org/doi/10.1145/3632871
Xu M(2024)Research Report: Not All Move Specifications Are Created Equal : A Case Study on the Formally Verified Diem Payment Network2024 IEEE Security and Privacy Workshops (SPW)10.1109/SPW63631.2024.00024(200-214)Online publication date: 23-May-2024
https://doi.org/10.1109/SPW63631.2024.00024
Ji RXu M(2023)Finding Specification Blind Spots via Fuzz Testing2023 IEEE Symposium on Security and Privacy (SP)10.1109/SP46215.2023.10179438(2708-2725)Online publication date: May-2023
https://doi.org/10.1109/SP46215.2023.10179438
Show More Cited By

SAW: the software analysis workbench
1. Security and privacy
2. Software and its engineering
  1. Software creation and management
    1. Software verification and validation

Recommendations

SAW: the software analysis workbench
HILT '13

Galois has developed a suite of symbolic simulation and formal analysis tools, collectively called the Software Analysis Workbench (SAW). SAW provides security analysts and engineers with the ability to generate formal models from C and Java programs ...
SAW: Wristband-based Authentication for Desktop Computers

Token-based proximity authentication methods that authenticate users based on physical proximity are effortless, but lack explicit user intentionality, which may result in accidental logins. For example, a user may get logged in when she is near a ...
FEM simulation of Rayleigh waves for SAW devices based on ZnO/AlN/Si

Display Omitted Propagation characteristics of SAW in the ZnO/Si and ZnO/AlN/Si structures are studied.Several parameters were calculated like Vp and TCF.The increased performance of the SAW resonator by inserting a AlN layer is shown.Temperature ...

Comments

Information & Contributors

Information

Published In

HILT '13: Proceedings of the 2013 ACM SIGAda annual conference on High integrity language technology

November 2013

100 pages

ISBN:9781450324670

DOI:10.1145/2527269

Co-chair:
S. Tucker Taft
AdaCore
,
Conference Chair:
Jeff Boleng
The Software Engineering Institute

ACM SIGAda Ada Letters Volume 33, Issue 3
HILT '13
December 2013
80 pages
ISSN:1094-3641
DOI:10.1145/2658982
Editors:
Pat Rogers
AdaCore, Friendswood, TX
,
Alok Srivastava
Northrop Grumman Corporation, Washington, DC
Issue’s Table of Contents

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

In-Cooperation

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 10 November 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Short-paper

Conference

HILT 2013

Sponsor:

Ada Europe
SIGAda

HILT 2013: High Integrity Language Technology ACM SIGAda Annual

November 10 - 14, 2013

Pennsylvania, Pittsburgh, USA

Acceptance Rates

HILT '13 Paper Acceptance Rate 9 of 17 submissions, 53%;

Overall Acceptance Rate 27 of 48 submissions, 56%

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

12
Total Citations
View Citations
224
Total Downloads

Downloads (Last 12 months)12
Downloads (Last 6 weeks)0

Reflects downloads up to 21 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Sun PSong FChen YChen T(2024)EasyBC: A Cryptography-Specific Language for Security Analysis of Block Ciphers against Differential CryptanalysisProceedings of the ACM on Programming Languages10.1145/36328718:POPL(848-881)Online publication date: 5-Jan-2024
https://dl.acm.org/doi/10.1145/3632871
Xu M(2024)Research Report: Not All Move Specifications Are Created Equal : A Case Study on the Formally Verified Diem Payment Network2024 IEEE Security and Privacy Workshops (SPW)10.1109/SPW63631.2024.00024(200-214)Online publication date: 23-May-2024
https://doi.org/10.1109/SPW63631.2024.00024
Ji RXu M(2023)Finding Specification Blind Spots via Fuzz Testing2023 IEEE Symposium on Security and Privacy (SP)10.1109/SP46215.2023.10179438(2708-2725)Online publication date: May-2023
https://doi.org/10.1109/SP46215.2023.10179438
Brain MCid CPlayer RRobson W(2023)Verifying Classic McEliece: Examining the Role of Formal Methods in Post-Quantum Cryptography StandardisationCode-Based Cryptography10.1007/978-3-031-29689-5_2(21-36)Online publication date: 29-Mar-2023
https://doi.org/10.1007/978-3-031-29689-5_2
Semenov AZaikin OKochemazov S(2021)Finding Effective SAT Partitionings Via Black-Box OptimizationBlack Box Optimization, Machine Learning, and No-Free Lunch Theorems10.1007/978-3-030-66515-9_11(319-355)Online publication date: 4-Jan-2021
https://doi.org/10.1007/978-3-030-66515-9_11
Lim JNagarakatte SKandemir MJimborean AMoseley T(2019)Automatic equivalence checking for assembly implementations of cryptography librariesProceedings of the 2019 IEEE/ACM International Symposium on Code Generation and Optimization10.5555/3314872.3314880(37-49)Online publication date: 16-Feb-2019
https://dl.acm.org/doi/10.5555/3314872.3314880
Lim JNagarakatte S(2019)Automatic Equivalence Checking for Assembly Implementations of Cryptography Libraries2019 IEEE/ACM International Symposium on Code Generation and Optimization (CGO)10.1109/CGO.2019.8661180(37-49)Online publication date: Feb-2019
https://doi.org/10.1109/CGO.2019.8661180
Fisher KLaunchbury JRichards R(2017)The HACMS program: using formal methods to eliminate exploitable bugsPhilosophical Transactions of the Royal Society A: Mathematical, Physical and Engineering Sciences10.1098/rsta.2015.0401375:2104(20150401)Online publication date: 4-Sep-2017
https://doi.org/10.1098/rsta.2015.0401
Singleton JLeavens G(2017)A Layered Approach to Specification Authoring, Sharing, and UsageQuality Software Through Reuse and Integration10.1007/978-3-319-56157-8_8(164-189)Online publication date: 17-Aug-2017
https://doi.org/10.1007/978-3-319-56157-8_8
Singleton JLeavens G(2016)Spekl: A Layered System for Specification Authoring, Sharing, and Usage2016 IEEE 17th International Conference on Information Reuse and Integration (IRI)10.1109/IRI.2016.24(126-133)Online publication date: Jul-2016
https://doi.org/10.1109/IRI.2016.24
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Recommendations

SAW: the software analysis workbench

SAW: Wristband-based Authentication for Desktop Computers

FEM simulation of Rayleigh waves for SAW devices based on ZnO/AlN/Si