网络与信息安全学报 (Jul 2016)
Firmware vulnerability analysis based on formal verification of software and hardware
Abstract
In order to analyze the potential vulnerabilities in the firmware systematically and effectively,a formal verification method based on TLA,in a collaborated form of software and hardware was proposed.With this method,the interaction mechanism of software and hardware in the computer boot process was modeled and analyzed.By adjusting the attack model,a secure vulnerability in the update process of the firmware was found,and its existence by an experiment,which proved the reliability of formal verification was demonstrated.
Keywords