Abstract
Zero Trust Architecture requirements are of increasing importance in critical systems development. Zero trust tenets hold that no implicit trust be granted to assets based on their physical or network location. Zero Trust development focuses on authentication, authorization, and shrinking implicit trust zones to the most granular level possible, while maintaining availability and minimizing authentication latency. Performant, high-assurance cryptographic primitives are thus central to successfully realizing a Zero Trust Architecture. The Rust programming language has garnered significant interest and use as a modern, type-safe, memory-safe, and potentially formally analyzable programming language. Our interest in Rust particularly stems from its potential as a hardware/software co-assurance language for developing Zero Trust Architectures. We describe a novel environment enabling Rust to be used as a High-Level Synthesis (HLS) language, suitable for secure and performant Zero Trust application development. Many incumbent HLS languages are a subset of C, and inherit many of the well-known security shortcomings of that language. A Rust-based HLS brings a single modern, type-safe, memory-safe, high-assurance development language for both hardware and software. To study the benefits of this approach, we crafted a Rust HLS subset, and developed a frontend to the hardware/software co-assurance toolchain due to Russinoff and colleagues at Arm, used primarily for floating-point hardware formal verification. This allows us to leverage a number of existing hardware/software co-assurance tools with a minimum investment of time and effort. In this paper, we describe our Rust subset, detail our prototype toolchain, and describe the implementation, performance analysis, formal verification and validation of representative Zero Trust algorithms and data structures written in Rust, emphasizing cryptographic primitives and common data structures.
- Ron Amadeo. 2021. Google is now writing low-level Android code in Rust. https://arstechnica.com/gadgets/2021/04/google-is-nowwriting- low-level-android-code-in-rust/Google Scholar
- Amazon Web Services 2022. Announcing the Kani Rust Verifier Project. Amazon Web Services. https://model-checking.github.io/kaniverifier- blog/2022/05/04/announcing-the-kani-rust-verifierproject. html?fbclid=IwAR2M_B1IEBfkVhIXSuuAxt3McC_ QpUnTuzDq9jG40HOaJzxw8z1Nw9XU_i4Google Scholar
- V. Astrauskas, A. Bílý, J. Fiala, Z. Grannan, C. Matheja, P. Müller, F. Poli, and A. J. Summers. 2022. The Prusti Project: Formal Verification for Rust (invited). In NASA Formal Methods (14th International Symposium). Springer, 88--108. https://link.springer.com/chapter/10.1007/978--3- 031-06773-0_5Google Scholar
- Sally Browning and PhilipWeaver. 2010. Designing Tunable, Verifiable Cryptographic Hardware Using Cryptol. In Design and Verification of Microprocessor Systems for High-Assurance Applications, David S. Hardin (Ed.). Springer, 89--143.Google Scholar
- Rod Chapman. 2022. SPARKNaCl: A Verified, Fast Re-implementation of TweetNaCl. In Proceedings of FOSDEM'22. https://fosdem.org/2022/ schedule/event/ada_sparknacl/Google Scholar
- Darren Cofer, Isaac Amundson, Junaid Babar, David Hardin, Konrad Slind, Perry Alexander, John Hatcliff, Robby, Gerwin Klein, Corey Lewis, Eric Mercer, and John Shackleton. 2022 (to appear). Cyberassured Systems Engineering at Scale. In IEEE Security & Privacy. https://doi.org/10.1109/MSEC.2022.3151733Google Scholar
Cross Ref
- Xavier Denis. 2022. Creusot. https://github.com/xldenis/creusotGoogle Scholar
- Peter H. Feiler and David P. Gluch. 2012. Model-Based Engineering with AADL: An Introduction to the SAE Architecture Analysis & Design Language (1st ed.). Addison-Wesley Professional.Google Scholar
Digital Library
- David S. Hardin. 2020. Put Me on the RAC. In Proceedings of the Sixteenth International Workshop on the ACL2 Theorem Prover and its Applications (ACL2--20). 142--145.Google Scholar
- David S. Hardin. 2020. Verified Hardware/Software Co-Assurance: Enhancing Safety and Security for Critical Systems. In Proceedings of the 2020 IEEE Systems Conference. https://doi.org/10.1109/SysCon47679. 2020.9381831Google Scholar
Cross Ref
- David S. Hardin. 2022. Hardware/Software Co-Assurance using the Rust Programming Language and ACL2. In Proceedings of the Seventeenth International Workshop on the ACL2 Theorem Prover and its Applications (ACL2--22). 1Distribution Statement A (Approved for Public Release, Distribution Unlimited)Google Scholar
Cross Ref
- David S. Hardin and Konrad L. Slind. 2021. Formal Synthesis of Filter Components for Use in Security-Enhancing Architectural Transformations. In Proceedings of the Seventh Workshop on Language-Theoretic Security, 42nd IEEE Symposium and Workshops on Security and Privacy (LangSec 2021). https://doi.org/10.1109/SPW53761.2021.00024Google Scholar
- John Harrison. 2006. Floating-Point Verification Using Theorem Proving. In Formal Methods for Hardware Verification, Marco Bernardo and Alessandro Cimatti (Eds.). Springer Berlin Heidelberg, 211--242. https://doi.org/10.1007/11757283_8Google Scholar
Digital Library
- John Hatcliff, Jason Belt, Robby, and Todd Carpenter. 2021. HAMR: An AADL Multi-Platform Code Generation Toolset. In 10th International Symposium on Leveraging Applications of Formal Methods, Verification and Validation (ISoLA) (LNCS, Vol. 13036). 274--295.Google Scholar
- Warren A. Hunt, Sol Swords, Jared Davis, and Anna Slobodova. 2010. Use of Formal Verification at Centaur Technology. In Design and Verification of Microprocessor Systems for High-Assurance Applications, David S. Hardin (Ed.). Springer, 65--88.Google Scholar
- Steve Klabnik and Carol Nichols. 2018. The Rust Programming Language. No Starch Press.Google Scholar
- Ramana Kumar, Magnus O. Myreen, Michael Norrish, and Scott Owens. 2014. CakeML: a verified implementation of ML. In The 41st Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL '14, San Diego, CA, USA, January 20--21, 2014, Suresh Jagannathan and Peter Sewell (Eds.). ACM, 179--192. https://doi.org/10.1145/2535838.2535841Google Scholar
Digital Library
- Xavier Leroy. 2009. Formal verification of a realistic compiler. Commun. ACM 52, 7 (2009), 107--115. https://doi.org/10.1145/1538788.1538814Google Scholar
Digital Library
- Yusuke Matsushita, Takeshi Tsukada, and Naoki Kobayashi. 2021. RustHorn: CHC-Based Verification for Rust Programs. ACM Trans. Program. Lang. Syst. 43, 4, Article 15 (oct 2021), 54 pages. https: //doi.org/10.1145/3462205Google Scholar
Digital Library
- Mentor Graphics Corporation 2016. Algorithmic C (AC) Datatypes. Mentor Graphics Corporation. https://www.mentor.com/hls-lp/ downloads/ac-datatypesGoogle Scholar
- Mentor Graphics Corporation 2020. Catapult High-Level Synthesis. Mentor Graphics Corporation. https://www.mentor.com/hlslp/ catapult-high-level-synthesis/Google Scholar
- Eric Mercer, Konrad Slind, Isaac Amundson, Darren Cofer, Junaid Babar, and David Hardin. 2021. Synthesizing Verified Components for Cyber Assured Systems Engineering. In 24th International Conference on Model-Driven Engineering Languages and Systems (MODELS 2021). https://doi.org/10.1109/MODELS50736.2021.00029Google Scholar
- Matt Miller. 2019. A proactive approach to more secure code. https://msrc-blog.microsoft.com/2019/07/16/a-proactiveapproach- to-more-secure-code/Google Scholar
- Shane Miller and Carl Lerche. 2022. Sustainability with Rust. https: //aws.amazon.com/blogs/opensource/sustainability-with-rust/Google Scholar
- Razvan Nane, Vlad-Mihai Sima, Christian Pilato, Jongsok Choi, Blair Fort, Andrew Canis, Yu Ting Chen, Hsuan Hsiao, Stephen Brown, Fabrizio Ferrandi, Jason Anderson, and Koen Bertels. 2016. A Survey and Evaluation of FPGA High-Level Synthesis Tools. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 35, 10 (2016), 1591--1604. https://doi.org/10.1109/TCAD.2015.2513673Google Scholar
Digital Library
- Adam Petz, Grant Jurgensen, and Perry Alexander. 2021. Design and Formal Verification of a Copland-based Attestation Protocol. In ACM/IEEE International Conference on Formal Methods and Models for System Design (MEMOCODE 2021).Google Scholar
Digital Library
- Jonathan Protzenko, Bryan Parno, Aymeric Fromherz, Chris Hawblitzel, Marina Polubelova, Karthikeyan Bhargavan, Benjamin Beurdouche, Joonwon Choi, Antoine Delignat-Lavaud, Cédric Fournet, Natalia Kulatova, Tahina Ramananandro, Aseem Rastogi, Nikhil Swamy, Christoph M. Wintersteiger, and Santiago Zanella-Béguelin. 2020. EverCrypt: A Fast, Verified, Cross-Platform Cryptographic Provider. In IEEE Symposium on Security and Privacy. IEEE.Google Scholar
Recommendations
RustBelt: securing the foundations of the Rust programming language
Rust is a new systems programming language that promises to overcome the seemingly fundamental tradeoff between high-level safety guarantees and low-level control over resource management. Unfortunately, none of Rust's safety claims have been formally ...
Rust-like borrowing with 2nd-class values (short paper)
SCALA 2017: Proceedings of the 8th ACM SIGPLAN International Symposium on ScalaThe Rust programming language demonstrates that memory safety can be achieved in a practical systems language, based on a sophisticated type system that controls object lifetimes and aliasing through notions of ownership and borrowing. While Scala has ...
A tool-assisted approach to engineer domain-specific languages (DSLs) using Rust
MODELS '22: Proceedings of the 25th International Conference on Model Driven Engineering Languages and Systems: Companion ProceedingsDomain-Specific Languages (DSLs) are required in a wide range of contexts, implying different execution environments. The same DSL may even have to exist in different environments. We propose in this paper an approach to engineer a DSL using the Rust ...






Comments