SATMC: A SAT-Based Model Checker for Security-Critical Systems

  • Alessandro Armando
  • Roberto Carbone
  • Luca Compagna
Conference paper

DOI: 10.1007/978-3-642-54862-8_3

Volume 8413 of the book series Lecture Notes in Computer Science (LNCS)
Cite this paper as:
Armando A., Carbone R., Compagna L. (2014) SATMC: A SAT-Based Model Checker for Security-Critical Systems. In: Ábrahám E., Havelund K. (eds) Tools and Algorithms for the Construction and Analysis of Systems. TACAS 2014. Lecture Notes in Computer Science, vol 8413. Springer, Berlin, Heidelberg

Abstract

We present SATMC 3.0, a SAT-based bounded model checker for security-critical systems that stems from a successful combination of encoding techniques originally developed for planning with techniques developed for the analysis of reactive systems. SATMC has been successfully applied in a variety of application domains (security protocols, security-sensitive business processes, and cryptographic APIs) and for different purposes (design-time security analysis and security testing). SATMC strikes a balance between general purpose model checkers and security protocol analyzers as witnessed by a number of important success stories including the discovery of a serious man-in-the-middle attack on the SAML-based Single Sign-On (SSO) for Google Apps, an authentication flaw in the SAML 2.0 Web Browser SSO Profile, and a number of attacks on PKCS#11 Security Tokens. SATMC is integrated and used as back-end in a number of research prototypes (e.g., the AVISPA Tool, Tookan, the SPaCIoS Tool) and industrial-strength tools (e.g., the Security Validator plugin for SAP NetWeaver BPM).

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2014

Authors and Affiliations

  • Alessandro Armando
    • 1
    • 2
  • Roberto Carbone
    • 2
  • Luca Compagna
    • 3
  1. 1.DIBRISUniversity of GenovaGenovaItaly
  2. 2.Security & Trust, FBKTrentoItaly
  3. 3.Product Security ResearchSAP AGSophia AntipolisFrance