Towards a verified first-stage bootloader in Coq

Straznickas, Zygimantas.

Author(s)

Straznickas, Zygimantas.

Download1193030814-MIT.pdf (354.5Kb)

Other Contributors

Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science.

Advisor

Adam Chlipala.

Terms of use

MIT theses may be protected by copyright. Please reuse MIT thesis content according to the MIT Libraries Permissions Policy, which is available through the URL provided. http://dspace.mit.edu/handle/1721.1/7582

Metadata

Show full item record

Abstract

A cryptographic secure boot and attestation system usually depends on a measurement root -- a first-stage bootloader written to ROM that loads the boot payload into the machine's memory, cryptographically signs it and ensures that the boot payload begins execution from a clean-slate environment. We implement a first-stage bootloader heavily inspired by the Sanctum project [5], describe its specification in Coq relative to low-level RISC-V semantics, state the correctness of the implementation as a theorem in Coq and prove a few major lemmas necessary for establishing correctness.

Description

Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, May, 2020

Cataloged from the official PDF of thesis.

Includes bibliographical references (pages 43-45).

Date issued

2020

URI

https://hdl.handle.net/1721.1/127529

Department

Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science

Publisher

Massachusetts Institute of Technology

Keywords

Electrical Engineering and Computer Science.

Collections

Graduate Theses