Towards a verified first-stage bootloader in Coq

• dc.contributor.advisor: Adam Chlipala.
• dc.contributor.author: Straznickas, Zygimantas.
• dc.contributor.other: Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science.
• dc.date.copyright: 2020
• dc.date.issued: 2020
• dc.identifier.uri: https://hdl.handle.net/1721.1/127529
• dc.description: Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, May, 2020
• dc.description: Cataloged from the official PDF of thesis.
• dc.description: Includes bibliographical references (pages 43-45).
• dc.description.abstract: A cryptographic secure boot and attestation system usually depends on a measurement root -- a first-stage bootloader written to ROM that loads the boot payload into the machine's memory, cryptographically signs it and ensures that the boot payload begins execution from a clean-slate environment. We implement a first-stage bootloader heavily inspired by the Sanctum project [5], describe its specification in Coq relative to low-level RISC-V semantics, state the correctness of the implementation as a theorem in Coq and prove a few major lemmas necessary for establishing correctness.
• dc.description.statementofresponsibility: by Zygimantas Straznickas.
• dc.format.extent: 45 pages
• dc.language.iso: eng
• dc.publisher: Massachusetts Institute of Technology
• dc.subject: Electrical Engineering and Computer Science.
• dc.type: Thesis
• dc.description.degree: M. Eng.
• dc.contributor.department: Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science
• dc.identifier.oclc: 1193030814
• dc.description.collection: M.Eng. Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science
• mit.thesis.degree: Master
• mit.thesis.department: EECS