Skip to main content
Springer Nature Link
Log in

An Approach for Safe and Secure Software Protection Supported by Symbolic Execution

  • Conference paper
  • First Online:
Database and Expert Systems Applications - DEXA 2023 Workshops (DEXA 2023)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1872))

Included in the following conference series:

  • 269 Accesses

Abstract

We introduce a novel copy-protection method for industrial control software. With our method, a program executes correctly only on its target hardware and behaves differently on other machines. The hardware-software binding is based on Physically Unclonable Functions (PUFs). We use symbolic execution to guarantee the preservation of safety properties if the software is executed on a different machine, or if there is a problem with the PUF response. Moreover, we show that the protection method is also secure against reverse engineering.

The research reported in this paper has been funded by BMK, BMDW, and the State of Upper Austria in the frame of the COMET Module Dependable Production Environments with Software Security (DEPS) within the COMET - Competence Centers for Excellent Technologies Programme managed by Austrian Research Promotion Agency FFG.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    VDMA Product Piracy 2022 (https://www.vdma.org/documents/34570/51629660/VDMA+Study+Product+Piracy+2022_final.pdf). Last accessed: 30/01/2023.

  2. 2.

    https://deps.scch.at.

References

  1. Ahmed, M., Safar, M.: Symbolic execution based verification of compliance with the ISO 26262 functional safety standard. In: DTIS 2019 (2019)

    Google Scholar 

  2. Anagnostopoulos, N.A., et al.: Intrinsic run-time Row Hammer PUFs: leveraging the row hammer effect for run-time cryptography and improved security. Cryptography 2(3), 13 (2018)

    Article  MathSciNet  Google Scholar 

  3. Börger, E.: The role of executable abstract programs in software development and documentation. CoRR arXiv:2209.06546 (2022)

  4. Börger, E., Raschke, A.: Modeling Companion for Software Practitioners. Springer, Heidelberg (2018). https://doi.org/10.1007/978-3-662-56641-1

  5. Börger, E., Stärk, R.: Abstract State Machines. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-642-18216-7

  6. Gassend, B. et al.: Silicon physical random functions. In: CCS 2002 (2002)

    Google Scholar 

  7. Guajardo, J., Kumar, S.S., Schrijen, G.-J., Tuyls, P.: FPGA intrinsic PUFs and their use for IP protection. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 63–80. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74735-2_5

    Chapter  Google Scholar 

  8. Herder, C., et al.: Physical unclonable functions and applications: a tutorial. Proc. IEEE 102(8), 1126–1141 (2014)

    Google Scholar 

  9. Keller, C., et al.: Dynamic memory-based physically unclonable function for the generation of unique identifiers and true random numbers. In: ISCAS 2014 (2014)

    Google Scholar 

  10. Kim, J.S., et al.: The DRAM latency PUF. In: HPCA 2018. IEEE (2018)

    Google Scholar 

  11. King, J.C.: Symbolic execution and program testing. Commun. ACM 19(7), 385–394 (1976)

    Google Scholar 

  12. Kohnhäuser, F., Schaller, A., Katzenbeisser, S.: PUF-based software protection for low-end embedded devices. In: Conti, M., Schunter, M., Askoxylakis, I. (eds.) Trust 2015. LNCS, vol. 9229, pp. 3–21. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-22846-4_1

    Chapter  Google Scholar 

  13. Kumar, S.S. et al.: The butterfly PUF protecting IP on every FPGA. In: HOST 2008. IEEE (2008)

    Google Scholar 

  14. McGrath, T. et al.: A PUF taxonomy. Appl. Phys. Rev. 6(1), 011303 (2019)

    Google Scholar 

  15. Pasareanu, C.S.: Symbolic Execution and Quantitative Reasoning: Applications to Software Safety and Security. Morgan & Claypool Publishers (2020)

    Google Scholar 

  16. Paun, V.A., Monsuez, B., Baufreton, P.: Integration of symbolic execution into a formal abstract state machines based language. IFAC-PapersOnLine 50(1), 11251–11256 (2017)

    Google Scholar 

  17. Schaller, A., et al.: Intrinsic Rowhammer PUFs: leveraging the Rowhammer effect for improved security. In: HOST 2017. IEEE (2017)

    Google Scholar 

  18. Sutar, S., Raha, A., Raghunathan, V.: D-PUF: an intrinsically reconfigurable DRAM PUF for device authentication in embedded systems. In: CASES 2016 (2016)

    Google Scholar 

  19. Xiong, W., et al.: Run-time accessible DRAM PUFs in commodity devices. In: Gierlichs, B., Poschmann, A.Y. (eds.) CHES 2016. LNCS, vol. 9813, pp. 432–453. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53140-2_21

    Chapter  Google Scholar 

  20. Xiong, W. et al.: Software protection using dynamic PUFs. IEEE Trans. Inf. Forensics Secur. 15, 2053–2068 (2019)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Software Competence Center Hagenberg, Hagenberg im Mühlkreis, Austria

    Daniel Dorfmeister, Flavio Ferrarotti, Bernhard Fischer & Rudolf Ramler

  2. Symflower GmbH, Linz, Austria

    Evelyn Haslinger & Markus Zimmermann

Authors
  1. Daniel Dorfmeister
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Flavio Ferrarotti
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Bernhard Fischer
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Evelyn Haslinger
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Rudolf Ramler
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Markus Zimmermann
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Flavio Ferrarotti .

Editor information

Editors and Affiliations

  1. Johannes Kepler University Linz, Linz, Austria

    Gabriele Kotsis

  2. Vienna University of Technology, Vienna, Austria

    A Min Tjoa

  3. Johannes Kepler University Linz, Linz, Austria

    Ismail Khalil

  4. Software Competence Center Hagenberg GmbH, Hagenberg, Austria

    Bernhard Moser

  5. Johannes Kepler University Linz, Linz, Austria

    Atif Mashkoor

  6. Johannes Kepler University Linz, Linz, Austria

    Johannes Sametinger

  7. Pak-Austria Fachhochschule - Institute of Applied Sciences and Technology (PAF-IAST), Haripur, Pakistan

    Maqbool Khan

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Dorfmeister, D., Ferrarotti, F., Fischer, B., Haslinger, E., Ramler, R., Zimmermann, M. (2023). An Approach for Safe and Secure Software Protection Supported by Symbolic Execution. In: Kotsis, G., et al. Database and Expert Systems Applications - DEXA 2023 Workshops. DEXA 2023. Communications in Computer and Information Science, vol 1872. Springer, Cham. https://doi.org/10.1007/978-3-031-39689-2_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-39689-2_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-39688-5

  • Online ISBN: 978-3-031-39689-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics