Research On Trusted Computing Supporting Software Analasis And Testing

The21st century opened up a whole new era of information. With the popularity of application of computer and the rapid development of internet technology, people enjoy the convenience of information technology life.At the same time, the computer viruses, malicious code and information theft emerging in endlessly.It is a great challenge to information security. Therefore to solve the terminal problem, the measures must be taken from hardware and software, which can effectively improve essential security. Now trusted computing has become one of the hot issue in major field of computer security. The Trusted Computing Platform applications has become more and more widely. Trusted Computing Platform can be used to greatly enhance the security of information systems, but must be under the Trusted Computing Platform evaluation, otherwise, neither the quality of trusted computing products, nor the security of information systems can be guaranteed.Trusted computing supporting software (TCSS) is an important part of the Trusted Computing Platform, which provides the access to Trusted Platform Module(TPM) for applications. Since the analysis and testing of TCSS is an important part of the Trusted Computing Platform evaluation, this paper focuses on how to determine the Security Functional Requirements of TCSS, analyzing if the calling relationships between security functions related to Security Functional Requirements conform trusted computing specification, testing the functional conformance of TCSS through the test of full path traversal, and finally proposing a new design of TCSS. This paper is broadly divided into the following four parts:The first part of this thesis is the research of TCSS’s security functional requirements. A standard reference is needed to analyzing and testing TCSS since the existing TCG specification focuses more on functional interface and has no explicit description needed to be achieved by TCSS. To solve this problem, this paper draws on the idea of Common Criteria (CC), analyzing the security functional requirements of TCSS, dividing security functions and providing support for the subsequent analysis and tests.The second part of work is about the static analysis of TCSS. This paper presents a analysis method of TCSS by model checking, and taking computation tree logics (CTL) for formalizing the function call of TCSS. And verifying the TCSS function call interfaces compliance TCG specification by model checking method,in order to determine the the interface call of TCSS is correct.The analysis result shows that the TCSS on some trusted computing platforms incompletely meet the specification of TCG.The third part of the work is about the functional conformance testing of TCSS. This paper proposes the full path traversal algorithm of path-oriented testing, using the recursive method of iterating from the source node to the sink node until finding out all complete paths of the program. Through the reflection mechanism applied in unit testing to realize the dynamic implementation of test cases. The test results show that the TCSS functions incompletely meet the specification of TCG, and several security-relevant vulnerabilities are revealed.The fourth part of the work is to propose a new design of TCSS based on the existing trusted computing specification and to abstract a basic set of security functions based on the partition of security functions. At last, it has implemented the prototype of TCSS subset that can support the call of the latest TPM2.0and the call China cryptographic algorithms SM4.