计算机工程

• 安全技术 • 上一篇    下一篇

基于攻击树的安全芯片穿透性测试评估

张俊彦,陈清明   

  1. (上海市信息安全测评认证中心,上海 200011)
  • 收稿日期:2013-03-12 出版日期:2014-06-15 发布日期:2014-06-13
  • 作者简介:张俊彦(1978-),男,高级工程师,主研方向:信息安全,密码学;陈清明,高级工程师、硕士。
  • 基金项目:
    质检公益性行业科研专项基金资助项目(201310033)。

Penetration Testing Evaluation of Security Chip Based on Attack Tree

ZHANG Jun-yan, CHEN Qing-ming   

  1. (Shanghai Information Security Testing Evaluation and Certification Center, Shanghai 200011, China)
  • Received:2013-03-12 Online:2014-06-15 Published:2014-06-13

摘要: 随着安全芯片应用范围的不断扩大和应用环境的日趋复杂,需要通过穿透性测试验证芯片的安全性,同时有必要对测试进行评估。为此,提出一种基于攻击树模型的安全芯片穿透性测试评估方法。分析安全芯片的穿透性测试过程,采用攻击树模型作为穿透性测试的描述模型,在此基础上提出攻击事件的多属性赋值方法、攻击代价的推算方法和攻击路径的分析方法。应用结果表明,该方法可准确评估安全芯片穿透性测试结果。

关键词: 安全芯片, 穿透性测试, 攻击树, 攻击代价, 攻击路径, 非侵入式攻击, 半侵入式攻击

Abstract: As the range of applications for the security chip continues to expand and the application environment is increasingly complex, the penetration testing of security chip is necessary, and the testing evaluation is also necessary. So this paper proposes a method of penetration testing the security chip based on attack tree. It analyzes the testing process for the penetration testing to the security chip and adopts the multi-attribute utility of attacks event. It proposes a quantitative calculating method of attack cost and an attack path analysis method. Application results show that the method is objective and effective. It can provide guidance for the implementation of the security chip penetration testing, and make rules for chip security measures.

Key words: security chip, penetration testing, attack tree, attack cost, attack route, non-invasive attack, semi-invasive attack

中图分类号: