Expanding Gate Level Information Flow Tracking for Multilevel Security

Abstract

Embedded systems found in critical infrastructures require tight information flow controls to prevent unintended interference between different system components. These critical systems require extensive testing and verification to ensure strict enforcement of information flow policy. To assist in this process, gate level information flow tracking (GLIFT) has been proposed to expose all flows of information through Boolean gates. However, the current work in this realm only considers a two-level security lattice ( <formula formulatype="inline" xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"> <tex Notation="TeX">${\tt LOW} \sqsubset {\tt HIGH}$</tex></formula> ). In this letter, we expand the GLIFT method to multilevel security lattices and provide an analysis of the overheads using IWLS benchmarks. Results show that expanding GLIFT to multilevel security lattices produces overheads and we discuss potential research on its applications.