265 research outputs found
Slot Games for Detecting Timing Leaks of Programs
In this paper we describe a method for verifying secure information flow of
programs, where apart from direct and indirect flows a secret information can
be leaked through covert timing channels. That is, no two computations of a
program that differ only on high-security inputs can be distinguished by
low-security outputs and timing differences. We attack this problem by using
slot-game semantics for a quantitative analysis of programs. We show how
slot-games model can be used for performing a precise security analysis of
programs, that takes into account both extensional and intensional properties
of programs. The practicality of this approach for automated verification is
also shown.Comment: In Proceedings GandALF 2013, arXiv:1307.416
Compositional software verification based on game semantics
One of the major challenges in computer science is to put programming on a firmer mathematical basis, in order to improve the correctness of computer programs. Automatic program verification is acknowledged to be a very hard problem, but current work is reaching the point where at least the foundational�· aspects of the problem can be addressed and it is becoming a part of industrial software development. This thesis presents a semantic framework for verifying safety properties of open sequ;ptial programs. The presentation is focused on an Algol-like programming language that embodies many of the core ingredients of imperative and functional languages and incorporates data abstraction in its syntax. Game semantics is used to obtain a compositional, incremental way of generating accurate models of programs. Model-checking is made possible by giving certain kinds of concrete automata-theoretic representations of the model. A data-abstraction refinement procedure is developed for model-checking safety properties of programs with infinite integer types. The procedure starts by model-checking the most abstract version of the program. If no counterexample, or a genuine one, is found, the procedure terminates. Otherwise, it uses a spurious counterexample to refine the abstraction for the next iteration. Abstraction refinement, assume-guarantee reasoning and the L* algorithm for learning regular languages are combined to yield a procedure for compositional verification. Construction of a global model is avoided using assume-guarantee reasoning and the L* algorithm, by learning assumptions for arbitrary subprograms. An implementation based on the FDR model checker for the CSP process algebra demonstrates practicality of the methods
A Fully Abstract Game Semantics for Countable Nondeterminism
The concept of fairness for a concurrent program means that the program must be able to exhibit an unbounded amount of nondeterminism without diverging. Game semantics models of nondeterminism show that this is hard to implement; for example, Harmer and McCusker\u27s model only admits infinite nondeterminism if there is also the possibility of divergence. We solve a long standing problem by giving a fully abstract game semantics for a simple stateful language with a countably infinite nondeterminism primitive. We see that doing so requires us to keep track of infinitary information about strategies, as well as their finite behaviours. The unbounded nondeterminism gives rise to further problems, which can be formalized as a lack of continuity in the language. In order to prove adequacy for our model (which usually requires continuity), we develop a new technique in which we simulate the nondeterminism using a deterministic stateful construction, and then use combinatorial techniques to transfer the result to the nondeterministic language. Lastly, we prove full abstraction for the model; because of the lack of continuity, we cannot deduce this from definability of compact elements in the usual way, and we have to use a stronger universality result instead. We discuss how our techniques yield proofs of adequacy for models of nondeterministic PCF, such as those given by Tsukada and Ong
Information Security as Strategic (In)effectivity
Security of information flow is commonly understood as preventing any
information leakage, regardless of how grave or harmless consequences the
leakage can have. In this work, we suggest that information security is not a
goal in itself, but rather a means of preventing potential attackers from
compromising the correct behavior of the system. To formalize this, we first
show how two information flows can be compared by looking at the adversary's
ability to harm the system. Then, we propose that the information flow in a
system is effectively information-secure if it does not allow for more harm
than its idealized variant based on the classical notion of noninterference
Saturating automata for game semantics
Saturation is a fundamental game-semantic property satisfied by strategies
that interpret higher-order concurrent programs. It states that the strategy
must be closed under certain rearrangements of moves, and corresponds to the
intuition that program moves (P-moves) may depend only on moves made by the
environment (O-moves).
We propose an automata model over an infinite alphabet, called saturating
automata, for which all accepted languages are guaranteed to satisfy a closure
property mimicking saturation.
We show how to translate the finitary fragment of Idealized Concurrent Algol
(FICA) into saturating automata, confirming their suitability for modelling
higher-order concurrency. Moreover, we find that, for terms in normal form, the
resultant automaton has linearly many transitions and states with respect to
term size, and can be constructed in polynomial time. This is in contrast to
earlier attempts at finding automata-theoretic models of FICA, which did not
guarantee saturation and involved an exponential blow-up during translation,
even for normal forms.Comment: Presented at MFPS 202
Handshake Games
AbstractIn this paper I present a game model for the semantical analysis of handshake circuits. I show how the model captures effectively the composition of circuits in an associative way. Then I build a compact-closed category of handshake games and handshake strategies. I then consider the language Tangram and I define a semantics for this language simply by giving a denotation in the model to each handshake component that is used in the compilation of Tangram programs
Compositional software verification based on game semantics
One of the major challenges in computer science is to put programming on a firmer mathematical basis, in order to improve the correctness of computer programs. Automatic program verification is acknowledged to be a very hard problem, but current work is reaching the point where at least the foundational�· aspects of the problem can be addressed and it is becoming a part of industrial software development. This thesis presents a semantic framework for verifying safety properties of open sequ;ptial programs. The presentation is focused on an Algol-like programming language that embodies many of the core ingredients of imperative and functional languages and incorporates data abstraction in its syntax. Game semantics is used to obtain a compositional, incremental way of generating accurate models of programs. Model-checking is made possible by giving certain kinds of concrete automata-theoretic representations of the model. A data-abstraction refinement procedure is developed for model-checking safety properties of programs with infinite integer types. The procedure starts by model-checking the most abstract version of the program. If no counterexample, or a genuine one, is found, the procedure terminates. Otherwise, it uses a spurious counterexample to refine the abstraction for the next iteration. Abstraction refinement, assume-guarantee reasoning and the L* algorithm for learning regular languages are combined to yield a procedure for compositional verification. Construction of a global model is avoided using assume-guarantee reasoning and the L* algorithm, by learning assumptions for arbitrary subprograms. An implementation based on the FDR model checker for the CSP process algebra demonstrates practicality of the methods.EThOS - Electronic Theses Online ServiceEngineering and Physical Sciences Research Council (Great Britain) (EPSRC)Overseas Research Students Award Scheme (ORSAS)GBUnited Kingdo
- …