Quantification of information flow in cyber physical systems

In Cyber Physical Systems (CPSs), traditional security mechanisms such as cryptography and access control are not enough to ensure the security of the system since complex interactions between the cyber portion and physical portion happen frequently. In particular, the physical infrastructure is inherently observable; aggregated physical observations can lead to unintended cyber information leakage. Information flow analysis, which aims to control the way information flows among different entities, is better suited for CPSs than the access control security mechanism. However, quantifying information leakage in CPSs can be challenging due to the flow of implicit information between the cyber portion, the physical portion, and the outside world. Within algorithmic theory, the online problem considers inputs that arrive one by one and deals with extracting the algorithmic solution through an advice tape without knowing some parts of the input. This dissertation focuses on statistical methods to quantify information leakage in CPSs due to algorithmic leakages, especially CPSs that allocate constrained resources. The proposed framework is based on the advice tape concept of algorithmically quantifying information leakage and statistical analysis. With aggregated physical observations, the amount of information leakage of the constrained resource due to the cyber algorithm can be quantified through the proposed algorithms. An electric smart grid has been used as an example to develop confidence intervals of information leakage within a real CPS. The characteristic of the physical system, which is represented as an invariant, is also considered and influences the information quantification results. The impact of this work is that it allows the user to express an observer\u27s uncertainty about a secret as a function of the revealed part. Thus, it can be used as an algorithmic design in a CPS to allocate resources while maximizing the uncertainty of the information flow to an observer --Abstract, page iii

LIPIcs, Volume 251, ITCS 2023, Complete Volume

LIPIcs, Volume 251, ITCS 2023, Complete Volum

String Measures: Computational Complexity and Related Problems in Communication

Strings are fundamental objects in computer science. Modern applications such as text processing, bioinformatics, and distributed data storage systems often need to deal with very large strings. These applications motivated the study of the computational complexity of string related problems as well as a better understanding of edit operations on strings in general. In this thesis, we study several problems related to edit type string measures and error correcting codes for edit errors, i.e. insertions and deletions. The results presented in this thesis can be roughly partitioned into two parts. The first part is about the space complexity of computing or approximating string measures. We study three classical string measures: edit distance (ED), longest common subsequence (LCS), and longest increasing subsequence (LIS). Our first main result shows that all these three string measures can be approximated to within a 1+o(1) multiplicative factor using only polylog space in polynomial time. We further study ED and LCS in the asymmetric streaming model introduced by Saks and Seshadhri (SODA, 2013). The model can be viewed as an intermediate model between the random access model and the standard streaming model. In this model, one has streaming access to one of the input strings and random access to the other. For both ED and LCS, we present new algorithms as well as several space lower bounds in the asymmetric streaming model. The second part of our results is about locally decodable codes (LDCs) that can tolerate edit errors. LDCs are a class of error correcting code that allow quick recovery of a message symbol by only looking at a few positions of the encoded message (codeword). LDCs for Hamming errors have been extensively studied while arguably little is known about LDCs for edit errors. In this thesis, we present exponential lower bounds for LDCs that can tolerate edit errors. In particular, we show that 2-query linear LDCs for edit errors do not exist, and the codeword length of any constant query LDCs for edit errors must be exponential. These bounds exhibit a strict separation between Hamming errors and edit errors. We also introduce the notion of LDCs with randomized encoding, which can be viewed as a relaxation of the standard LDCs. We give constructions of LDCs with randomized encoding that can achieve significantly better rate-query tradeoffs

Fundamental Approaches to Software Engineering

This open access book constitutes the proceedings of the 24th International Conference on Fundamental Approaches to Software Engineering, FASE 2021, which took place during March 27–April 1, 2021, and was held as part of the Joint Conferences on Theory and Practice of Software, ETAPS 2021. The conference was planned to take place in Luxembourg but changed to an online format due to the COVID-19 pandemic. The 16 full papers presented in this volume were carefully reviewed and selected from 52 submissions. The book also contains 4 Test-Comp contributions

Light On String Solving: Approaches to Efficiently and Correctly Solving String Constraints

Widespread use of string solvers in formal analysis of string-heavy programs has led to a growing demand for more efficient and reliable techniques which can be applied in this context, especially for real-world cases. Designing an algorithm for the (generally undecidable) satisfiability problem for systems of string constraints requires a thorough understanding of the structure of constraints present in the targeted cases. We target the aforementioned case in different perspectives: We present an algorithm which works by reformulating the satisfiability of bounded word equations as a reachability problem for non-deterministic finite automata. Secondly, we present a transformation-system-based technique to solving string constraints. Thirdly, we investigate benchmarks presented in the literature containing regular expression membership predicates and design a decission procedure for a PSPACE-complete sub-theory. Additionally, we introduce a new benchmarking framework for string solvers and use it to showcase the power of our algorithms via an extensive empirical evaluation over a diverse set of benchmarks