12 research outputs found
Fine-Grained Static Detection of Obfuscation Transforms Using Ensemble-Learning and Semantic Reasoning
International audienceThe ability to efficiently detect the software protections used is at a prime to facilitate the selection and application of adequate deob-fuscation techniques. We present a novel approach that combines semantic reasoning techniques with ensemble learning classification for the purpose of providing a static detection framework for obfuscation transformations. By contrast to existing work, we provide a methodology that can detect multiple layers of obfuscation, without depending on knowledge of the underlying functionality of the training-set used. We also extend our work to detect constructions of obfuscation transformations, thus providing a fine-grained methodology. To that end, we provide several studies for the best practices of the use of machine learning techniques for a scalable and efficient model. According to our experimental results and evaluations on obfuscators such as Tigress and OLLVM, our models have up to 91% accuracy on state-of-the-art obfuscation transformations. Our overall accuracies for their constructions are up to 100%
The Expressive Power of One Variable Used Once: The Chomsky Hierarchy and First-Order Monadic Constructor Rewriting
We study the implicit computational complexity of constructor term rewriting systems where every function and constructor symbol is unary or nullary. Surprisingly, adding simple and natural constraints to rule formation yields classes of systems that accept exactly the four classes of languages in the Chomsky hierarchy
Twenty years of rewriting logic
AbstractRewriting logic is a simple computational logic that can naturally express both concurrent computation and logical deduction with great generality. This paper provides a gentle, intuitive introduction to its main ideas, as well as a survey of the work that many researchers have carried out over the last twenty years in advancing: (i) its foundations; (ii) its semantic framework and logical framework uses; (iii) its language implementations and its formal tools; and (iv) its many applications to automated deduction, software and hardware specification and verification, security, real-time and cyber-physical systems, probabilistic systems, bioinformatics and chemical systems
Replication and Abstraction: Symmetry in Automated Formal Verification.
This article surveys fundamental and applied aspects of symmetry in system models, and of symmetry reduction methods used to counter state explosion in model checking, an automated formal verification technique. While covering the research field broadly, we particularly emphasize recent progress in applying the technique to realistic systems, including tools that promise to elevate the scope of symmetry reduction to large-scale program verification. The article targets researchers and engineers interested in formal verification of concurrent systems
A method for rigorous development of fault-tolerant systems
PhD ThesisWith the rapid development of information systems and our increasing
dependency on computer-based systems, ensuring their dependability becomes
one the most important concerns during system development. This
is especially true for the mission and safety critical systems on which we
rely not to put signi cant resources and lives at risk.
Development of critical systems traditionally involves formal modelling
as a fault prevention mechanism. At the same time, systems typically
support fault tolerance mechanisms to mitigate runtime errors. However,
fault tolerance modelling and, in particular, rigorous de nitions of fault
tolerance requirements, fault assumptions and system recovery have not
been given enough attention during formal system development.
The main contribution of this research is in developing a method for
top-down formal design of fault tolerant systems. The re nement-based
method provides modelling guidelines presented in the following form:
a set of modelling principles for systematic modelling of fault tolerance,
a fault tolerance re nement strategy, and
a library of generic modelling patterns assisting in disciplined integration
of error detection and error recovery steps into models.
The method supports separation of normal and fault tolerant system behaviour
during modelling. It provides an environment for explicit modelling
of fault tolerance and modal aspects of system behaviour which
ensure rigour of the proposed development process.
The method is supported by tools that are smoothly integrated into an
industry-strength development environment.
The proposed method is demonstrated on two case studies. In particular,
the evaluation is carried out using a medium-scale industrial case study
from the aerospace domain.
The method is shown to provide support for explicit modelling of fault
tolerance, to reduce the development e orts during modelling, to support
reuse of fault tolerance modelling, and to facilitate adoption of formal
methods.DEPLOY:
The TrAmS Grant:
The School of Computing Science, Newcastle University
A Comprehensive Study of Declarative Modelling Languages
Declarative behavioural modelling is a powerful modelling paradigm
that enables users to model system functionality abstractly and
formally. An abstract model is a concise and compact representation
of key characteristics of a system, and enables the stakeholders to
reason about the correctness of the system in the early stages of
development.
There are many different declarative languages and they have greatly
varying constructs for representing a transition system, and they
sometimes differ in rather subtle ways. In this thesis, we compare
seven formal declarative modelling languages B, Event-B, Alloy, Dash,
TLA+, PlusCal, and AsmetaL on several criteria. We classify these
criteria under three main categories: structuring transition systems
(control modelling), data descriptions in transition systems (data
modelling), and modularity aspects of modelling. We developed this
comparison by completing a set of case studies across the data-
vs. control-oriented spectrum in all of the above languages.
Structurally, a transition system is comprised of a snapshot
declaration and snapshot space, initialization, and a transition
relation, which is potentially composed of individual transitions. We
meticulously outline the differences between the languages with
respect to how the modeller would express each of the above components
of a transition system in each language, and include discussions
regarding stuttering and inconsistencies in the transition relation.
Data-related aspects of a formal model include use of basic and
composite datatypes, well-formedness and typechecking, and separation
of name spaces with respect to global and local variables. Modularity
criteria includes subtransition systems and data decomposition. We
employ a series of small and concise exemplars we have devised to
highlight these differences in each language. To help modellers
answer the important question of which declarative modelling language
may be most suited for modelling their system, we present
recommendations based on our observations about the differentiating
characteristics of each of these languages
Proceedings of the First NASA Formal Methods Symposium
Topics covered include: Model Checking - My 27-Year Quest to Overcome the State Explosion Problem; Applying Formal Methods to NASA Projects: Transition from Research to Practice; TLA+: Whence, Wherefore, and Whither; Formal Methods Applications in Air Transportation; Theorem Proving in Intel Hardware Design; Building a Formal Model of a Human-Interactive System: Insights into the Integration of Formal Methods and Human Factors Engineering; Model Checking for Autonomic Systems Specified with ASSL; A Game-Theoretic Approach to Branching Time Abstract-Check-Refine Process; Software Model Checking Without Source Code; Generalized Abstract Symbolic Summaries; A Comparative Study of Randomized Constraint Solvers for Random-Symbolic Testing; Component-Oriented Behavior Extraction for Autonomic System Design; Automated Verification of Design Patterns with LePUS3; A Module Language for Typing by Contracts; From Goal-Oriented Requirements to Event-B Specifications; Introduction of Virtualization Technology to Multi-Process Model Checking; Comparing Techniques for Certified Static Analysis; Towards a Framework for Generating Tests to Satisfy Complex Code Coverage in Java Pathfinder; jFuzz: A Concolic Whitebox Fuzzer for Java; Machine-Checkable Timed CSP; Stochastic Formal Correctness of Numerical Algorithms; Deductive Verification of Cryptographic Software; Coloured Petri Net Refinement Specification and Correctness Proof with Coq; Modeling Guidelines for Code Generation in the Railway Signaling Context; Tactical Synthesis Of Efficient Global Search Algorithms; Towards Co-Engineering Communicating Autonomous Cyber-Physical Systems; and Formal Methods for Automated Diagnosis of Autosub 6000
Automated composition of sequence diagrams
Software design is a significant stage in software development life cycle as it creates a blueprint for the implementation of the software. Design-errors lead to costly and insufficient implementation. Hence, it is crucial to provide solutions to discover the design error in early stage of the system development and solve them. Inspired by various engineering disciplines, the software community proposed the concept of modelling in order to reduce these costly errors. Modelling provides a platform to create an abstract representation of the software systems concluding to the birth of various modelling languages such as Unified Modelling Language (UML), Automata, and Petri Net. Due to the modelling raises the level of abstraction throughout the analysis and design process, it enables the system discovers to efficiently identify errors. Since modern systems become more complex, models are often produced part-by-part to help reduce the complexity of the design. This often results in partial specifications captured in models focusing on a subset of the system. To produce an overall model of the system, such partial models must be composed together. Model composition is the process of combining partial models to create a single coherent model. Due to manual model composition is error prone, time-consuming and tedious, it must be replaced by automated model compositions. This thesis presents a novel approach for an automatic composition technique for creating behaviour models, such as a sequence diagram, from partial specifications captured in multiple sequence diagrams with the help of constraint solvers