124 research outputs found
Modularity and Openness in Modeling Multi-Agent Systems
We revisit the formalism of modular interpreted systems (MIS) which
encourages modular and open modeling of synchronous multi-agent systems. The
original formulation of MIS did not live entirely up to its promise. In this
paper, we propose how to improve modularity and openness of MIS by changing the
structure of interference functions. These relatively small changes allow for
surprisingly high flexibility when modeling actual multi-agent systems. We
demonstrate this on two well-known examples, namely the trains, tunnel and
controller, and the dining cryptographers.
Perhaps more importantly, we propose how the notions of multi-agency and
openness, crucial for multi-agent systems, can be precisely defined based on
their MIS representations.Comment: In Proceedings GandALF 2013, arXiv:1307.416
Abstract Model Counting: A Novel Approach for Quantification of Information Leaks
acmid: 2590328 keywords: model checking, quantitative information flow, satisfiability modulo theories, symbolic execution location: Kyoto, Japan numpages: 10acmid: 2590328 keywords: model checking, quantitative information flow, satisfiability modulo theories, symbolic execution location: Kyoto, Japan numpages: 10acmid: 2590328 keywords: model checking, quantitative information flow, satisfiability modulo theories, symbolic execution location: Kyoto, Japan numpages: 10We present a novel method for Quantitative Information Flow analysis. We show how the problem of computing information leakage can be viewed as an extension of the Satisfiability Modulo Theories (SMT) problem. This view enables us to develop a framework for QIF analysis based on the framework DPLL(T) used in SMT solvers. We then show that the methodology of Symbolic Execution (SE) also fits our framework. Based on these ideas, we build two QIF analysis tools: the first one employs CBMC, a bounded model checker for ANSI C, and the second one is built on top of Symbolic PathFinder, a Symbolic Executor for Java. We use these tools to quantify leaks in industrial code such as C programs from the Linux kernel, a Java tax program from the European project HATS, and anonymity protocol
Formal Approaches to Information-Hiding (Tutorial)
International audienceIn this survey paper we consider the class of protocols for information-hiding which use randomization to obfuscate the link between the observables and the information to be protected. We focus on the problem of formalizing the notion of information hiding, and verifying that a given protocol achieves the intended degree of protection. Without the pretense of being omni-comprehensive, we review the main approaches that have been explored in literature: possibilistic, probabilistic, information-theoretic, and statistical
Compositional methods for information-hiding
International audienceSystems concerned with information hiding often use randomization to obfuscate the link between the observables and the information to be protected. The degree of protection provided by a system can be expressed in terms of the probability of error associated with the inference of the secret information. We consider a probabilistic process calculus to specify such systems, and we study how the operators aďŹect the probability of error. In particular, we characterize constructs that have the property of not decreasing the degree of protection, and that can therefore be considered safe in the modular construction of these systems. As a case study, we apply these techniques to the Dining Cryptographers, and we derive a generalization of Chaum's strong anonymity result
MCMAS: a model checker for the verification of multi-agent systems
While temporal logic in its various forms has proven essential to reason about reactive systems, agent-based scenarios are typically specified by considering high-level agents attitudes. In particular, specification languages based on epistemic logics, or logics for knowledge, have proven useful in a variety of areas including robotics, security protocols, web-services, etc. For example, security specifications involving anonymity [4] are known to be naturally expressible in epistemic formalisms as they explicitly state the lack of different kinds of knowledge of the principals
Model checking multi-agent systems
A multi-agent system (MAS) is usually understood as a system composed of interacting
autonomous agents. In this sense, MAS have been employed successfully as a modelling
paradigm in a number of scenarios, especially in Computer Science. However, the process
of modelling complex and heterogeneous systems is intrinsically prone to errors: for this
reason, computer scientists are typically concerned with the issue of verifying that a system
actually behaves as it is supposed to, especially when a system is complex.
Techniques have been developed to perform this task: testing is the most common technique,
but in many circumstances a formal proof of correctness is needed. Techniques
for formal verification include theorem proving and model checking. Model checking
techniques, in particular, have been successfully employed in the formal verification of
distributed systems, including hardware components, communication protocols, security
protocols.
In contrast to traditional distributed systems, formal verification techniques for MAS are
still in their infancy, due to the more complex nature of agents, their autonomy, and
the richer language used in the specification of properties. This thesis aims at making
a contribution in the formal verification of properties of MAS via model checking. In
particular, the following points are addressed:
⢠Theoretical results about model checking methodologies for MAS, obtained by
extending traditional methodologies based on Ordered Binary Decision Diagrams (OBDDS) for temporal logics to multi-modal logics for time, knowledge, correct behaviour, and strategies of agents. Complexity results for model checking these logics
(and their symbolic representations).
⢠Development of a software tool (MCMAS) that permits the specification and verification
of MAS described in the formalism of interpreted systems.
⢠Examples of application of MCMAS to various MAS scenarios (communication, anonymity, games, hardware diagnosability), including experimental results, and comparison with other tools available
Verification and control of partially observable probabilistic systems
We present automated techniques for the verification and control of partially observable, probabilistic systems for both discrete and dense models of time. For the discrete-time case, we formally model these systems using partially observable Markov decision processes; for dense time, we propose an extension of probabilistic timed automata in which local states are partially visible to an observer or controller. We give probabilistic temporal logics that can express a range of quantitative properties of these models, relating to the probability of an eventâs occurrence or the expected value of a reward measure. We then propose techniques to either verify that such a property holds or synthesise a controller for the model which makes it true. Our approach is based on a grid-based abstraction of the uncountable belief space induced by partial observability and, for dense-time models, an integer discretisation of real-time behaviour. The former is necessarily approximate since the underlying problem is undecidable, however we show how both lower and upper bounds on numerical results can be generated. We illustrate the effectiveness of the approach by implementing it in the PRISM model checker and applying it to several case studies from the domains of task and network scheduling, computer security and planning
- âŚ