18,458 research outputs found
Symbolic Algorithms for Language Equivalence and Kleene Algebra with Tests
We first propose algorithms for checking language equivalence of finite
automata over a large alphabet. We use symbolic automata, where the transition
function is compactly represented using a (multi-terminal) binary decision
diagrams (BDD). The key idea consists in computing a bisimulation by exploring
reachable pairs symbolically, so as to avoid redundancies. This idea can be
combined with already existing optimisations, and we show in particular a nice
integration with the disjoint sets forest data-structure from Hopcroft and
Karp's standard algorithm. Then we consider Kleene algebra with tests (KAT), an
algebraic theory that can be used for verification in various domains ranging
from compiler optimisation to network programming analysis. This theory is
decidable by reduction to language equivalence of automata on guarded strings,
a particular kind of automata that have exponentially large alphabets. We
propose several methods allowing to construct symbolic automata out of KAT
expressions, based either on Brzozowski's derivatives or standard automata
constructions. All in all, this results in efficient algorithms for deciding
equivalence of KAT expressions
Equivalence-based Security for Querying Encrypted Databases: Theory and Application to Privacy Policy Audits
Motivated by the problem of simultaneously preserving confidentiality and
usability of data outsourced to third-party clouds, we present two different
database encryption schemes that largely hide data but reveal enough
information to support a wide-range of relational queries. We provide a
security definition for database encryption that captures confidentiality based
on a notion of equivalence of databases from the adversary's perspective. As a
specific application, we adapt an existing algorithm for finding violations of
privacy policies to run on logs encrypted under our schemes and observe low to
moderate overheads.Comment: CCS 2015 paper technical report, in progres
Tree Regular Model Checking for Lattice-Based Automata
Tree Regular Model Checking (TRMC) is the name of a family of techniques for
analyzing infinite-state systems in which states are represented by terms, and
sets of states by Tree Automata (TA). The central problem in TRMC is to decide
whether a set of bad states is reachable. The problem of computing a TA
representing (an over- approximation of) the set of reachable states is
undecidable, but efficient solutions based on completion or iteration of tree
transducers exist. Unfortunately, the TRMC framework is unable to efficiently
capture both the complex structure of a system and of some of its features. As
an example, for JAVA programs, the structure of a term is mainly exploited to
capture the structure of a state of the system. On the counter part, integers
of the java programs have to be encoded with Peano numbers, which means that
any algebraic operation is potentially represented by thousands of applications
of rewriting rules. In this paper, we propose Lattice Tree Automata (LTAs), an
extended version of tree automata whose leaves are equipped with lattices. LTAs
allow us to represent possibly infinite sets of interpreted terms. Such terms
are capable to represent complex domains and related operations in an efficient
manner. We also extend classical Boolean operations to LTAs. Finally, as a
major contribution, we introduce a new completion-based algorithm for computing
the possibly infinite set of reachable interpreted terms in a finite amount of
time.Comment: Technical repor
Rehearsal: A Configuration Verification Tool for Puppet
Large-scale data centers and cloud computing have turned system configuration
into a challenging problem. Several widely-publicized outages have been blamed
not on software bugs, but on configuration bugs. To cope, thousands of
organizations use system configuration languages to manage their computing
infrastructure. Of these, Puppet is the most widely used with thousands of
paying customers and many more open-source users. The heart of Puppet is a
domain-specific language that describes the state of a system. Puppet already
performs some basic static checks, but they only prevent a narrow range of
errors. Furthermore, testing is ineffective because many errors are only
triggered under specific machine states that are difficult to predict and
reproduce. With several examples, we show that a key problem with Puppet is
that configurations can be non-deterministic.
This paper presents Rehearsal, a verification tool for Puppet configurations.
Rehearsal implements a sound, complete, and scalable determinacy analysis for
Puppet. To develop it, we (1) present a formal semantics for Puppet, (2) use
several analyses to shrink our models to a tractable size, and (3) frame
determinism-checking as decidable formulas for an SMT solver. Rehearsal then
leverages the determinacy analysis to check other important properties, such as
idempotency. Finally, we apply Rehearsal to several real-world Puppet
configurations.Comment: In proceedings of ACM SIGPLAN Conference on Programming Language
Design and Implementation (PLDI) 201
Recommended from our members
Using formal methods to support testing
Formal methods and testing are two important approaches that assist in the development of high quality software. While traditionally these approaches have been seen as rivals, in recent
years a new consensus has developed in which they are seen as complementary. This article reviews the state of the art regarding ways in which the presence of a formal specification can be used to assist testing
In the Maze of Data Languages
In data languages the positions of strings and trees carry a label from a
finite alphabet and a data value from an infinite alphabet. Extensions of
automata and logics over finite alphabets have been defined to recognize data
languages, both in the string and tree cases. In this paper we describe and
compare the complexity and expressiveness of such models to understand which
ones are better candidates as regular models
- …