17,378 research outputs found
Dynamic IFC Theorems for Free!
We show that noninterference and transparency, the key soundness theorems for
dynamic IFC libraries, can be obtained "for free", as direct consequences of
the more general parametricity theorem of type abstraction. This allows us to
give very short soundness proofs for dynamic IFC libraries such as faceted
values and LIO. Our proofs stay short even when fully mechanized for Agda
implementations of the libraries in terms of type abstraction.Comment: CSF 2021 final versio
Type-based Dependency Analysis for JavaScript
Dependency analysis is a program analysis that determines potential data flow
between program points. While it is not a security analysis per se, it is a
viable basis for investigating data integrity, for ensuring confidentiality,
and for guaranteeing sanitization. A noninterference property can be stated and
proved for the dependency analysis. We have designed and implemented a
dependency analysis for JavaScript. We formalize this analysis as an
abstraction of a tainting semantics. We prove the correctness of the tainting
semantics, the soundness of the abstraction, a noninterference property, and
the termination of the analysis.Comment: Technical Repor
Source Code Verification for Embedded Systems using Prolog
System relevant embedded software needs to be reliable and, therefore, well
tested, especially for aerospace systems. A common technique to verify programs
is the analysis of their abstract syntax tree (AST). Tree structures can be
elegantly analyzed with the logic programming language Prolog. Moreover, Prolog
offers further advantages for a thorough analysis: On the one hand, it natively
provides versatile options to efficiently process tree or graph data
structures. On the other hand, Prolog's non-determinism and backtracking eases
tests of different variations of the program flow without big effort. A
rule-based approach with Prolog allows to characterize the verification goals
in a concise and declarative way.
In this paper, we describe our approach to verify the source code of a flash
file system with the help of Prolog. The flash file system is written in C++
and has been developed particularly for the use in satellites. We transform a
given abstract syntax tree of C++ source code into Prolog facts and derive the
call graph and the execution sequence (tree), which then are further tested
against verification goals. The different program flow branching due to control
structures is derived by backtracking as subtrees of the full execution
sequence. Finally, these subtrees are verified in Prolog.
We illustrate our approach with a case study, where we search for incorrect
applications of semaphores in embedded software using the real-time operating
system RODOS. We rely on computation tree logic (CTL) and have designed an
embedded domain specific language (DSL) in Prolog to express the verification
goals.Comment: In Proceedings WLP'15/'16/WFLP'16, arXiv:1701.0014
- …