481 research outputs found
Symbolically Analyzing Security Protocols Using Tamarin
During the last three decades, there has been considerable research devoted to the symbolic analysis of security protocols and existing tools have had considerable success both in detecting attacks on protocols and showing their absence. Nevertheless, there is still a large discrepancy between the symbolic models that one specifies on paper and the models that can be effectively analyzed by tools.
In this paper, we present the Tamarin prover for the symbolic analysis of security protocols. Tamarin takes as input a security protocol model, specifying the actions taken by the agents running the protocol in different roles (e.g., the protocol initiator, the responder, and the trusted key server), a specification of the adversary, and a specification of the protocol’s desired properties. Tamarin can then be used to automatically construct a proof that the protocol fulfills its specified properties, even when arbitrarily many instances of the protocol’s roles are interleaved in parallel, together with the actions of the adversary
New results on rewrite-based satisfiability procedures
Program analysis and verification require decision procedures to reason on
theories of data structures. Many problems can be reduced to the satisfiability
of sets of ground literals in theory T. If a sound and complete inference
system for first-order logic is guaranteed to terminate on T-satisfiability
problems, any theorem-proving strategy with that system and a fair search plan
is a T-satisfiability procedure. We prove termination of a rewrite-based
first-order engine on the theories of records, integer offsets, integer offsets
modulo and lists. We give a modularity theorem stating sufficient conditions
for termination on a combinations of theories, given termination on each. The
above theories, as well as others, satisfy these conditions. We introduce
several sets of benchmarks on these theories and their combinations, including
both parametric synthetic benchmarks to test scalability, and real-world
problems to test performances on huge sets of literals. We compare the
rewrite-based theorem prover E with the validity checkers CVC and CVC Lite.
Contrary to the folklore that a general-purpose prover cannot compete with
reasoners with built-in theories, the experiments are overall favorable to the
theorem prover, showing that not only the rewriting approach is elegant and
conceptually simple, but has important practical implications.Comment: To appear in the ACM Transactions on Computational Logic, 49 page
Better Together: Unifying Datalog and Equality Saturation
We present egglog, a fixpoint reasoning system that unifies Datalog and
equality saturation (EqSat). Like Datalog, it supports efficient incremental
execution, cooperating analyses, and lattice-based reasoning. Like EqSat, it
supports term rewriting, efficient congruence closure, and extraction of
optimized terms.
We identify two recent applications--a unification-based pointer analysis in
Datalog and an EqSat-based floating-point term rewriter--that have been
hampered by features missing from Datalog but found in EqSat or vice-versa. We
evaluate egglog by reimplementing those projects in egglog. The resulting
systems in egglog are faster, simpler, and fix bugs found in the original
systems.Comment: PLDI 202
Implementation of a Port-graph Model for Finance
In this paper we examine the process involved in the design and
implementation of a port-graph model to be used for the analysis of an
agent-based rational negligence model. Rational negligence describes the
phenomenon that occurred during the financial crisis of 2008 whereby investors
chose to trade asset-backed securities without performing independent
evaluations of the underlying assets. This has contributed to motivating the
search for more effective and transparent tools in the modelling of the capital
markets.
This paper shall contain the details of a proposal for the use of a visual
declarative language, based on strategic port-graph rewriting, as a visual
modelling tool to analyse an asset-backed securitisation market.Comment: In Proceedings TERMGRAPH 2018, arXiv:1902.0151
Symbolic Analysis of Maude Theories with Narval
[EN] Concurrent functional languages that are endowed with symbolic reasoning capabilities such as Maude offer a high-level, elegant, and efficient approach to programming and analyzing complex, highly nondeterministic software systems. Maude's symbolic capabilities are based on equational unification and narrowing in rewrite theories, and provide Maude with advanced logic programming capabilities such as unification modulo user-definable equational theories and symbolic reachability analysis in rewrite theories. Intricate computing problems may be effectively and naturally solved in Maude thanks to the synergy of these recently developed symbolic capabilities and classical Maude features, such as: (i) rich type structures with sorts (types), subsorts, and overloading; (ii) equational rewriting modulo various combinations of axioms such as associativity, commutativity, and identity; and (iii) classical reachability analysis in rewrite theories. However, the combination of all of these features may hinder the understanding of Maude symbolic computations for non-experienced developers. The purpose of this article is to describe how programming and analysis of Maude rewrite theories can be made easier by providing a sophisticated graphical tool called Narval that supports the fine-grained inspection of Maude symbolic computations.This work has been partially supported by the EU (FEDER) and the Spanish MCIU under grant RTI2018-094403-B-C32, by the Spanish Generalitat Valenciana under grants PROMETEO/2019/098 and APOSTD/2019/127, and by the US Air Force Office of Scientific Research under award number FA9550-17-1-0286.Alpuente Frasnedo, M.; Escobar Román, S.; Sapiña-Sanchis, J.; Ballis, D. (2019). Symbolic Analysis of Maude Theories with Narval. Theory and Practice of Logic Programming. 19(5-6):874-890. https://doi.org/10.1017/S1471068419000243S874890195-
Evaluation of Datalog queries and its application to the static analysis of Java code
Two approaches for evaluating Datalog programs are presented: one based on boolean
equation systems, and the other based on rewriting logic. The work is presented in the
context of the static analysis of Java programs specified in Datalog.Feliú Gabaldón, MA. (2010). Evaluation of Datalog queries and its application to the static analysis of Java code. http://hdl.handle.net/10251/14016Archivo delegad
Truth table invariant cylindrical algebraic decomposition
When using cylindrical algebraic decomposition (CAD) to solve a problem with
respect to a set of polynomials, it is likely not the signs of those
polynomials that are of paramount importance but rather the truth values of
certain quantifier free formulae involving them. This observation motivates our
article and definition of a Truth Table Invariant CAD (TTICAD).
In ISSAC 2013 the current authors presented an algorithm that can efficiently
and directly construct a TTICAD for a list of formulae in which each has an
equational constraint. This was achieved by generalising McCallum's theory of
reduced projection operators. In this paper we present an extended version of
our theory which can be applied to an arbitrary list of formulae, achieving
savings if at least one has an equational constraint. We also explain how the
theory of reduced projection operators can allow for further improvements to
the lifting phase of CAD algorithms, even in the context of a single equational
constraint.
The algorithm is implemented fully in Maple and we present both promising
results from experimentation and a complexity analysis showing the benefits of
our contributions.Comment: 40 page
An Alternative Conception of Tree-Adjoining Derivation
The precise formulation of derivation for tree-adjoining grammars has
important ramifications for a wide variety of uses of the formalism, from
syntactic analysis to semantic interpretation and statistical language
modeling. We argue that the definition of tree-adjoining derivation must be
reformulated in order to manifest the proper linguistic dependencies in
derivations. The particular proposal is both precisely characterizable through
a definition of TAG derivations as equivalence classes of ordered derivation
trees, and computationally operational, by virtue of a compilation to linear
indexed grammars together with an efficient algorithm for recognition and
parsing according to the compiled grammar.Comment: 33 page
- …