Taylor subsumes Scott, Berry, Kahn and Plotkin

The speculative ambition of replacing the old theory of program approximation based on syntactic continuity with the theory of resource consumption based on Taylor expansion and originating from the differential γ-calculus is nowadays at hand. Using this resource sensitive theory, we provide simple proofs of important results in γ-calculus that are usually demonstrated by exploiting Scott's continuity, Berry's stability or Kahn and Plotkin's sequentiality theory. A paradigmatic example is given by the Perpendicular Lines Lemma for the Böhm tree semantics, which is proved here simply by induction, but relying on the main properties of resource approximants: strong normalization, confluence and linearity

Synthesizing Adaptive Test Strategies from Temporal Logic Specifications

Constructing good test cases is difficult and time-consuming, especially if the system under test is still under development and its exact behavior is not yet fixed. We propose a new approach to compute test strategies for reactive systems from a given temporal logic specification using formal methods. The computed strategies are guaranteed to reveal certain simple faults in every realization of the specification and for every behavior of the uncontrollable part of the system's environment. The proposed approach supports different assumptions on occurrences of faults (ranging from a single transient fault to a persistent fault) and by default aims at unveiling the weakest one. Based on well-established hypotheses from fault-based testing, we argue that such tests are also sensitive for more complex bugs. Since the specification may not define the system behavior completely, we use reactive synthesis algorithms with partial information. The computed strategies are adaptive test strategies that react to behavior at runtime. We work out the underlying theory of adaptive test strategy synthesis and present experiments for a safety-critical component of a real-world satellite system. We demonstrate that our approach can be applied to industrial specifications and that the synthesized test strategies are capable of detecting bugs that are hard to detect with random testing

Formal Methods for Autonomous Systems

Formal methods refer to rigorous, mathematical approaches to system development and have played a key role in establishing the correctness of safety-critical systems. The main building blocks of formal methods are models and specifications, which are analogous to behaviors and requirements in system design and give us the means to verify and synthesize system behaviors with formal guarantees. This monograph provides a survey of the current state of the art on applications of formal methods in the autonomous systems domain. We consider correct-by-construction synthesis under various formulations, including closed systems, reactive, and probabilistic settings. Beyond synthesizing systems in known environments, we address the concept of uncertainty and bound the behavior of systems that employ learning using formal methods. Further, we examine the synthesis of systems with monitoring, a mitigation technique for ensuring that once a system deviates from expected behavior, it knows a way of returning to normalcy. We also show how to overcome some limitations of formal methods themselves with learning. We conclude with future directions for formal methods in reinforcement learning, uncertainty, privacy, explainability of formal methods, and regulation and certification

New Insights on cryptographic hierarchical access control: models, schemes and analysis

2014 - 2015Nowadays the current network-centric world has given rise to several security concerns regarding the access control management, which en- sures that only authorized users are given access to certain resources or tasks. In particular, according to their respective roles and respon- sibilities, users are typically organized into hierarchies composed of several disjoint classes (security classes). A hierarchy is characterized by the fact that some users may have more access rights than others, according to a top-down inclusion paradigm following speci c hier- archical dependencies. A user with access rights for a given class is granted access to objects stored in that class, as well as to all the de- scendant ones in the hierarchy. The problem of key management for such hierarchies consists in assigning a key to each class of the hierar- chy, so that the keys for descendant classes can be e ciently obtained from users belonging to classes at a higher level in the hierarchy. In this thesis we analyze the security of hierarchical key assignment schemes according to di erent notions: security with respect to key indistinguishability and against key recovery [4], as well as the two recently proposed notions of security with respect to strong key in- distinguishability and against strong key recovery [42]. More precisely, we rst explore the relations between all security notions and, in par- ticular, we prove that security with respect to strong key indistin- guishability is not stronger than the one with respect to key indistin- guishability. Afterwards, we propose a general construction yielding a hierarchical key assignment scheme that ensures security against strong key recovery, given any hierarchical key assignment scheme which guarantees security against key recovery. Moreover, we de ne the concept of hierarchical key assignment schemes supporting dynamic updates, formalizing the relative secu- rity model. In particular, we provide the notions of security with respect to key indistinguishability and key recovery, by taking into ac- count the dynamic changes to the hierarchy. Furthermore, we show how to construct a hierarchical key assignment scheme supporting dy- namic updates, by using as a building block a symmetric encryption scheme. The proposed construction is provably secure with respect to key indistinguishability, provides e cient key derivation and updat- ing procedures, while requiring each user to store only a single private key. Finally, we propose a novel model that generalizes the conventional hierarchical access control paradigm, by extending it to certain addi- tional sets of quali ed users. Afterwards, we propose two construc- tions for hierarchical key assignment schemes in this new model, which are provably secure with respect to key indistinguishability. In par- ticular, the former construction relies on both symmetric encryption and perfect secret sharing, whereas, the latter is based on public-key threshold broadcast encryption. [edited by author]XIV n.s

The Expressive Power, Satisfiability and Path Checking Problems of MTL and TPTL over Non-Monotonic Data Words

Recently, verification and analysis of data words have gained a lot of interest. Metric temporal logic (MTL) and timed propositional temporal logic (TPTL) are two extensions of Linear time temporal logic (LTL). In MTL, the temporal operator are indexed by a constraint interval. TPTL is a more powerful logic that is equipped with a freeze formalism. It uses register variables, which can be set to the current data value and later these register variables can be compared with the current data value. For monotonic data words, Alur and Henzinger proved that MTL and TPTL are equally expressive and the satisfiability problem is decidable. We study the expressive power, satisfiability problems and path checking problems for MLT and TPTL over all data words. We introduce Ehrenfeucht-Fraisse games for MTL and TPTL. Using the EF-game for MTL, we show that TPTL is strictly more expressive than MTL. Furthermore, we show that the MTL definability problem that whether a TPTL-formula is definable in MTL is not decidable. When restricting the number of register variables, we are able to show that TPTL with two register variables is strictly more expressive than TPTL with one register variable. For the satisfiability problem, we show that for MTL, the unary fragment of MTL and the pure fragment of MTL, SAT is not decidable. We prove the undecidability by reductions from the recurrent state problem and halting problem of two-counter machines. For the positive fragments of MTL and TPTL, we show that a positive formula is satisfiable if and only it is satisfied by a finite data word. Finitary SAT and infinitary SAT coincide for positive MTL and positive TPTL. Both of them are r.e.-complete. For existential TPTL and existential MTL, we show that SAT is NP-complete. We also investigate the complexity of path checking problems for TPTL and MTL over data words. These data words can be either finite or infinite periodic. For periodic words without data values, the complexity of LTL model checking belongs to the class AC^1(LogDCFL). For finite monotonic data words, the same complexity bound has been shown for MTL by Bundala and Ouaknine. We show that path checking for TPTL is PSPACE-complete, and for MTL is P-complete. If the number of register variables allowed is restricted, we obtain path checking for TPTL with only one register variable is P-complete over both infinite and finite data words; for TPTL with two register variables is PSPACE-complete over infinite data words. If the encoding of constraint numbers of the input TPTL-formula is in unary notation, we show that path checking for TPTL with a constant number of variables is P-complete over infinite unary encoded data words. Since the infinite data word produced by a deterministic one-counter machine is periodic, we can transfer all complexity results for the infinite periodic case to model checking over deterministic one-counter machines

Logics on data words

We investigate logics on data words, i.e., words where each position is labelled by some propositions from a finite set and by some data values from an infinite domain. A basic motivation for the study of these logics, called data logics in this work, is that data words are a suitable model to represent traces of concurrent systems with unboundedly many interacting processes. In such representations data values stand for process IDs. Thus, data logics can be used to formulate requirements on such traces. We first study the expressivity and complexity of the satisfiability problem for these logics. Then, we investigate suitable models for concurrent systems with unboundedly many processes. Finally, we analyse the model checking problem for such systems in the case that data logics are used to specify system requirements. One of our main results is that, despite the bad properties of data logics with respect to satisfiability, there are important cases in which model checking with data logics has moderate complexity. Hence, our results motivate for further investigations with the aim to find interesting models and data logics which can be used in practical model checking tools