13,524 research outputs found
Towards the Model-Driven Engineering of Secure yet Safe Embedded Systems
We introduce SysML-Sec, a SysML-based Model-Driven Engineering environment
aimed at fostering the collaboration between system designers and security
experts at all methodological stages of the development of an embedded system.
A central issue in the design of an embedded system is the definition of the
hardware/software partitioning of the architecture of the system, which should
take place as early as possible. SysML-Sec aims to extend the relevance of this
analysis through the integration of security requirements and threats. In
particular, we propose an agile methodology whose aim is to assess early on the
impact of the security requirements and of the security mechanisms designed to
satisfy them over the safety of the system. Security concerns are captured in a
component-centric manner through existing SysML diagrams with only minimal
extensions. After the requirements captured are derived into security and
cryptographic mechanisms, security properties can be formally verified over
this design. To perform the latter, model transformation techniques are
implemented in the SysML-Sec toolchain in order to derive a ProVerif
specification from the SysML models. An automotive firmware flashing procedure
serves as a guiding example throughout our presentation.Comment: In Proceedings GraMSec 2014, arXiv:1404.163
Command injection attacks, continuations, and the Lambek calculus
This paper shows connections between command injection attacks,
continuations, and the Lambek calculus: certain command injections, such as the
tautology attack on SQL, are shown to be a form of control effect that can be
typed using the Lambek calculus, generalizing the double-negation typing of
continuations. Lambek's syntactic calculus is a logic with two implicational
connectives taking their arguments from the left and right, respectively. These
connectives describe how strings interact with their left and right contexts
when building up syntactic structures. The calculus is a form of propositional
logic without structural rules, and so a forerunner of substructural logics
like Linear Logic and Separation Logic.Comment: In Proceedings WoC 2015, arXiv:1606.0583
Introduction to linear logic and ludics, part II
This paper is the second part of an introduction to linear logic and ludics,
both due to Girard. It is devoted to proof nets, in the limited, yet central,
framework of multiplicative linear logic and to ludics, which has been recently
developped in an aim of further unveiling the fundamental interactive nature of
computation and logic. We hope to offer a few computer science insights into
this new theory
- …