11,474 research outputs found
Hidden-Markov Program Algebra with iteration
We use Hidden Markov Models to motivate a quantitative compositional
semantics for noninterference-based security with iteration, including a
refinement- or "implements" relation that compares two programs with respect to
their information leakage; and we propose a program algebra for source-level
reasoning about such programs, in particular as a means of establishing that an
"implementation" program leaks no more than its "specification" program.
This joins two themes: we extend our earlier work, having iteration but only
qualitative, by making it quantitative; and we extend our earlier quantitative
work by including iteration. We advocate stepwise refinement and
source-level program algebra, both as conceptual reasoning tools and as targets
for automated assistance. A selection of algebraic laws is given to support
this view in the case of quantitative noninterference; and it is demonstrated
on a simple iterated password-guessing attack
Probabilistic Rely-guarantee Calculus
Jones' rely-guarantee calculus for shared variable concurrency is extended to
include probabilistic behaviours. We use an algebraic approach which combines
and adapts probabilistic Kleene algebras with concurrent Kleene algebra.
Soundness of the algebra is shown relative to a general probabilistic event
structure semantics. The main contribution of this paper is a collection of
rely-guarantee rules built on top of that semantics. In particular, we show how
to obtain bounds on probabilities by deriving rely-guarantee rules within the
true-concurrent denotational semantics. The use of these rules is illustrated
by a detailed verification of a simple probabilistic concurrent program: a
faulty Eratosthenes sieve.Comment: Preprint submitted to TCS-QAP
Compositional closure for Bayes Risk in probabilistic noninterference
We give a sequential model for noninterference security including probability
(but not demonic choice), thus supporting reasoning about the likelihood that
high-security values might be revealed by observations of low-security
activity. Our novel methodological contribution is the definition of a
refinement order and its use to compare security measures between
specifications and (their supposed) implementations. This contrasts with the
more common practice of evaluating the security of individual programs in
isolation.
The appropriateness of our model and order is supported by our showing that
our refinement order is the greatest compositional relation --the compositional
closure-- with respect to our semantics and an "elementary" order based on
Bayes Risk --- a security measure already in widespread use. We also relate
refinement to other measures such as Shannon Entropy.
By applying the approach to a non-trivial example, the anonymous-majority
Three-Judges protocol, we demonstrate by example that correctness arguments can
be simplified by the sort of layered developments --through levels of
increasing detail-- that are allowed and encouraged by compositional semantics
Metric Semantics and Full Abstractness for Action Refinement and Probabilistic Choice
This paper provides a case-study in the field of metric semantics for probabilistic programming. Both an operational and a denotational semantics are presented for an abstract process language L_pr, which features action refinement and probabilistic choice. The two models are constructed in the setting of complete ultrametric spaces, here based on probability measures of compact support over sequences of actions. It is shown that the standard toolkit for metric semantics works well in the probabilistic context of L_pr, e.g. in establishing the correctness of the denotational semantics with respect to the operational one. In addition, it is shown how the method of proving full abstraction --as proposed recently by the authors for a nondeterministic language with action refinement-- can be adapted to deal with the probabilistic language L_pr as well
Refinement for Probabilistic Systems with Nondeterminism
Before we combine actions and probabilities two very obvious questions should
be asked. Firstly, what does "the probability of an action" mean? Secondly, how
does probability interact with nondeterminism? Neither question has a single
universally agreed upon answer but by considering these questions at the outset
we build a novel and hopefully intuitive probabilistic event-based formalism.
In previous work we have characterised refinement via the notion of testing.
Basically, if one system passes all the tests that another system passes (and
maybe more) we say the first system is a refinement of the second. This is, in
our view, an important way of characterising refinement, via the question "what
sort of refinement should I be using?"
We use testing in this paper as the basis for our refinement. We develop
tests for probabilistic systems by analogy with the tests developed for
non-probabilistic systems. We make sure that our probabilistic tests, when
performed on non-probabilistic automata, give us refinement relations which
agree with for those non-probabilistic automata. We formalise this property as
a vertical refinement.Comment: In Proceedings Refine 2011, arXiv:1106.348
Consistent Histories and Quantum Reasoning
A system of quantum reasoning for a closed system is developed by treating
non-relativistic quantum mechanics as a stochastic theory. The sample space
corresponds to a decomposition, as a sum of orthogonal projectors, of the
identity operator on a Hilbert space of histories. Provided a consistency
condition is satisfied, the corresponding Boolean algebra of histories, called
a {\it framework}, can be assigned probabilities in the usual way, and within a
single framework quantum reasoning is identical to ordinary probabilistic
reasoning. A refinement rule, which allows a probability distribution to be
extended from one framework to a larger (refined) framework, incorporates the
dynamical laws of quantum theory. Two or more frameworks which are incompatible
because they possess no common refinement cannot be simultaneously employed to
describe a single physical system.Comment: Latex, 31 page
- ā¦