69,443 research outputs found
Relational Symbolic Execution
Symbolic execution is a classical program analysis technique used to show
that programs satisfy or violate given specifications. In this work we
generalize symbolic execution to support program analysis for relational
specifications in the form of relational properties - these are properties
about two runs of two programs on related inputs, or about two executions of a
single program on related inputs. Relational properties are useful to formalize
notions in security and privacy, and to reason about program optimizations. We
design a relational symbolic execution engine, named RelSym which supports
interactive refutation, as well as proving of relational properties for
programs written in a language with arrays and for-like loops
A Survey of Symbolic Execution Techniques
Many security and software testing applications require checking whether
certain properties of a program hold for any possible usage scenario. For
instance, a tool for identifying software vulnerabilities may need to rule out
the existence of any backdoor to bypass a program's authentication. One
approach would be to test the program using different, possibly random inputs.
As the backdoor may only be hit for very specific program workloads, automated
exploration of the space of possible inputs is of the essence. Symbolic
execution provides an elegant solution to the problem, by systematically
exploring many possible execution paths at the same time without necessarily
requiring concrete inputs. Rather than taking on fully specified input values,
the technique abstractly represents them as symbols, resorting to constraint
solvers to construct actual instances that would cause property violations.
Symbolic execution has been incubated in dozens of tools developed over the
last four decades, leading to major practical breakthroughs in a number of
prominent software reliability applications. The goal of this survey is to
provide an overview of the main ideas, challenges, and solutions developed in
the area, distilling them for a broad audience.
The present survey has been accepted for publication at ACM Computing
Surveys. If you are considering citing this survey, we would appreciate if you
could use the following BibTeX entry: http://goo.gl/Hf5FvcComment: This is the authors pre-print copy. If you are considering citing
this survey, we would appreciate if you could use the following BibTeX entry:
http://goo.gl/Hf5Fv
Flow Ambiguity: A Path Towards Classically Driven Blind Quantum Computation
Blind quantum computation protocols allow a user to delegate a computation to
a remote quantum computer in such a way that the privacy of their computation
is preserved, even from the device implementing the computation. To date, such
protocols are only known for settings involving at least two quantum devices:
either a user with some quantum capabilities and a remote quantum server or two
or more entangled but noncommunicating servers. In this work, we take the first
step towards the construction of a blind quantum computing protocol with a
completely classical client and single quantum server. Specifically, we show
how a classical client can exploit the ambiguity in the flow of information in
measurement-based quantum computing to construct a protocol for hiding critical
aspects of a computation delegated to a remote quantum computer. This ambiguity
arises due to the fact that, for a fixed graph, there exist multiple choices of
the input and output vertex sets that result in deterministic measurement
patterns consistent with the same fixed total ordering of vertices. This allows
a classical user, computing only measurement angles, to drive a
measurement-based computation performed on a remote device while hiding
critical aspects of the computation.Comment: (v3) 14 pages, 6 figures. expands introduction and definition of
flow, corrects typos to increase readability; contains a new figure to
illustrate example run of CDBQC protocol; minor changes to match the
published version.(v2) 12 pages, 5 figures. Corrects motivation for
quantities used in blindness analysi
Self-composition by Symbolic Execution
This work is licensed under a CC-BY Creative Commons Attribution 3.0 Unported license (http://creativecommons.org/licenses/by/3.0/)urn: urn:nbn:de:0030-drops-42770urn: urn:nbn:de:0030-drops-42770Self-composition is a logical formulation of non-interference, a high-level security property that guarantees the absence of illicit information leakages through executing programs. In order to capture program executions, self-composition has been expressed in Hoare or modal logic, and has been proved (or refuted) by using theorem provers. These approaches require considerable user interaction, and verification expertise. This paper presents an automated technique to prove self-composition. We reformulate the idea of self-composition into comparing pairs of symbolic paths of the same program; the symbolic paths are given by Symbolic Execution. The result of our analysis is a logical formula expressing self-composition in first-order theories, which can be solved by off-the-shelf Satisfiability Modulo Theories solver
From FPGA to ASIC: A RISC-V processor experience
This work document a correct design flow using these tools in the Lagarto RISC- V Processor and the RTL design considerations that must be taken into account, to move from a design for FPGA to design for ASIC
- …