10,476 research outputs found
A Temporal Logic for Hyperproperties
Hyperproperties, as introduced by Clarkson and Schneider, characterize the
correctness of a computer program as a condition on its set of computation
paths. Standard temporal logics can only refer to a single path at a time, and
therefore cannot express many hyperproperties of interest, including
noninterference and other important properties in security and coding theory.
In this paper, we investigate an extension of temporal logic with explicit path
variables. We show that the quantification over paths naturally subsumes other
extensions of temporal logic with operators for information flow and knowledge.
The model checking problem for temporal logic with path quantification is
decidable. For alternation depth 1, the complexity is PSPACE in the length of
the formula and NLOGSPACE in the size of the system, as for linear-time
temporal logic
Complexity and Unwinding for Intransitive Noninterference
The paper considers several definitions of information flow security for
intransitive policies from the point of view of the complexity of verifying
whether a finite-state system is secure. The results are as follows. Checking
(i) P-security (Goguen and Meseguer), (ii) IP-security (Haigh and Young), and
(iii) TA-security (van der Meyden) are all in PTIME, while checking TO-security
(van der Meyden) is undecidable, as is checking ITO-security (van der Meyden).
The most important ingredients in the proofs of the PTIME upper bounds are new
characterizations of the respective security notions, which also lead to new
unwinding proof techniques that are shown to be sound and complete for these
notions of security, and enable the algorithms to return simple
counter-examples demonstrating insecurity. Our results for IP-security improve
a previous doubly exponential bound of Hadj-Alouane et al
Complexity Information Flow in a Multi-threaded Imperative Language
We propose a type system to analyze the time consumed by multi-threaded
imperative programs with a shared global memory, which delineates a class of
safe multi-threaded programs. We demonstrate that a safe multi-threaded program
runs in polynomial time if (i) it is strongly terminating wrt a
non-deterministic scheduling policy or (ii) it terminates wrt a deterministic
and quiet scheduling policy. As a consequence, we also characterize the set of
polynomial time functions. The type system presented is based on the
fundamental notion of data tiering, which is central in implicit computational
complexity. It regulates the information flow in a computation. This aspect is
interesting in that the type system bears a resemblance to typed based
information flow analysis and notions of non-interference. As far as we know,
this is the first characterization by a type system of polynomial time
multi-threaded programs
Feedback Controlled Software Systems
Software systems generally suffer from a certain fragility in the face of disturbances such as bugs, unforeseen user input, unmodeled interactions with other software components, and so on. A single such disturbance can make the machine on which the software is executing hang or crash. We postulate that what is required to address this fragility is a general means of using feedback to stabilize these systems. In this paper we develop a preliminary dynamical systems model of an arbitrary iterative software process along with the conceptual framework for stabilizing it in the presence of disturbances. To keep the computational requirements of the controllers low, randomization and approximation are used. We describe our initial attempts to apply the model to a faulty list sorter, using feedback to improve its performance. Methods by which software robustness can be enhanced by distributing a task between nodes each of which are capable of selecting the best input to process are also examined, and the particular case of a sorting system consisting of a network of partial sorters, some of which may be buggy or even malicious, is examined
Requirements for implementing real-time control functional modules on a hierarchical parallel pipelined system
Analysis of a robot control system leads to a broad range of processing requirements. One fundamental requirement of a robot control system is the necessity of a microcomputer system in order to provide sufficient processing capability.The use of multiple processors in a parallel architecture is beneficial for a number of reasons, including better cost performance, modular growth, increased reliability through replication, and flexibility for testing alternate control strategies via different partitioning. A survey of the progression from low level control synchronizing primitives to higher level communication tools is presented. The system communication and control mechanisms of existing robot control systems are compared to the hierarchical control model. The impact of this design methodology on the current robot control systems is explored
Transforming opacity verification to nonblocking verification in modular systems
We consider the verification of current-state and K-step opacity for systems
modeled as interacting non-deterministic finite-state automata. We describe a
new methodology for compositional opacity verification that employs
abstraction, in the form of a notion called opaque observation equivalence, and
that leverages existing compositional nonblocking verification algorithms. The
compositional approach is based on a transformation of the system, where the
transformed system is nonblocking if and only if the original one is
current-state opaque. Furthermore, we prove that -step opacity can also be
inferred if the transformed system is nonblocking. We provide experimental
results where current-state opacity is verified efficiently for a large
scaled-up system
- …