264 research outputs found
Slot Games for Detecting Timing Leaks of Programs
In this paper we describe a method for verifying secure information flow of
programs, where apart from direct and indirect flows a secret information can
be leaked through covert timing channels. That is, no two computations of a
program that differ only on high-security inputs can be distinguished by
low-security outputs and timing differences. We attack this problem by using
slot-game semantics for a quantitative analysis of programs. We show how
slot-games model can be used for performing a precise security analysis of
programs, that takes into account both extensional and intensional properties
of programs. The practicality of this approach for automated verification is
also shown.Comment: In Proceedings GandALF 2013, arXiv:1307.416
Efficient Online Timed Pattern Matching by Automata-Based Skipping
The timed pattern matching problem is an actively studied topic because of
its relevance in monitoring of real-time systems. There one is given a log
and a specification (given by a timed word and a timed automaton
in this paper), and one wishes to return the set of intervals for which the log
, when restricted to the interval, satisfies the specification
. In our previous work we presented an efficient timed pattern
matching algorithm: it adopts a skipping mechanism inspired by the classic
Boyer--Moore (BM) string matching algorithm. In this work we tackle the problem
of online timed pattern matching, towards embedded applications where it is
vital to process a vast amount of incoming data in a timely manner.
Specifically, we start with the Franek-Jennings-Smyth (FJS) string matching
algorithm---a recent variant of the BM algorithm---and extend it to timed
pattern matching. Our experiments indicate the efficiency of our FJS-type
algorithm in online and offline timed pattern matching
An Improved Tight Closure Algorithm for Integer Octagonal Constraints
Integer octagonal constraints (a.k.a. ``Unit Two Variables Per Inequality''
or ``UTVPI integer constraints'') constitute an interesting class of
constraints for the representation and solution of integer problems in the
fields of constraint programming and formal analysis and verification of
software and hardware systems, since they couple algorithms having polynomial
complexity with a relatively good expressive power. The main algorithms
required for the manipulation of such constraints are the satisfiability check
and the computation of the inferential closure of a set of constraints. The
latter is called `tight' closure to mark the difference with the (incomplete)
closure algorithm that does not exploit the integrality of the variables. In
this paper we present and fully justify an O(n^3) algorithm to compute the
tight closure of a set of UTVPI integer constraints.Comment: 15 pages, 2 figure
Finite-State Abstractions for Probabilistic Computation Tree Logic
Probabilistic Computation Tree Logic (PCTL) is the established temporal
logic for probabilistic verification of discrete-time Markov chains. Probabilistic
model checking is a technique that verifies or refutes whether a property
specified in this logic holds in a Markov chain. But Markov chains are often
infinite or too large for this technique to apply. A standard solution to
this problem is to convert the Markov chain to an abstract model and to
model check that abstract model. The problem this thesis therefore studies
is whether or when such finite abstractions of Markov chains for model
checking PCTL exist.
This thesis makes the following contributions. We identify a sizeable fragment
of PCTL for which 3-valued Markov chains can serve as finite abstractions;
this fragment is maximal for those abstractions and subsumes many
practically relevant specifications including, e.g., reachability. We also develop
game-theoretic foundations for the semantics of PCTL over Markov
chains by capturing the standard PCTL semantics via a two-player games.
These games, finally, inspire a notion of p-automata, which accept entire
Markov chains. We show that p-automata subsume PCTL and Markov
chains; that their languages of Markov chains have pleasant closure properties;
and that the complexity of deciding acceptance matches that of probabilistic
model checking for p-automata representing PCTL formulae. In addition,
we offer a simulation between p-automata that under-approximates
language containment. These results then allow us to show that p-automata
comprise a solution to the problem studied in this thesis
An Effective Fixpoint Semantics for Linear Logic Programs
In this paper we investigate the theoretical foundation of a new bottom-up
semantics for linear logic programs, and more precisely for the fragment of
LinLog that consists of the language LO enriched with the constant 1. We use
constraints to symbolically and finitely represent possibly infinite
collections of provable goals. We define a fixpoint semantics based on a new
operator in the style of Tp working over constraints. An application of the
fixpoint operator can be computed algorithmically. As sufficient conditions for
termination, we show that the fixpoint computation is guaranteed to converge
for propositional LO. To our knowledge, this is the first attempt to define an
effective fixpoint semantics for linear logic programs. As an application of
our framework, we also present a formal investigation of the relations between
LO and Disjunctive Logic Programming. Using an approach based on abstract
interpretation, we show that DLP fixpoint semantics can be viewed as an
abstraction of our semantics for LO. We prove that the resulting abstraction is
correct and complete for an interesting class of LO programs encoding Petri
Nets.Comment: 39 pages, 5 figures. To appear in Theory and Practice of Logic
Programmin
- âŚ