163 research outputs found
Brane Calculi Systems: A Static Preview of their Possible Behaviour
We improve the precision of a previous Control Flow Analysis for Brane
Calculi, by adding information on the context and introducing causality
information on the membranes. This allows us to prove some biological
properties on the behaviour of systems specified in Brane Calculi.Comment: Presented at MeCBIC 201
The cost of securing IoT communications
More smart objects and more applications on the Internet of Things (IoT) mean more security challenges. In IoT security is crucial but difficult to obtain. On the one hand the usual trade-off between highly secure and usable systems is more impelling than ever; on the other hand security is considered a feature that has a cost often unaffordable. To relieve this kind of problems, IoT designers not only need tools to assess possible risks and to study countermeasures, but also methodologies to estimate their costs. Here, we present a preliminary methodology, based on the process calculus IoT-LySa, to infer quantitative measures on systems evolution. The derived quantitative evaluation is exploited to establish the cost of the possible security countermeasures
Securing IoT communications: at what cost?
IoT systems use wireless links for local communication, where locality depends on the
transmission range and include many devices with low computational power such as sensors.
In IoT systems, security is a crucial requirement, but difficult to obtain, because standard cryptographic techniques have a cost
that is usually unaffordable.
We resort to an extended version of the process calculus LySa, called IoTLySa,
to model the patterns of communication of IoT devices.
Moreover, we assign rates to each transition
to infer quantitative measures on the specified systems.
The derived performance evaluation can be exploited to
establish the cost of the possible security countermeasures
Tracking sensitive and untrustworthy data in IoT
The Internet of Things (IoT) produces and processes large amounts of data. Among
these data, some must be protected and others must be carefully handled because they
come from untrusted sources. Taint analysis techniques can be used to for marking data and for monitoring their propagation at run time, so to determine how they influence the rest of the computation.
Starting from the specification language IoT-LySa, we propose
a Control Flow Analysis for statically predicting how tainted data spread across an IoT system and for checking whether those computations considered security critical are not affected by tainted data
A Formal Approach to Open Multiparty Interactions
We present a process algebra aimed at describing interactions that are
multiparty, i.e. that may involve more than two processes and that are open,
i.e. the number of the processes they involve is not fixed or known a priori.
Here we focus on the theory of a core version of a process calculus, without
message passing, called Core Network Algebra (CNA). In CNA communication
actions are given not in terms of channels but in terms of chains of links that
record the source and the target ends of each hop of interactions. The
operational semantics of our calculus mildly extends the one of CCS. The
abstract semantics is given in the style of bisimulation but requires some
ingenuity. Remarkably, the abstract semantics is a congruence for all operators
of CNA and also with respect to substitutions, which is not the case for strong
bisimilarity in CCS. As a motivating and running example, we illustrate the
model of a simple software defined network infrastructure.Comment: 62 page
Causal static analysis for Brane Calculi
We present here a static analysis, based on Abstract Interpretation, obtained by defining an abstract version of the causal semantics for the Mate/Bud/Drip (MBD) version of Brane Calculi, proposed by Busi. Our analysis statically approximates the dynamic behaviour of MBD systems. More precisely, the analysis is able to describe the essential behaviour of the represented membranes, in terms of their possible interactions. Furthermore, our analysis is able to statically capture the possible causal dependencies among interactions, whose determination can be exploited to better understand the modelled biological phenomena. Finally, we apply our analysis to an abstract specification of the receptor-mediated endocytosis mechanism
Statically detecting message confusions in a multi-protocol setting
In a multi-protocol setting, different protocols are concurrently
executed, and each principal can participate in more than one.
The possibilities of attacks therefore increase, often due to the presence
of similar patterns in messages. Messages coming from one protocol can
be confused with similar messages coming from another protocol. As a
consequence, data of one type may be interpreted as data of another,
and it is also possible that the type is the expected one, but the message
is addressed to another protocol. In this paper, we shall present
an extension of the LySa calculus [7, 4] that decorates encryption with
tags including the protocol identifier, the protocol step identifier and
the intended types of the encrypted terms. The additional information
allows us to find the messages that can be confused and therefore to
have hints to reconstruct the attack. We extend accordingly the standard
static Control Flow Analysis for LySa, which over-approximates
all the possible behaviour of the studied protocols, included the possible
message confusions that may occur at run-time. Our analysis has been
implemented and successfully applied to small sets of protocols. In particular,
we discovered an undocumented family of attacks, that may arise
when Bauer-Berson-Feiertag and the Woo-Lam authentication protocols
are running in parallel. The implementation complexity of the analysis
is low polynomial
A flat process calculus for nested membrane interactions
The link-calculus has been recently proposed as a process calculus for representing interactions that are open (i.e. that the number of processes may vary), and multiparty (i.e. that may involve more than two processes). Here, we apply the link-calculus for expressing, possibly hierarchical and non dyadic, biological interactions. In particular, we provide a natural encoding of Cardelli's Brane calculus, a
compartment-based calculus, introduced to model the behaviour of nested membranes. Notably, the link-calculus is
at, but we can model membranes just as special processes taking part in the biological reaction. Moreover, we give evidence that the link-calculus allows one
to directly model biological phenomena at the more appropriate level of abstraction
Checking global usage of resources handled with local policies
We present a methodology to reason about resource usage (acquisition, release, revision, and so on) and, in particular, to predict bad usage of resources. Keeping in mind the interplay between local and global information that occur in application-resource interactions, we model resources as entities with local policies and we study global properties that govern overall interactions. Formally, our model is an extension of π-calculus with primitives to manage resources. To predict possible bad usage of resources, we develop a Control Flow Analysis that computes a static over-approximation of process behaviour
- …