Automatic Verification of Finite Precision Implementations of Linear Controllers

We consider the problem of verifying finite precision implementation of linear time-invariant controllers against mathematical specifications. A specification may have multiple correct implementations which are different from each other in controller state representation, but equivalent from a perspective of input-output behavior (e.g., due to optimization in a code generator). The implementations may use finite precision computations (e.g. floating-point arithmetic) which cause quantization (i.e., roundoff) errors. To address these challenges, we first extract a controller\u27s mathematical model from the implementation via symbolic execution and floating-point error analysis, and then check approximate input-output equivalence between the extracted model and the specification by similarity checking. We show how to automatically verify the correctness of floating-point controller implementation in C language using the combination of techniques such as symbolic execution and convex optimization problem solving. We demonstrate the scalability of our approach through evaluation with randomly generated controller specifications of realistic size

Scalable Verification of Linear Controller Software

We consider the problem of verifying software implementations of linear time-invariant controllers against mathematical specifications. Given a controller specification, multiple correct implementations may exist, each of which uses a different representation of controller state (e.g., due to optimizations in a third-party code generator). To accommodate this variation, we first extract a controller\u27s mathematical model from the implementation via symbolic execution, and then check input-output equivalence between the extracted model and the specification by similarity checking. We show how to automatically verify the correctness of C code controller implementation using the combination of techniques such as symbolic execution, satisfiability solving and convex optimization. Through evaluation using randomly generated controller specifications of realistic size, we demonstrate that the scalability of this approach has significantly improved compared to our own earlier work based on the invariant checking method

Kinetics and thermodynamics of salt-dependent T7 gene 2.5 protein binding to single- and double-stranded DNA

Bacteriophage T7 gene 2.5 protein (gp2.5) is a single-stranded DNA (ssDNA)-binding protein that has essential roles in DNA replication, recombination and repair. However, it differs from other ssDNA-binding proteins by its weaker binding to ssDNA and lack of cooperative ssDNA binding. By studying the rate-dependent DNA melting force in the presence of gp2.5 and its deletion mutant lacking 26 C-terminal residues, we probe the kinetics and thermodynamics of gp2.5 binding to ssDNA and double-stranded DNA (dsDNA). These force measurements allow us to determine the binding rate of both proteins to ssDNA, as well as their equilibrium association constants to dsDNA. The salt dependence of dsDNA binding parallels that of ssDNA binding. We attribute the four orders of magnitude salt-independent differences between ssDNA and dsDNA binding to nonelectrostatic interactions involved only in ssDNA binding, in contrast to T4 gene 32 protein, which achieves preferential ssDNA binding primarily through cooperative interactions. The results support a model in which dimerization interactions must be broken for DNA binding, and gp2.5 monomers search dsDNA by 1D diffusion to bind ssDNA. We also quantitatively compare the salt-dependent ssDNA- and dsDNA-binding properties of the T4 and T7 ssDNA-binding proteins for the first time

Formal Verification of Masked Hardware Implementations in the Presence of Glitches

Masking provides a high level of resistance against side-channel analysis. However, in practice there are many possible pitfalls when masking schemes are applied, and implementation flaws are easily overlooked. Over the recent years, the formal verification of masked software implementations has made substantial progress. In contrast to software implementations, hardware implementations are inherently susceptible to glitches. Therefore, the same methods tailored for software implementations are not readily applicable. In this work, we introduce a method to formally verify the security of masked hardware implementations that takes glitches into account. Our approach does not require any intermediate modeling steps of the targeted implementation and is not bound to a certain leakage model. The verification is performed directly on the circuit’s netlist, and covers also higher-order and multivariate flaws. Therefore, a sound but conservative estimation of the Fourier coefficients of each gate in the netlist is calculated, which characterize statistical dependence of the gates on the inputs and thus allow to predict possible leakages. In contrast to existing practical evaluations, like t-tests, this formal verification approach makes security statements beyond specific measurement methods, the number of evaluated leakage traces, and the evaluated devices. Furthermore, flaws detected by the verifier are automatically localized. We have implemented our method on the basis of an SMT solver and demonstrate the suitability on a range of correctly and incorrectly protected circuits of different masking schemes and for different protection orders. Our verifier is efficient enough to prove the security of a full masked AES S-box, and of the Keccak S-box up to the third protection order

Retrospective observational study of HER2 immunohistochemistry in borderline breast cancer patients undergoing neoadjuvant therapy, with an emphasis on Group 2 (HER2/CEP17 ratio ≥2.0, HER2 copy number <4.0 signals/cell) cases.

BACKGROUND: The ASCO/CAP guidance on HER2 testing in breast cancer (BC) has recently changed. Group 2 tumours with immunohistochemistry score 2+ and HER2/CEP17 ratio ≥2.0 and HER2 copy number <4.0 signals/cell were re-classified as HER2 negative. This study aims to examine the response of Group 2 tumours to neoadjuvant chemotherapy (NACT). METHODS: 749 BC cases were identified from 11 institutions. The association between HER2 groups and pathological complete response (pCR) was assessed. RESULTS: 54% of immunohistochemistry HER2 positive (score 3+) BCs showed pCR, compared to 19% of immunohistochemistry 2+ FISH amplified cases. 27% of Group 2 treated with HER2 targeted therapy achieved pCR, compared to 19 and 11% in the combined Groups 1 + 3 and Groups 4 + 5, respectively. No difference in pCR rates was identified between Group 2 and Group 1 or combined Groups 1 + 3. However, Group 2 response rate was higher than Groups 4 + 5 (p = 0.017). CONCLUSION: No difference in pCR was detected in tumours with a HER2/CEP17 ratio ≥2.0 and a HER2 score 2+ by IHC when stratified by HER2 gene copy number. Our data suggest that ASCO/CAP HER2 Group 2 carcinomas should be evaluated further with respect to eligibility for HER2 targeted therapy