278 research outputs found
Abstract Interpretation of Supermodular Games
Supermodular games find significant applications in a variety of models,
especially in operations research and economic applications of noncooperative
game theory, and feature pure strategy Nash equilibria characterized as fixed
points of multivalued functions on complete lattices. Pure strategy Nash
equilibria of supermodular games are here approximated by resorting to the
theory of abstract interpretation, a well established and known framework used
for designing static analyses of programming languages. This is obtained by
extending the theory of abstract interpretation in order to handle
approximations of multivalued functions and by providing some methods for
abstracting supermodular games, in order to obtain approximate Nash equilibria
which are shown to be correct within the abstract interpretation framework
Enforcing Termination of Interprocedural Analysis
Interprocedural analysis by means of partial tabulation of summary functions
may not terminate when the same procedure is analyzed for infinitely many
abstract calling contexts or when the abstract domain has infinite strictly
ascending chains. As a remedy, we present a novel local solver for general
abstract equation systems, be they monotonic or not, and prove that this solver
fails to terminate only when infinitely many variables are encountered. We
clarify in which sense the computed results are sound. Moreover, we show that
interprocedural analysis performed by this novel local solver, is guaranteed to
terminate for all non-recursive programs --- irrespective of whether the
complete lattice is infinite or has infinite strictly ascending or descending
chains
A Scalable Segmented Decision Tree Abstract Domain
International audienceThe key to precision and scalability in all formal methods for static program analysis and verification is the handling of disjunctions arising in relational analyses, the flow-sensitive traversal of conditionals and loops, the context-sensitive inter-procedural calls, the interleaving of concurrent threads, etc. Explicit case enumeration immediately yields to combinatorial explosion. The art of scalable static analysis is therefore to abstract disjunctions to minimize cost while preserving weak forms of disjunctions for expressivity. Building upon packed binary decision trees to handle disjunction in tests, loops and procedure/function calls and array segmentation to handle disjunctions in array content analysis, we have introduced segmented decision trees to allow for more expressivity while mastering costs via widenings
Secrecy capacity of a class of orthogonal relay eavesdropper channels
The secrecy capacity of relay channels with orthogonal components is studied
in the presence of an additional passive eavesdropper node. The relay and
destination receive signals from the source on two orthogonal channels such
that the destination also receives transmissions from the relay on its channel.
The eavesdropper can overhear either one or both of the orthogonal channels.
Inner and outer bounds on the secrecy capacity are developed for both the
discrete memoryless and the Gaussian channel models. For the discrete
memoryless case, the secrecy capacity is shown to be achieved by a partial
decode-and-forward (PDF) scheme when the eavesdropper can overhear only one of
the two orthogonal channels. Two new outer bounds are presented for the
Gaussian model using recent capacity results for a Gaussian multi-antenna
point-to-point channel with a multi-antenna eavesdropper. The outer bounds are
shown to be tight for two sub-classes of channels. The first sub-class is one
in which the source and relay are clustered and the and the eavesdropper
receives signals only on the channel from the source and the relay to the
destination, for which the PDF strategy is optimal. The second is a sub-class
in which the source does not transmit to the relay, for which a
noise-forwarding strategy is optimal.Comment: Submitted to Eurasip Journal on Wireless Communications and
Networking special issue on Wireless physical layer security, Dec. 2008,
Revised Jun. 200
Ogre and Pythia: An Invariance Proof Method for Weak Consistency Models
We design an invariance proof method for concurrent programs parameterised by a weak consistency model. The calculational design of the invariance proof method is by abstract interpretation of a truly parallel analytic semantics. This generalises the methods by Lamport and Owicki-Gries for sequential consistency. We use cat as an example of language to write consistency specifications of both concurrent programs and machine architectures
Static Safety for an Actor Dedicated Process Calculus by Abstract Interpretation
The actor model eases the definition of concurrent programs with non uniform
behaviors. Static analysis of such a model was previously done in a data-flow
oriented way, with type systems. This approach was based on constraint set
resolution and was not able to deal with precise properties for communications
of behaviors. We present here a new approach, control-flow oriented, based on
the abstract interpretation framework, able to deal with communication of
behaviors. Within our new analyses, we are able to verify most of the previous
properties we observed as well as new ones, principally based on occurrence
counting
Interval Slopes as Numerical Abstract Domain for Floating-Point Variables
The design of embedded control systems is mainly done with model-based tools
such as Matlab/Simulink. Numerical simulation is the central technique of
development and verification of such tools. Floating-point arithmetic, that is
well-known to only provide approximated results, is omnipresent in this
activity. In order to validate the behaviors of numerical simulations using
abstract interpretation-based static analysis, we present, theoretically and
with experiments, a new partially relational abstract domain dedicated to
floating-point variables. It comes from interval expansion of non-linear
functions using slopes and it is able to mimic all the behaviors of the
floating-point arithmetic. Hence it is adapted to prove the absence of run-time
errors or to analyze the numerical precision of embedded control systems
A simple abstraction of arrays and maps by program translation
We present an approach for the static analysis of programs handling arrays,
with a Galois connection between the semantics of the array program and
semantics of purely scalar operations. The simplest way to implement it is by
automatic, syntactic transformation of the array program into a scalar program
followed analysis of the scalar program with any static analysis technique
(abstract interpretation, acceleration, predicate abstraction,.. .). The
scalars invariants thus obtained are translated back onto the original program
as universally quantified array invariants. We illustrate our approach on a
variety of examples, leading to the " Dutch flag " algorithm
Succinct Representations for Abstract Interpretation
Abstract interpretation techniques can be made more precise by distinguishing
paths inside loops, at the expense of possibly exponential complexity.
SMT-solving techniques and sparse representations of paths and sets of paths
avoid this pitfall. We improve previously proposed techniques for guided static
analysis and the generation of disjunctive invariants by combining them with
techniques for succinct representations of paths and symbolic representations
for transitions based on static single assignment. Because of the
non-monotonicity of the results of abstract interpretation with widening
operators, it is difficult to conclude that some abstraction is more precise
than another based on theoretical local precision results. We thus conducted
extensive comparisons between our new techniques and previous ones, on a
variety of open-source packages.Comment: Static analysis symposium (SAS), Deauville : France (2012
Improving static analyses of C programs with conditional predicates
Best paper awardInternational audienceStatic code analysis is increasingly used to guarantee the absence of undesirable behaviors in industrial programs. Designing sound analyses is a continuing trade-off between precision and complexity. Notably, dataflow analyses often perform overly wide approximations when two control-flow paths meet, by merging states from each path. This paper presents a generic abstract interpretation based framework to enhance the precision of such analyses on join points. It relies on predicated domains, that preserve and reuse information valid only inside some branches of the code. Our predicates are derived from conditionals statements, and postpone the loss of information. The work has been integrated into Frama-C, a C source code analysis platform. Experiments on real code show that our approach scales, and improves significantly the precision of the existing analyses of Frama-C
- …