A Scalable Segmented Decision Tree Abstract Domain

International audienceThe key to precision and scalability in all formal methods for static program analysis and verification is the handling of disjunctions arising in relational analyses, the flow-sensitive traversal of conditionals and loops, the context-sensitive inter-procedural calls, the interleaving of concurrent threads, etc. Explicit case enumeration immediately yields to combinatorial explosion. The art of scalable static analysis is therefore to abstract disjunctions to minimize cost while preserving weak forms of disjunctions for expressivity. Building upon packed binary decision trees to handle disjunction in tests, loops and procedure/function calls and array segmentation to handle disjunctions in array content analysis, we have introduced segmented decision trees to allow for more expressivity while mastering costs via widenings

Secrecy capacity of a class of orthogonal relay eavesdropper channels

The secrecy capacity of relay channels with orthogonal components is studied in the presence of an additional passive eavesdropper node. The relay and destination receive signals from the source on two orthogonal channels such that the destination also receives transmissions from the relay on its channel. The eavesdropper can overhear either one or both of the orthogonal channels. Inner and outer bounds on the secrecy capacity are developed for both the discrete memoryless and the Gaussian channel models. For the discrete memoryless case, the secrecy capacity is shown to be achieved by a partial decode-and-forward (PDF) scheme when the eavesdropper can overhear only one of the two orthogonal channels. Two new outer bounds are presented for the Gaussian model using recent capacity results for a Gaussian multi-antenna point-to-point channel with a multi-antenna eavesdropper. The outer bounds are shown to be tight for two sub-classes of channels. The first sub-class is one in which the source and relay are clustered and the and the eavesdropper receives signals only on the channel from the source and the relay to the destination, for which the PDF strategy is optimal. The second is a sub-class in which the source does not transmit to the relay, for which a noise-forwarding strategy is optimal.Comment: Submitted to Eurasip Journal on Wireless Communications and Networking special issue on Wireless physical layer security, Dec. 2008, Revised Jun. 200

Certified compilation for cryptography: Extended x86 instructions and constant-time verification

We present a new tool for the generation and verification of high-assurance high-speed machine-level cryptography implementations: a certified C compiler supporting instruction extensions to the x86. We demonstrate the practical applicability of our tool by incorporating it into supercop: a toolkit for measuring the performance of cryptographic software, which includes over 2000 different implementations. We show i. that the coverage of x86 implementations in supercop increases significantly due to the added support of instruction extensions via intrinsics and ii. that the obtained verifiably correct implementations are much closer in performance to unverified ones. We extend our compiler with a specialized type system that acts at pre-assembly level; this is the first constant-time verifier that can deal with extended instruction sets. We confirm that, by using instruction extensions, the performance penalty for verifiably constant-time code can be greatly reduced.This work is financed by National Funds through the FCT - Fundação para a Ciência e a Tecnologia (Portuguese Foundation for Science and Technology) within the project PTDC/CCI-INF/31698/2017, and by the Norte Portugal Regional Operational Programme (NORTE 2020) under the Portugal 2020 Partnership Agreement, through the European Regional Development Fund (ERDF) and also by national funds through the FCT, within project NORTE-01-0145-FEDER-028550 (REASSURE)

Freezing of Enkephalinergic Functions by Multiple Noxious Foci: A Source of Pain Sensitization?

BACKGROUND:The functional significance of proenkephalin systems in processing pain remains an open question and indeed is puzzling. For example, a noxious mechanical stimulus does not alter the release of Met-enkephalin-like material (MELM) from segments of the spinal cord related to the stimulated area of the body, but does increase its release from other segments. METHODOLOGY/PRINCIPAL FINDINGS:Here we show that, in the rat, a noxious mechanical stimulus applied to either the right or the left hind paw elicits a marked increase of MELM release during perifusion of either the whole spinal cord or the cervico-trigeminal area. However, these stimulatory effects were not additive and indeed, disappeared completely when the right and left paws were stimulated simultaneously. CONCLUSION/SIGNIFICANCE:We have concluded that in addition to the concept of a diffuse control of the transmission of nociceptive signals through the dorsal horn, there is a diffuse control of the modulation of this transmission. The "freezing" of Met-enkephalinergic functions represents a potential source of central sensitization in the spinal cord, notably in clinical situations involving multiple painful foci, e.g. cancer with metastases, poly-traumatism or rheumatoid arthritis

Widening ROBDDs with Prime Implicants: 12th International Conference, TACAS 2006, Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2006, Vienna, Austria, March 25 - April 2, 2006. Proceedings

Despite the ubiquity of ROBDDs in program analysis, and extensive literature on ROBDD minimisation, there is a dearth of work on approximating ROBDDs. The need for approximation arises because many ROBDD operations result in an ROBDD whose size is quadratic in the size of the inputs. Furthermore, if ROBDDs are used in abstract interpretation, the running time of the analysis is related not only to the complexity of the individual ROBDD operations but also the number of operations applied. The number of operations is, in turn, constrained by the number of times a Boolean function can be weakened before stability is achieved. This paper proposes a widening that can be used to both constrain the size of an ROBDD and also ensure that the number of times that it is weakened is bounded by some given constant. The widening can be used to either systematically approximate from above (i.e. derive a weaker function) or below (i.e. infer a stronger function)