Software theory change for resilient near-complete specifications

Software evolution and its laws are essential for antifragile system design and development. In this paper we model early-stage perfective and corrective changes to software system architecture in terms of logical operations of expansion and safe contraction on a theory. As a result, we formulate an inference-based notion of property specification resilience for computational systems, intended as resistance to change. The individuated resilient core of a software system is used to characterize adaptability properties

A typed natural deduction calculus to reason about secure trust

System integrity can be put at risk by unintentional transitivity of resource access. We present a natural deduction calculus for an access control model with an explicit trust function on resources. Its inference relation is designed to limit unintentionally transitive access from untrusted parties. We also offer results for ordered cut and normalization related to security and hint at a prototype implementation

A novel symbolic approach to verifying epistemic properties of programs

We introduce a framework for the symbolic verification of epistemic properties of programs expressed in a class of general-purpose programming languages. To this end, we reduce the verification problem to that of satisfiability of first-order formulae in appropriate theories. We prove the correctness of our reduction and we validate our proposal by applying it to two examples: the dining cryptographers problem and the ThreeBallot voting protocol. We put forward an implementation using existing solvers, and report experimental results showing that the approach can perform better than state-of-the-art symbolic model checkers for temporal-epistemic logic

Model checking degrees of belief in a system of agents

In this paper we present a unified framework to model and verify degrees of belief in a system of agents. In particular, we describe an extension of the temporal-epistemic logic CTLK and we introduce a semantics based on interpreted systems for this extension. In this way, degrees of beliefs do not need to be provided externally, but can be derived automatically from the possible executions of the system,thereby providing a computationally grounded formalism.We leverage the semantics to (a) construct a model checking algorithm, (b) investigate its complexity, (c) provide a Java implementation of the model checking algorithm, and(d) evaluate our approach using the standard benchmark of the dining cryptographers. Finally, we provide a detailed case study: using our framework and our implementation,we assess and verify the situational awareness of the pilot of Air France 447 flying in off-nominal conditions

Multi-agent based simulations of block-free distributed ledgers

In the past ten years distributed ledgers such as Bitcoin and smart contracts that can run code autonomously have seen an exponential growth both in terms of research interest and in terms of industrial and financial applications. These find a natural application in the area of Sensor Networks and Cyber-Physical Systems. However, the incentive architecture of blockchains requires massive computational resources for mining, delays in the confirmation of transactions and, more importantly, continuously growing transaction fees, which are ill-suited to systems in which services may be provided by resource-limited devices and confirmation times and transaction costs should be kept minimal, ideally absent. We focus on a new block-less, feeless paradigm for distributed ledgers suitable for the WSN, IoT and CPS in which transactions are nodes of a directed acyclic graph, that overcomes the limitations of blockchains for these applications, and where e.g. sensors can be at the same time issuers of transactions and validators of previous transactions. In particular, we present and release open-source a simulation environment that can be easily extended and analysed, and confirms the available results on the performance of the network

Minimizing transitive trust threats in software management systems

We consider security threats in software installation processes, posed by transitively trusted dependencies between packages from distinct repositories. To analyse them, we present SecureNDC, a Coq implemented calculus using an explicit trust function to bridge repository access and software package installation rights. Thereby, we resolve a version of the minimum install problem under trust conditions on repositorie