Backward Reachability of Array-based Systems by SMT solving: Termination and Invariant Synthesis

The safety of infinite state systems can be checked by a backward reachability procedure. For certain classes of systems, it is possible to prove the termination of the procedure and hence conclude the decidability of the safety problem. Although backward reachability is property-directed, it can unnecessarily explore (large) portions of the state space of a system which are not required to verify the safety property under consideration. To avoid this, invariants can be used to dramatically prune the search space. Indeed, the problem is to guess such appropriate invariants. In this paper, we present a fully declarative and symbolic approach to the mechanization of backward reachability of infinite state systems manipulating arrays by Satisfiability Modulo Theories solving. Theories are used to specify the topology and the data manipulated by the system. We identify sufficient conditions on the theories to ensure the termination of backward reachability and we show the completeness of a method for invariant synthesis (obtained as the dual of backward reachability), again, under suitable hypotheses on the theories. We also present a pragmatic approach to interleave invariant synthesis and backward reachability so that a fix-point for the set of backward reachable states is more easily obtained. Finally, we discuss heuristics that allow us to derive an implementation of the techniques in the model checker MCMT, showing remarkable speed-ups on a significant set of safety problems extracted from a variety of sources.Comment: Accepted for publication in Logical Methods in Computer Scienc

Differences in land-based mitigation estimates reconciled by separating natural and land-use CO2 fluxes at the country level

Anthropogenic and natural CO2 fluxes on land constitute substantial CO2 emissions and removals but are usually not well distinguished in national greenhouse gas reporting. Instead, countries frequently combine natural and indirect human-induced CO2 fluxes on managed land in their reports, which diminishes their usefulness for designing policies consistent with climate mitigation targets. Here, we separate natural and land-use-related CO2 fluxes from national reports in eight countries using global models to improve the assessment of attribution of terrestrial CO2 fluxes to direct anthropogenic activities. In most investigated countries, the gap between model-based and report-based CO2 flux estimates is reduced if natural and indirect human-induced CO2 fluxes on managed land are considered. Further examinations show that remaining differences are linked to country-specific discrepancies between model-based and report-based estimates. Separating natural and land-use-related CO2 fluxes at national scales supports a fair burden sharing of climate mitigation across countries and facilitates the assessment of land-based mitigation ambitions. © 2022 The Author

Synthesis of Adaptive Side-Channel Attacks.

We present symbolic analysis techniques for detecting vulnerabilities that are due to adaptive side-channel attacks, and synthesizing inputs that exploit the identified vulnerabilities. We start with a symbolic attack model that encodes succinctly all the side-channel attacks that an adversary can make. Using symbolic execution over this model, we generate a set of mathematical constraints, where each constraint characterizes the set of secret values that lead to the same sequence of side-channel measurements. We then compute the optimal attack, i.e, the attack that yields maximum leakage over the secret, by solving an optimization problem over the computed constraints. We use information-theoretic concepts such as channel capacity and Shannon entropy to quantify the leakage over multiple runs in the attack, where the measurements over the side channels form the observations that an adversary can use to try to infer the secret. We also propose greedy heuristics that generate the attack by exploring a portion of the symbolic attack model in each step. We implemented the techniques in Symbolic PathFinder and applied them to Java programs encoding web services, string manipulations and cryptographic functions, demonstrating how to synthesize optimal side-channel attacks

Neighbourhood preserving load balancing: A self-organizing approach

We describe a static load balancing algorithm based on Kohonen Self-Organizing Maps (SOM) for a class of parallel computations where the communication pattern exhibits spatial locality and we present initial results. The topology preserving mapping achieved by SOM reduces the communication load across processors, however, it does not take load balancing into consideration. We introduce a load balancing mechanism into the SOM algorithm. We also present a preliminary multilevel implementation which resulted in significant execution time improvements. The results are promising to further improve SOM based load balancing for geometric graphs. © Springer-Verlag Berlin Heidelberg 2000

Logico-numerical max-strategy iteration

Strategy iteration methods are used for solving fixed point equations. It has been shown that they improve precision in static analysis based on abstract interpretation and template abstract domains, e.g. intervals, octagons or template polyhedra. However, they are limited to numerical programs. In this paper, we propose a method for applying max-strategy iteration to logico-numerical programs, i.e. programs with numerical and Boolean variables, without explicitly enumerating the Boolean state space. The method is optimal in the sense that it computes the least fixed point w.r.t. the abstract domain; in particular, it does not resort to widening. Moreover, we give experimental evidence about the efficiency and precision of the approach

Analysis and Verification of Service Interaction Protocols - A Brief Survey

Modeling and analysis of interactions among services is a crucial issue in Service-Oriented Computing. Composing Web services is a complicated task which requires techniques and tools to verify that the new system will behave correctly. In this paper, we first overview some formal models proposed in the literature to describe services. Second, we give a brief survey of verification techniques that can be used to analyse services and their interaction. Last, we focus on the realizability and conformance of choreographies.Comment: In Proceedings TAV-WEB 2010, arXiv:1009.330

An Introduction to Simulation-Based Techniques for Automated Service Composition

This work is an introduction to the author's contributions to the SOC area, resulting from his PhD research activity. It focuses on the problem of automatically composing a desired service, given a set of available ones and a target specification. As for description, services are represented as finite-state transition systems, so to provide an abstract account of their behavior, seen as the set of possible conversations with external clients. In addition, the presence of a finite shared memory is considered, that services can interact with and which provides a basic form of communication. Rather than describing technical details, we offer an informal overview of the whole work, and refer the reader to the original papers, referenced throughout this work, for all details

Global Carbon Budget 2020

Accurate assessment of anthropogenic carbon dioxide (CO$_{2}$) emissions and their redistribution among the atmosphere, ocean, and terrestrial biosphere in a changing climate – the “global carbon budget” – is important to better understand the global carbon cycle, support the development of climate policies, and project future climate change. Here we describe and synthesize data sets and methodology to quantify the five major components of the global carbon budget and their uncertainties. Fossil CO$_{2}$ emissions (E$_{FOS}$) are based on energy statistics and cement production data, while emissions from land-use change (E$_{LUC}$), mainly deforestation, are based on land use and land-use change data and bookkeeping models. Atmospheric CO$_{2}$ concentration is measured directly and its growth rate (G$_{ATM}$) is computed from the annual changes in concentration. The ocean CO$_{2}$ sink (S$_{OCEAN}$) and terrestrial CO$_{2}$ sink (S$_{LAND}$) are estimated with global process models constrained by observations. The resulting carbon budget imbalance (B$_{IM}$), the difference between the estimated total emissions and the estimated changes in the atmosphere, ocean, and terrestrial biosphere, is a measure of imperfect data and understanding of the contemporary carbon cycle. All uncertainties are reported as ±1σ. For the last decade available (2010–2019), E$_{FOS}$ was 9.6 ± 0.5 GtC yr$^{-1}$ excluding the cement carbonation sink (9.4 ± 0.5 GtC yr−1 when the cement carbonation sink is included), and E$_{LUC}$ was 1.6 ± 0.7 GtC yr$^{-1}$. For the same decade, G$_{ATM}$ was 5.1 ± 0.02 GtC yr$^{-1}$ (2.4 ± 0.01 ppm yr$_{-1}$), S$_{OCEAN}$ 2.5 ±  0.6 GtC yr$^{-1}$, and S$_{LAND}$ 3.4 ± 0.9 GtC yr$^{-1}$, with a budget imbalance B$_{IM}$ of −0.1 GtC yr$^{-1}$ indicating a near balance between estimated sources and sinks over the last decade. For the year 2019 alone, the growth in E$_{FOS}$ was only about 0.1 % with fossil emissions increasing to 9.9 ± 0.5 GtC yr$^{-1}$ excluding the cement carbonation sink (9.7 ± 0.5 GtC yr$^{-1}$ when cement carbonation sink is included), and E$_{LUC}$ was 1.8 ± 0.7 GtC yr$^{-1}$, for total anthropogenic CO$_{2}$ emissions of 11.5 ± 0.9 GtC yr$^{-1}$ (42.2 ± 3.3 GtCO$_{2}$). Also for 2019, G$_{ATM}$ was 5.4 ± 0.2 GtC yr$^{-1}$ (2.5 ± 0.1 ppm yr$^{-1}$), S$_{OCEAN}$ was 2.6 ± 0.6 GtC yr$^{-1}$, and S$_{LAND}$ was 3.1 ± 1.2 GtC yr$^{-1}$, with a B$_{IM}$ of 0.3 GtC. The global atmospheric CO$_{2}$ concentration reached 409.85 ± 0.1 ppm averaged over 2019. Preliminary data for 2020, accounting for the COVID-19-induced changes in emissions, suggest a decrease in E$_{FOS}$ relative to 2019 of about −7 % (median estimate) based on individual estimates from four studies of −6 %, −7 %, −7 % (−3 % to −11 %), and −13 %. Overall, the mean and trend in the components of the global carbon budget are consistently estimated over the period 1959–2019, but discrepancies of up to 1 GtC yr$^{-1}$ persist for the representation of semi-decadal variability in CO$_{2}$ fluxes. Comparison of estimates from diverse approaches and observations shows (1) no consensus in the mean and trend in land-use change emissions over the last decade, (2) a persistent low agreement between the different methods on the magnitude of the land CO$_{2}$ flux in the northern extra-tropics, and (3) an apparent discrepancy between the different methods for the ocean sink outside the tropics, particularly in the Southern Ocean. This living data update documents changes in the methods and data sets used in this new global carbon budget and the progress in understanding of the global carbon cycle compared with previous publications of this data set (Friedlingstein et al., 2019; Le Quéré et al., 2018b, a, 2016, 2015b, a, 2014, 2013). The data presented in this work are available at https://doi.org/10.18160/gcp-2020 (Friedlingstein et al., 2020)