synthesis of non interferent systems
play

Synthesis of non-interferent systems Gilles Benattar Franck Cassez - PowerPoint PPT Presentation

Nov 09, 2023 •325 likes •753 views

Introduction Definitions Results Conclusion Synthesis of non-interferent systems Gilles Benattar Franck Cassez Didier Lime Olivier H.Roux IRCCyN/CNRS UMR 6597, Nantes, France CNRS and National ICT Australia, Sydney,

  1. Introduction Definitions Results Conclusion Synthesis of non-interferent systems Gilles Benattar † Franck Cassez ‡ Didier Lime † Olivier H.Roux † † IRCCyN/CNRS UMR 6597, Nantes, France ‡ CNRS and National ICT Australia, Sydney, Australia Formal Modelling and Analysis of Timed Systems 2009 (FORMATS09) 1

  2. Introduction Definitions Results Conclusion Introduction 1 Studies of information flow security properties has been a very active domain. 2 Information flow analysis defines secrecy as: “high level information never flows into low level channels” i.e. , non-interference . 3 There are many results on model checking of non-interference properties. 4 We consider the problem of the synthesis of non-interferent systems for timed and untimed automata. 2

  3. Introduction Definitions Results Conclusion Introduction 1 Definitions 2 Preliminaries Non-interference Control problem Results 3 SNNI verification problem SNNI control problem SNNI control synthesis problem Conclusion 4 3

  4. Introduction Preliminaries Definitions Non-interference Results Control Problem Conclusion Restriction definition h 1 l 1 0 1 2 h 2 l 1 l 2 3 4 5 Figure: B 4

  5. Introduction Preliminaries Definitions Non-interference Results Control Problem Conclusion Restriction definition h 1 l 1 h 1 l 1 0 1 2 0 1 2 h 2 l 1 l 1 l 2 3 4 5 3 (a) Automaton B (b) B\{ h 2 } 4

  6. Introduction Preliminaries Definitions Non-interference Results Control Problem Conclusion Abstraction (hiding) definition h 1 l 1 0 1 2 h 2 l 1 l 2 3 4 5 Figure: B 5

  7. Introduction Preliminaries Definitions Non-interference Results Control Problem Conclusion Abstraction (hiding) definition h 1 l 1 h 1 l 1 0 1 2 0 1 2 h 2 ε l 1 l 1 l 2 l 2 3 4 5 3 4 5 (a) Automaton B (b) B / { h 2 } 5

  8. Introduction Preliminaries Definitions Non-interference Results Control Problem Conclusion Strong Non-deterministic Non-Interference (SNNI) 1/4 1 The systems is defined by an automaton A over an alphabet Σ divided into two sub-alphabets : Σ h the high level actions and Σ l the low level actions 2 A system defined by an automaton A is non-interferent if the low level user cannot distinguish A / Σ h from A\ Σ h . Definition (SNNI) A TA A has the strong non-deterministic non-interference property (in short “ A is SNNI”) if A / Σ h ≈ L A\ Σ h , where A 1 ≈ L A 2 mean that A 1 and A 2 are language equivalent . 6

  9. Introduction Preliminaries Definitions Non-interference Results Control Problem Conclusion SNNI finite automata example 1/2 h 1 l 1 0 1 2 h 2 l 1 l 2 3 4 5 Figure: B that is not SNNI L ( B / { h 1 , h 2 } ) = { l 1 , l 2 } L ( B\{ h 1 , h 2 } ) = { l 1 } 7

  10. Introduction Preliminaries Definitions Non-interference Results Control Problem Conclusion SNNI finite automata example 2/2 h 1 l 1 0 1 2 h 2 l 1 3 4 Figure: C that is SNNI L ( C / { h 1 , h 2 } ) = { l 1 } L ( C\{ h 1 , h 2 } ) = { l 1 } 8

  11. Introduction Preliminaries Definitions Non-interference Results Control Problem Conclusion SNNI timed automata example [ x 1 ≤ 4] h , x 1 ≥ 1 A 0 A 2 l , x 1 ≥ 2 l A 1 A 3 Figure: Timed Automaton A 9

  12. Introduction Preliminaries Definitions Non-interference Results Control Problem Conclusion SNNI timed automata example h A 0 A 2 l l A 1 A 3 Figure: Finite Automaton A � = untimed ( A ) L ( A � / { h } ) = { l } L ( A � \{ h } ) = { l } 9

  13. Introduction Preliminaries Definitions Non-interference Results Control Problem Conclusion SNNI timed automata example [ x 1 ≤ 4] h , x 1 ≥ 1 A 0 A 2 l , x 1 ≥ 2 l A 1 A 3 Figure: Timed Automaton A ρ = ( A 0 , 0) 1 . 1 → ( A 0 , 1 . 1) h → ( A 2 , 0) 0 . 5 l − − − − − → ( A 2 , 1 . 6) − → ( A 3 , 1 . 6) ∈ Runs ( A ) 9

  14. Introduction Preliminaries Definitions Non-interference Results Control Problem Conclusion SNNI timed automata example [ x 1 ≤ 4] h , x 1 ≥ 1 A 0 A 2 l , x 1 ≥ 2 l A 1 A 3 Figure: Timed Automaton A ρ = ( A 0 , 0) 1 . 1 → ( A 2 , 0) 0 . 5 → ( A 0 , 1 . 1) h l − − − − − → ( A 2 , 1 . 6) − → ( A 3 , 1 . 6) ∈ Runs ( A ) (1 . 1 , h ) . (0 . 5 , l ) ∈ L ( A ) 9

  15. Introduction Preliminaries Definitions Non-interference Results Control Problem Conclusion SNNI timed automata example [ x 1 ≤ 4] h , x 1 ≥ 1 A 0 A 2 l , x 1 ≥ 2 l A 1 A 3 Figure: Timed Automaton A ρ = ( A 0 , 0) 1 . 1 → ( A 2 , 0) 0 . 5 → ( A 0 , 1 . 1) h l − − − − − → ( A 2 , 1 . 6) − → ( A 3 , 1 . 6) ∈ Runs ( A ) (1 . 1 , h ) . (0 . 5 , l ) ∈ L ( A ) ⇒ (1 . 6 , l ) ∈ L ( A / { h } ) 9

  16. Introduction Preliminaries Definitions Non-interference Results Control Problem Conclusion SNNI timed automata example [ x 1 ≤ 4] h , x 1 ≥ 1 A 0 A 2 l , x 1 ≥ 2 l A 1 A 3 Figure: Timed Automaton A ρ = ( A 0 , 0) 1 . 1 → ( A 2 , 0) 0 . 5 → ( A 0 , 1 . 1) h l − − − − − → ( A 2 , 1 . 6) − → ( A 3 , 1 . 6) ∈ Runs ( A ) (1 . 1 , h ) . (0 . 5 , l ) ∈ L ( A ) ⇒ (1 . 6 , l ) ∈ L ( A / { h } ) ⇒ A is not SNNI 9

  17. Introduction Preliminaries Definitions Non-interference Results Control Problem Conclusion Control problem 1/2 The SNNI Verification Problem (SNNI-VP) for a system S asks the following: is S SNNI ? The Control Problem (SNNI-CP) for a system S asks the following: Is there a controller C s.t. C ( S ) is SNNI ? The Controller Synthesis Problem (SNNI-CSP) asks to compute a witness controller C . 10

  18. Introduction Preliminaries Definitions Non-interference Results Control Problem Conclusion Control problem 2/2 Let Σ c ⊆ Σ = Σ h ∪ Σ l a set of controllable actions , let λ �∈ Σ the waiting action . Definition (Controller) A controller C for A is a partial mapping C : Runs ( A ) → 2 Σ c ∪{ λ } . After each run ρ ∈ Runs ( A ), the controller chose a set C ( ρ ) of actions that are not disabled. 11

  19. Introduction Preliminaries Definitions Non-interference Results Control Problem Conclusion Control problem 2/2 Let Σ c ⊆ Σ = Σ h ∪ Σ l a set of controllable actions , let λ �∈ Σ the waiting action . Definition (Controller) A controller C for A is a partial mapping C : Runs ( A ) → 2 Σ c ∪{ λ } . After each run ρ ∈ Runs ( A ), the controller chose a set C ( ρ ) of actions that are not disabled. If λ ∈ C ( ρ ), the system may wait, otherwise, a controllable action must be done by one of the users. 11

  20. Introduction Preliminaries Definitions Non-interference Results Control Problem Conclusion Introduction 1 Definitions 2 Preliminaries Non-interference Control problem Results 3 SNNI verification problem SNNI control problem SNNI control synthesis problem Conclusion 4 12

  21. Introduction SNNI-VP Definitions SNNI-CP Results SNNI-CSP Conclusion SNNI Verification Problem (SNNI-VP) Untimed Automata Timed Automata Deterministic A \ Σ h PTIME PSPACE-Complete Non-deterministic A \ Σ h PSPACE-Complete Undecidable [1] Table: Results for the SNNI-VP 13

  22. Introduction SNNI-VP Definitions SNNI-CP Results SNNI-CSP Conclusion SNNI Control Problem (SNNI-CP) for finite automata 1/2 Theorem For finite automata, the SNNI-CP is PSPACE-Complete. 14

  23. Introduction SNNI-VP Definitions SNNI-CP Results SNNI-CSP Conclusion SNNI Control Problem (SNNI-CP) for finite automata 2/2 For finite automata, we can easily check if SNNI is controllable by cutting all the controllable actions and checking if the obtained system is SNNI. h 1 l 1 0 4 5 l 1 l 2 3 2 1 h 2 Figure: Automaton D Σ c = { l 1 } 15

  24. Introduction SNNI-VP Definitions SNNI-CP Results SNNI-CSP Conclusion SNNI Control Problem (SNNI-CP) for finite automata 2/2 For finite automata, we can easily check if SNNI is controllable by cutting all the controllable actions and checking if the obtained system is SNNI. h 1 0 4 Figure: Automaton D\ Σ c Σ c = { l 1 } 15

  25. Introduction SNNI-VP Definitions SNNI-CP Results SNNI-CSP Conclusion SNNI Control Problem (SNNI-CP) for timed automata This does not work in the timed case : h , x 1 ≥ 5 0 2 a , x 1 > 1 b 1 3 Figure: Timed Automaton E Σ c = { a } 16

  26. Introduction SNNI-VP Definitions SNNI-CP Results SNNI-CSP Conclusion SNNI Control Problem (SNNI-CP) for timed automata This does not work in the timed case : h , x 1 ≥ 5 h , x 1 ≥ 5 0 2 0 2 a , x 1 > 1 b b 1 3 3 (a) Timed Automaton E (b) Timed Automaton E\ Σ c Σ c = { a } 16

  27. Introduction SNNI-VP Definitions SNNI-CP Results SNNI-CSP Conclusion SNNI Control Problem (SNNI-CP) for timed automata This does not work in the timed case : [ x 1 ≤ 4] h , x 1 ≥ 5 0 2 0 a , x 1 > 1 a , x 1 > 1 b 1 3 1 (c) Automaton E (d) Timed Automaton C ( E ) Σ c = { a } 16

  28. Introduction SNNI-VP Definitions SNNI-CP Results SNNI-CSP Conclusion SNNI Controller Synthesis Problem (SNNI-CSP) Theorem If A is a finite automaton, we can compute the most permissive controller C s.t. C ( A ) is SNNI. Theorem If A is a timed automaton and A\ Σ h is deterministic, we can compute the most permissive controller C s.t. C ( A ) is SNNI. 17

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Co-synthesis techniques for embedded systems embedded systems Kelvin Yuk June 5, 2002 EEC282 -

Co-synthesis techniques for embedded systems embedded systems Kelvin Yuk June 5, 2002 EEC282 -

Co-synthesis techniques for embedded systems embedded systems Kelvin Yuk June 5, 2002 EEC282 - Akella Introduction Co-synthesis of high-level systems Approaches to co-synthesis 1. Architectural Co-synthesis Algorithm 2. Process

257 views • 10 slides
Precise Parameter Synthesis for Stochastic Biochemical Systems Milan ska 1 , 2 , Frits

Precise Parameter Synthesis for Stochastic Biochemical Systems Milan ska 1 , 2 , Frits

Introduction Problem Formulation Parameter Synthesis Case Studies Conclusion Precise Parameter Synthesis for Stochastic Biochemical Systems Milan ska 1 , 2 , Frits Dannenberg 2 , Marta Kwiatkowska 2 , Nicola Paoletti 2 Ce Faculty of

579 views • 28 slides
Formal Synthesis of Stabilizing Controllers for Switched Systems Pavithra Prabhakar & Miriam

Formal Synthesis of Stabilizing Controllers for Switched Systems Pavithra Prabhakar & Miriam

Formal Synthesis of Stabilizing Controllers for Switched Systems Pavithra Prabhakar & Miriam Garca Soto Kansas State University & IMDEA Software Institute HSCC17 Pittsburgh, PA, USA April, 2017 1 Switching logic synthesis

447 views • 19 slides
Verification and Synthesis of Reactive Programs Overview of System Synthesis. Amir Pnueli

Verification and Synthesis of Reactive Programs Overview of System Synthesis. Amir Pnueli

Lecture 1: Overview of System Synthesis A. Pnueli Lectures Outline Verification and Synthesis of Reactive Programs Overview of System Synthesis. Amir Pnueli Fair Discrete Systems and their Computations. Model Checking Invariance and

309 views • 19 slides
Synthesis of Ranking Functions and Synthesis of Inductive Invariants and Synthesis of

Synthesis of Ranking Functions and Synthesis of Inductive Invariants and Synthesis of

Synthesis of Ranking Functions and Synthesis of Inductive Invariants and Synthesis of Recurrence Sets via Constraint Solving Andreas Podelski January 17, 2012 1 Program Verification and Constraints Reasoning about program

422 views • 28 slides
Distributed synthesis for synchronous systems 1 Paul Gastin LSV ENS de Cachan & CNRS

Distributed synthesis for synchronous systems 1 Paul Gastin LSV ENS de Cachan & CNRS

Distributed synthesis for synchronous systems 1 Paul Gastin LSV ENS de Cachan & CNRS Paul.Gastin@lsv.ens-cachan.fr Dec 6th, 2006 1 Joint work with Nathalie Sznajder and Marc Zeitoun 1 / 41 Outline Synthesis and control for sequential

1.04k views • 100 slides
Controller Synthesis for Linear Hybrid Systems SynCoP and PV April 14th, 2018 Marco Faella

Controller Synthesis for Linear Hybrid Systems SynCoP and PV April 14th, 2018 Marco Faella

Controller Synthesis for Linear Hybrid Systems SynCoP and PV April 14th, 2018 Marco Faella Universit di Napoli Federico II, Italy Summary Hybrid systems Controller synthesis safety control reachability control Tool

1.06k views • 74 slides
Logic synthesis for post-CMOS technologies Eleonora Testa Integrated Systems Laboratory EPFL,

Logic synthesis for post-CMOS technologies Eleonora Testa Integrated Systems Laboratory EPFL,

Logic synthesis for post-CMOS technologies Eleonora Testa Integrated Systems Laboratory EPFL, Lausanne, Switzerland Joint work with Mathias Soeken and Giovanni De Micheli February, 2017 Logic synthesis HDL module function ( Translate a,

578 views • 23 slides
Genie Distributed Systems Synthesis and Verification Marc Rosen EN.600.667: Advanced Distributed

Genie Distributed Systems Synthesis and Verification Marc Rosen EN.600.667: Advanced Distributed

Genie Distributed Systems Synthesis and Verification Marc Rosen EN.600.667: Advanced Distributed Systems and Networks May 1, 2017 1 / 35 Outline Introduction Problem Statement Prior Art Demo How does it work? Code Generation How does it

504 views • 35 slides
Symbolic Encodings of Bounded Synthesis Saarland University Peter Faymonville 1 , Bernd Finkbeiner

Symbolic Encodings of Bounded Synthesis Saarland University Peter Faymonville 1 , Bernd Finkbeiner

Symbolic Encodings of Bounded Synthesis Saarland University Peter Faymonville 1 , Bernd Finkbeiner 1 , Markus N. Rabe 2 , Leander Tentrup 1 1 Reactive Systems Group 2 UC Berkeley Reactive synthesis Synthesis realizable unrealizable bound

468 views • 33 slides
Architectural Synthesis and Exploration using Term Rewriting Systems Arvind James C. Hoe

Architectural Synthesis and Exploration using Term Rewriting Systems Arvind James C. Hoe

Architectural Synthesis and Exploration using Term Rewriting Systems Arvind James C. Hoe Laboratory for Computer Science Massachusetts Institute of Technology http:/ /www.csg.lcs.mit.edu Outline u Introduction u Term Rewriting Systems (TRS)

425 views • 30 slides
Synthesis of Carbon Synthesis of Carbon Nanotubes Nanotubes Polina Shifrina Supervisors: Dr.

Synthesis of Carbon Synthesis of Carbon Nanotubes Nanotubes Polina Shifrina Supervisors: Dr.

Synthesis of Carbon Synthesis of Carbon Nanotubes Nanotubes Polina Shifrina Supervisors: Dr. Stephanie Reich, Heiko Dumlich 12.05.2011 Synthesis of CNT s Synthesis of CNT s Arc Discharge (1991) Laser Ablation (1995) Chemical

414 views • 17 slides
Synthesis of Embedded Control Software Ufuk Topcu Caltech, Control and Dynamical Systems

Synthesis of Embedded Control Software Ufuk Topcu Caltech, Control and Dynamical Systems

Synthesis of Embedded Control Software Ufuk Topcu Caltech, Control and Dynamical Systems Papers, slides, notes, software tools at www.cds.caltech.edu/~UTopcu CMACS, CMU, Fall 2010 Synthesis of Embedded Control Software Joint work with N.

628 views • 52 slides
Computable analysis and control synthesis over complex dynamical systems via formal verification

Computable analysis and control synthesis over complex dynamical systems via formal verification

Computable analysis and control synthesis over complex dynamical systems via formal verification Alessandro Abate Department of Computer Science, University of Oxford Delft Center for Systems and Control, TU Delft September 25, 2013

575 views • 42 slides
Testing Database Management Systems via Pivoted Query Synthesis Manuel Rigger Oct 18., 2019

Testing Database Management Systems via Pivoted Query Synthesis Manuel Rigger Oct 18., 2019

Testing Database Management Systems via Pivoted Query Synthesis Manuel Rigger Oct 18., 2019 Workshop on Dependable and Secure Software Systems 2019 @RiggerManuel @ast_eth Database Management Systems PostgreSQL 2 Database Management Systems

1.54k views • 121 slides
Automated synthesis of reliable and efficient systems through game theory: a case study Mickael

Automated synthesis of reliable and efficient systems through game theory: a case study Mickael

Automated synthesis of reliable and efficient systems through game theory: a case study Mickael Randour UMONS - University of Mons 03.09.2012 European Conference on Complex Systems Context Case study Final words Background I must confess.

606 views • 56 slides
Comte Head: Catuscia Palamidessi Comit de Visite AERES, February 3-4, 2009 1 / 15 The

Comte Head: Catuscia Palamidessi Comit de Visite AERES, February 3-4, 2009 1 / 15 The

Comte Head: Catuscia Palamidessi Comit de Visite AERES, February 3-4, 2009 1 / 15 The Comte team Name Function Institution Since Permanent Researchers Catuscia Palamidessi DR INRIA 2003 Frank Valencia CR CNRS 2004 Post-docs

398 views • 15 slides
Enhancing constraints on modified gravity and inflation with multi-tracer cosmological surveys

Enhancing constraints on modified gravity and inflation with multi-tracer cosmological surveys

Enhancing constraints on modified gravity and inflation with multi-tracer cosmological surveys arXiv:1505.04106 (MNRAS 2016) 1403.5237 (J-PAS white paper) 1302.5444 (MNRAS 2013) 1108.5449 (MNRAS 2012) L. Raul Abramo Instituto de Fisica &

1.07k views • 27 slides
Using Science Texts Using Science Texts and Content in and Content in Interventions that

Using Science Texts Using Science Texts and Content in and Content in Interventions that

Using Science Texts Using Science Texts and Content in and Content in Interventions that Interventions that Bring Struggling Bring Struggling Readers to Readers to Proficient Reading Proficient Reading Elfrieda H. Hiebert University of

741 views • 30 slides
Psalms of Thanksgiving: Psalm 18 - In my distress I called to the Lord and he heard me. Psalm 30

Psalms of Thanksgiving: Psalm 18 - In my distress I called to the Lord and he heard me. Psalm 30

Psalms of Thanksgiving: Psalm 18 - In my distress I called to the Lord and he heard me. Psalm 30 - I exalt you, L ORD , for you lifted me out of the depths; I called to you for help, and you healed me. Psalm 116 - I love the Lord, for he heard

854 views • 42 slides
Specification-based intrusion detection Effectively detecting intrusions using business logic

Specification-based intrusion detection Effectively detecting intrusions using business logic

Specification-based intrusion detection Effectively detecting intrusions using business logic specification J. Lima, N. Escravana 1 Abstract In the recent years, the advent large-scale, highly targeted cyber-attacks raised the concern on the

375 views • 35 slides
Rails Response to COVID-19 A Joint Webinar from FTR & RFC Rails Response to COVID-19 A

Rails Response to COVID-19 A Joint Webinar from FTR & RFC Rails Response to COVID-19 A

Rails Response to COVID-19 A Joint Webinar from FTR & RFC Rails Response to COVID-19 A Joint Webinar from FTR & RFC Eric Starks Todd Tranausky David Nahass William Geiger FTR Chairman & CEO FTR VP of Rail & Intermodal

680 views • 40 slides
LoanSTAR Pilot Program Texas State Energy Conservation Office Dub Taylor, Director

LoanSTAR Pilot Program Texas State Energy Conservation Office Dub Taylor, Director

LoanSTAR Pilot Program Texas State Energy Conservation Office Dub Taylor, Director dub.taylor@cpa.texas.gov Eddy Trevino, Program Manager eddy.trevino@cpa.texas.gov State Agencies and Public Higher Education No of Loans Project Cost

391 views • 8 slides
Version 1.2 of the Catalogue AMI-SeCo Meeting 07 December 2017 DG-Market Infrastructure and

Version 1.2 of the Catalogue AMI-SeCo Meeting 07 December 2017 DG-Market Infrastructure and

Version 1.2 of the Catalogue AMI-SeCo Meeting 07 December 2017 DG-Market Infrastructure and Payments European Central Bank ECB-UNRESTRICTED 0 Version 1.2 of the Catalogue The Version 1.2 of the Catalogue is based on: 1) The version 2.0 of

472 views • 8 slides

More recommend