107 Hits in 1.5 sec

Runtime Enforcement of Hyperproperties [article]

Norine Coenen, Bernd Finkbeiner, Christopher Hahn, Jana Hofmann, Yannick Schillo
2022 arXiv   pre-print
We elaborate the notion of sound and transparent enforcement mechanisms for hyperproperties in two trace input models: 1) the parallel trace input model, where the number of traces is known a-priori and  ...  An enforcement mechanism monitors a reactive system for undesired behavior at runtime and corrects the system's output in case it violates the given specification.  ...  Previous work on runtime enforcement of hyperproperties either abstractly studied the class of enforceable hyperproperties [32] or security policies [38] , or provided solutions for specific security  ... 
arXiv:2203.04146v1 fatcat:kvkf2abbcvc3vnakbkell3sw4q

Constraint-Based Monitoring of Hyperproperties [chapter]

Christopher Hahn, Marvin Stenger, Leander Tentrup
2019 Lecture Notes in Computer Science  
Verifying hyperproperties at runtime is a challenging problem as hyperproperties, such as non-interference and observational determinism, relate multiple computation traces with each other.  ...  A hyperproperty is then violated by multiple runs of the system if the constraint system becomes unsatisfiable.  ...  We thank Bernd Finkbeiner for his valuable feedback on earlier versions of this paper.  ... 
doi:10.1007/978-3-030-17465-1_7 fatcat:iocro4weczgivkjpsyev4jiifa

Monitoring hyperproperties

Bernd Finkbeiner, Christopher Hahn, Marvin Stenger, Leander Tentrup
2019 Formal methods in system design  
We investigate the runtime verification problem of HyperLTL formulas for three different input models: (1) The parallel model, where a fixed number of system executions is processed in parallel. (2) The  ...  Hyperproperties, such as non-interference and observational determinism, relate multiple system executions to each other.  ...  The need to store traces during runtime is not unique to hyperproperties.  ... 
doi:10.1007/s10703-019-00334-z pmid:31806925 pmcid:PMC6853877 fatcat:7fvhftlkdbcyzgnlknjx4n5ouq

Monitoring Hyperproperties [chapter]

Bernd Finkbeiner, Christopher Hahn, Marvin Stenger, Leander Tentrup
2017 Lecture Notes in Computer Science  
We investigate the runtime verification problem of HyperLTL formulas for three different input models: (1) The parallel model, where a fixed number of system executions is processed in parallel. (2) The  ...  Hyperproperties, such as non-interference and observational determinism, relate multiple system executions to each other.  ...  Runtime Verification of HyperLTL As Hyperproperties relate multiple executions to each other, a monitor for hyperproperties has to consider sets of traces instead of solely processing a single execution  ... 
doi:10.1007/978-3-319-67531-2_12 fatcat:3m62rkomlbfkflbmidg54lhnjq

Refinement type contracts for verification of scientific investigative software [article]

Maxwell Shinn
2019 arXiv   pre-print
Our package provides runtime verification of function entry and exit condition contracts using refinement types.  ...  It allows checking hyperproperties within contracts and offers automated test case generation to supplement online checking.  ...  Additional packages for runtime checking of static data types in Python, such as the "enforce" 10 or "typeguard" 11 packages, share many similarities to the "transient" method in Reticulated Python.  ... 
arXiv:1909.00427v1 fatcat:i7lsxpr6mrgwnamhnhjchfctlm

Gray-box monitoring of hyperproperties with an application to privacy

Sandro Stucki, César Sánchez, Gerardo Schneider, Borzoo Bonakdarpour
2021 Formal methods in system design  
and runtime verification.  ...  The first contribution of this paper is a refinement of classic notions of monitorability both for trace properties and hyperproperties, taking into account, among other things, the computability of the  ...  Their paper also discusses the runtime verification problem for other similar safety hyperproperties in the context of deterministic programs.  ... 
doi:10.1007/s10703-020-00358-w fatcat:rcrkaky3n5ezdjw53hxdxp4eh4

Specification Formalisms for Modern Cyber-Physical Systems (Dagstuhl Seminar 19071)

Jyotirmoy V. Deshmukh, Oded Maler, Dejan Nickovic, Michael Wagner
2019 Dagstuhl Reports  
properties of modern CPS.  ...  the world of learning and data-mining.  ...  Learning: Runtime verification also has applications in learning from dynamic environments. It can additionally be used for runtime enforcement and control.  ... 
doi:10.4230/dagrep.9.2.48 dblp:journals/dagstuhl-reports/DeshmukhMN19 fatcat:qs52xpqxbzh6vajciydqb3ujgi

On Information Flow Forensics in Business Application Scenarios

Claus Wonnemann, Rafael Accorsi, Günter Muller
2009 2009 33rd Annual IEEE International Computer Software and Applications Conference  
We motivate our work by illustrating the implications of illicit information flow in different software application scenarios and demonstrate why current approaches fall short of effectively enforcing  ...  We present ongoing research towards information flow forensics, a novel approach for the a-posteriori detection of information flow.  ...  Information Flow Enforcement While the enforcement of access control policies is straightforward (using an inline execution monitor), noninterference and related policies cannot be enforced with runtime  ... 
doi:10.1109/compsac.2009.154 dblp:conf/compsac/WonnemannAM09 fatcat:s2utnhjbu5db7apotgovsy5j7i

Hyper Static Analysis of Programs – An Abstract Interpretation-Based Framework for Hyperproperties Verification

Michele Pasqua, Isabella Mastroeni
2019 Zenodo  
Unfortunately, very few works deal with the verification of hyperproperties. Note that hyperproperties are not limited to information flows.  ...  Specifications of this kind, called hyperproperties, go beyond classic trace properties, defined in terms of predicate over single executions.  ...  A particular class of mechanisms is defined restricting the power of a runtime enforcer to only stop system executions, and it is called monitoring.  ... 
doi:10.5281/zenodo.6584085 fatcat:gllzqtqscrgfhbce6cm3lw7gnq

Distributed MILS Architectural Approach for Secure Smart Grids [chapter]

Denis Bytschkow, Jean Quilbeuf, Georgeta Igna, Harald Ruess
2014 Lecture Notes in Computer Science  
In particular, we are modeling essential parts of a smart micro grid with several interacting prosumers, and demonstrate exemplary security/privacy requirements of this smart grid.  ...  The security policy architecture of this smart grid is deployed on a secure distributed platform, relying on a combination of separation kernels and deterministic network, as developed in the Distributed  ...  compositional assurance, and (4) a runtime monitoring plane for testing, diagnosis, assessment, auditing and management of D-MILS systems.  ... 
doi:10.1007/978-3-319-10329-7_2 fatcat:ag6pyk7lqbdh7a7ev4t5gvi7my

Journey Beyond Full Abstraction: Exploring Robust Property Preservation for Secure Compilation [article]

Carmine Abate and Roberto Blanco and Deepak Garg and Catalin Hritcu and Marco Patrignani and Jérémy Thibault
2019 arXiv   pre-print
We study robustly preserving various classes of trace properties such as safety, of hyperproperties such as noninterference, and of relational hyperproperties such as trace equivalence.  ...  For relational properties and hyperproperties, which relate the behaviors of multiple programs, our formal definitions of the property classes themselves are novel.  ...  This work was in part supported by the ERC under ERC Starting Grant SECOMP (715753), by the German Federal Ministry of Education and Research (BMBF) through funding for the CISPA-Stanford Center for Cybersecurity  ... 
arXiv:1807.04603v6 fatcat:u6wxot7eczgohmituelegyd62u

Modular Product Programs [chapter]

Marco Eilers, Peter Müller, Samuel Hitz
2018 Lecture Notes in Computer Science  
Alternatively, constructions such as selfcomposition represent multiple executions of a program by one product program, thereby reducing hyperproperties of the original program to trace properties of the  ...  Many interesting program properties like determinism or information flow security are hyperproperties, that is, they relate multiple executions of the same program.  ...  Here, we focus on statically proving hyperproperties for imperative and object-oriented programs; much more work exists for testing or monitoring hyperproperties like secure information flow at runtime  ... 
doi:10.1007/978-3-319-89884-1_18 fatcat:k4igyx4enjhnrod7wuwpflzb4a

UCLID5: Multi-Modal Formal Modeling, Verification, and Synthesis [article]

Elizabeth Polgreen, Kevin Cheang, Pranav Gaddamadugu, Adwait Godbole, Kevin Laeufer, Shaokai Lin, Yatin A. Manerkar, Federico Mora, Sanjit A. Seshia
2021 Zenodo  
modes of modeling.  ...  This toolpaper presents new developments in the UCLID5 tool including new language features, integration with new techniques for syntax-guided synthesis and satisfiability solving, support for hyperproperties  ...  Acknowledgments: The UCLID5 project is grateful for the significant contributions by the late Pramod Subramanyan, one of the original creators of the tool.  ... 
doi:10.5281/zenodo.6557711 fatcat:si6njrzuorexhdskw4q4srzpeq

Mutation testing with hyperproperties

Andreas Fellner, Mitra Tabaei Befrouei, Georg Weissenbacher
2021 Journal of Software and Systems Modeling  
In this work, we use hyperproperties—which allow to express relations between multiple executions—to formalize different notions of killing for both deterministic as well as non-deterministic models.  ...  Moreover, an off-the-shelf model checking tool for hyperproperties can be used to generate test cases.  ...  Acknowledgements We thank Pamina Georgiou and Laura Kovács for helpful discussions on the SMT encoding of killability and support in developing initial versions of it.  ... 
doi:10.1007/s10270-020-00850-1 pmid:34720800 pmcid:PMC8550165 fatcat:6zaam2cxa5hjllsthiibsapinm

Hypercollecting semantics and its application to static analysis of information flow

Mounir Assaf, David A. Naumann, Julien Signoles, Éric Totel, Frédéric Tronel
2017 SIGPLAN notices  
The key idea is to define a Galois connection that directly approximates the hyperproperty of interest.  ...  This makes it possible to systematically derive static analyses for hyperproperties entirely within the calculational framework of abstract interpretation.  ...  Agrawal and Bonakdarpour (2016) introduce a technique for runtime verification of k-safety properties.  ... 
doi:10.1145/3093333.3009889 fatcat:ifwqbqou7jhnbph6fsg3h2s3fu
« Previous Showing results 1 — 15 out of 107 results