English
Related papers

Related papers: VERONICA: Expressive and Precise Concurrent Inform…

200 papers

Scalable and automatic formal verification for concurrent systems is always demanding. In this paper, we propose a verification framework to support automated compositional reasoning for concurrent programs with shared variables. Our…

Formal Languages and Automata Theory · Computer Science 2018-03-28 Fuyuan Zhang , Yongwang Zhao , David Sanan , Yang Liu , Alwen Tiu , Shang-Wei Lin , Jun Sun

It is common to prove by reasoning over source code that programs do not leak sensitive data. But doing so leaves a gap between reasoning and reality that can only be filled by accounting for the behaviour of the compiler. This task is…

Logic in Computer Science · Computer Science 2020-10-23 Robert Sison , Toby Murray

Proving only over source code that programs do not leak sensitive data leaves a gap between reasoning and reality that can only be filled by accounting for the behaviour of the compiler. Furthermore, software does not always have the luxury…

Programming Languages · Computer Science 2023-06-22 Robert Sison , Toby Murray

High assurance of information-flow security (IFS) for concurrent systems is challenging. A promising way for formal verification of concurrent systems is the rely-guarantee method. However, existing compositional reasoning approaches for…

Software Engineering · Computer Science 2023-09-19 Yongwang Zhao , David Sanan , Fuyuan Zhang , Yang Liu

Lighthouse projects such as CompCert, seL4, IronFleet, and DeepSpec have demonstrated that full verification of entire systems is feasible by establishing a refinement relation between an abstract system specification and an executable…

Logic in Computer Science · Computer Science 2020-10-13 Christoph Sprenger , Tobias Klenze , Marco Eilers , Felix A. Wolf , Peter Müller , Martin Clochard , David Basin

Realizing flow security in a concurrent environment is extremely challenging, primarily due to non-deterministic nature of execution. The difficulty is further exacerbated from a security angle if sequential threads disclose control…

Programming Languages · Computer Science 2021-03-04 Sandip Ghosal , R. K. Shyamasundar

We consider the problem of specifying and proving the security of non-trivial, concurrent programs that intentionally leak information. We present a method that decomposes the problem into (a) proving that the program only leaks information…

Cryptography and Security · Computer Science 2023-09-08 Toby Murray , Mukesh Tiwari , Gidon Ernst , David A. Naumann

To ensure programs do not leak private data, we often want to be able to provide formal guarantees ensuring such data is handled correctly. Often, we cannot keep such data secret entirely; instead programmers specify how private data may be…

Programming Languages · Computer Science 2026-04-21 Jan Menz , Andrew K. Hirsch , Peixuan Li , Deepak Garg

Protection of confidential data is an important security consideration of today's applications. Of particular concern is to guard against unintentional leakage to a (malicious) observer, who may interact with the program and draw inference…

Logic in Computer Science · Computer Science 2024-07-03 Bas van den Heuvel , Farzaneh Derakhshan , Stephanie Balzer

Information flow security ensures that the secret data manipulated by a program does not influence its observable output. Proving information flow security is especially challenging for concurrent programs, where operations on secret data…

Cryptography and Security · Computer Science 2023-04-12 Marco Eilers , Thibault Dardinier , Peter Müller

Memory-safety issues and information leakage are known to be depressingly common. We consider the compositional static detection of these kinds of vulnerabilities in first-order C-like programs. Indeed the latter are relational hyper-safety…

Programming Languages · Computer Science 2023-08-22 Toby Murray , Pengbo Yan , Gidon Ernst

A recent study of bugs in real-world concurrent and distributed systems found that, while implementations of individual protocols tend to be robust, the composition of multiple protocols and its interplay with internal computation is the…

Programming Languages · Computer Science 2017-08-09 Luís Cruz-Filipe , Fabrizio Montesi

Constant-time programming is a widely deployed approach to harden cryptographic programs against side channel attacks. However, modern processors often violate the underlying assumptions of standard constant-time policies by transiently…

Cryptography and Security · Computer Science 2025-05-21 Ali Hajiabadi , Trevor E. Carlson

Refinement transforms an abstract system model into a concrete, executable program, such that properties established for the abstract model carry over to the concrete implementation. Refinement has been used successfully in the development…

Logic in Computer Science · Computer Science 2021-10-27 Aurel Bílý , Christoph Matheja , Peter Müller

The disastrous vulnerabilities in smart contracts sharply remind us of our ignorance: we do not know how to write code that is secure in composition with malicious code. Information flow control has long been proposed as a way to achieve…

Cryptography and Security · Computer Science 2023-07-21 Ethan Cecchetti , Siqiu Yao , Haobin Ni , Andrew C. Myers

Verified compilation of open modules (i.e., modules whose functionality depends on other modules) provides a foundation for end-to-end verification of modular programs ubiquitous in contemporary software. However, despite intensive…

Programming Languages · Computer Science 2023-11-21 Ling Zhang , Yuting Wang , Jinhua Wu , Jérémie Koenig , Zhong Shao

Context: Secure Multiparty Computation (MPC) refers to a family of cryptographic techniques where mutually untrusting parties may compute functions of their private inputs while revealing only the function output. Inquiry: It can be hard to…

Cryptography and Security · Computer Science 2023-02-21 Ian Sweet , David Darais , David Heath , William Harris , Ryan Estes , Michael Hicks

Control-flow leakage (CFL) attacks enable an attacker to expose control-flow decisions of a victim program via side-channel observations. Linearization (i.e., elimination) of secret-dependent control flow is the main countermeasure against…

Cryptography and Security · Computer Science 2025-02-12 Hans Winderix , Marton Bognar , Lesly-Ann Daniel , Frank Piessens

Speculative execution enhances processor performance by predicting intermediate results and executing instructions based on these predictions. However, incorrect predictions can lead to security vulnerabilities, as speculative instructions…

Cryptography and Security · Computer Science 2026-04-01 Xaver Fabian , Marco Guarnieri , Boris Köpf , Jose F. Morales , Marco Patrignani , Jan Reineke , Andres Sanchez

Synthesis is a particularly challenging problem for concurrent programs. At the same time it is a very promising approach, since concurrent programs are difficult to get right, or to analyze with traditional verification techniques. This…

Formal Languages and Automata Theory · Computer Science 2015-06-09 Anca Muscholl
‹ Prev 1 2 3 10 Next ›