Towards Incrementalization of Holistic Hyperproperties

Milushev, Dimiter; Clarke, Dave

doi:10.1007/978-3-642-28641-4_18

Cited by 12 publications

(13 citation statements)

References 31 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…There is a manual verification methodology for IL [44], but no automated decision procedure. -Another incremental hyperproperty logic IL k µ , a fragment of polyadic modal µ-calculus [3] that permits at most one quantifier alternation (a greatest fixed-point followed by a least fixed-point).…”

Section: Related Workmentioning

confidence: 99%

“…Other program logics could already express observational determinism or closely related policies [7,33,45]. Milushev and Clarke [44][45][46] have even proposed other logics for hyperproperties, which we discuss in Section 8. But HyperLTL provides a simple and unifying logic in which many information-flow security policies can be directly expressed.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Temporal Logics for Hyperproperties

Clarkson

Finkbeiner

Koleini

et al. 2014

Lecture Notes in Computer Science

244

279

View full text Add to dashboard Cite

Two new logics for verification of hyperproperties are proposed. Hyperproperties characterize security policies, such as noninterference, as a property of sets of computation paths. Standard temporal logics such as LTL, CTL, and CTL * can refer only to a single path at a time, hence cannot express many hyperproperties of interest. The logics proposed here, HyperLTL and HyperCTL * , add explicit and simultaneous quantification over multiple paths to LTL and to CTL * . This kind of quantification enables expression of hyperproperties. A model checking algorithm for the proposed logics is given. For a fragment of HyperLTL, a prototype model checker has been implemented.Syntax. Let π be a trace variable from an infinite supply V of trace variables. Formulas of HyperLTL are defined by the following grammar:Connectives ∃ and ∀ are universal and existential trace quantifiers, read as "along some traces" and "along all traces." For example, ∀π 1 . ∀π 2 . ∃π 3 . ψ means that for all traces π 1 and π 2 , there exists another trace π 3 , such that ψ holds on those three traces. (Since branching-time logics also have explicit path quantifiers, it

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Temporal Logics for Hyperproperties

Clarkson

Finkbeiner

Koleini

et al. 2014

Lecture Notes in Computer Science

244

279

View full text Add to dashboard Cite

show abstract

“…We mention, e.g., hyperproperties [5] and their logics (e.g. [4,15]). Our policies can be easily integrated in logic-based languages to obtain a richer policy language.…”

Section: Related Workmentioning

confidence: 99%

Many-to-many information flow policies

Baldan

Lafuente

2018

Science of Computer Programming

View full text Add to dashboard Cite

 Users may download and print one copy of any publication from the public portal for the purpose of private study or research.  You may not further distribute the material or use it for any profit-making activity or commercial gain  You may freely distribute the URL identifying the publication in the public portal If you believe that this document breaches copyright please contact us providing details, and we will remove access to the work immediately and investigate your claim.

show abstract

“…Unfortunately, hyperproperties lack a generic verification methodology: for instance, there is no such verification methodology for possibilistic information flow hyperproperties [3]. In order to make a step towards such a methodology, in recent work [15] we proposed an incremental approach to both system and hyperproperty specification and verification. As a result, systems can be seen as potentially infinite trees and hyperproperties as coinductive predicates on ktuples of trees expressed in a logic called IL.…”

Section: Introductionmentioning

confidence: 99%

“…As a result, systems can be seen as potentially infinite trees and hyperproperties as coinductive predicates on ktuples of trees expressed in a logic called IL. Specifications defined in such a manner are called incremental hyperproperties (IHPs) and we argued that they have a clear and feasible verification methodology [15]. Given a hyperproperty H, an IHP H is the greatest fixed point of a monotone function over k-tuples of trees such that H implies or is equivalent to H. We also introduced Hsimulation relations which correspond to a monotone operator whose greatest fixed point is the coinductive tree predicate H .…”

Section: Introductionmentioning

confidence: 99%

Incremental Hyperproperty Model Checking via Games

Milushev

Clarke

2013

Secure IT Systems

Self Cite

View full text Add to dashboard Cite

Hyperproperties were proposed as an abstract formalization of security policies, but unfortunately they lack a generic verification methodology. In an attempt to remedy this, we introduced the notion of incremental hyperproperties (IHPs), motivated by the observation that they have a clearer and more feasible verification methodology. To show that verification is indeed feasible, a decidable IHP verification methodology via games is presented and evaluated. The main advantage of the approach is that the games in combination with winning strategy evidence give valuable intuition about the security of a system and are very helpful when analyzing systems w.r.t. policy specifications.

show abstract

Towards Incrementalization of Holistic Hyperproperties

Cited by 12 publications

References 31 publications

Temporal Logics for Hyperproperties

Temporal Logics for Hyperproperties

Many-to-many information flow policies

Incremental Hyperproperty Model Checking via Games

Contact Info

Product

Resources

About