ebook img

Verification, Model Checking, and Abstract Interpretation: Third International Workshop, VMCAI 2002 Venice, Italy, January 21–22, 2002 Revised Papers PDF

340 Pages·2002·4.097 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Verification, Model Checking, and Abstract Interpretation: Third International Workshop, VMCAI 2002 Venice, Italy, January 21–22, 2002 Revised Papers

Lecture Notes in Computer Science 2294 EditedbyG.Goos,J.Hartmanis,andJ.vanLeeuwen 3 Berlin Heidelberg NewYork Barcelona HongKong London Milan Paris Tokyo Agostino Cortesi (Ed.) Verification, Model Checking, and Abstract Interpretation Third InternationalWorkshop,VMCAI 2002 Venice, Italy, January 21-22, 2002 Revised Papers 1 3 SeriesEditors GerhardGoos,KarlsruheUniversity,Germany JurisHartmanis,CornellUniversity,NY,USA JanvanLeeuwen,UtrechtUniversity,TheNetherlands VolumeEditor AgostinoCortesi UniversitàCa’FoscaridiVenezia DipartimentodiInformatica ViaTorino155,30170Mestre-Venezia,Italy E-mail:[email protected] Cataloging-in-PublicationDataappliedfor DieDeutscheBibliothek-CIP-Einheitsaufnahme Verification,modelchecking,andabstractinterpretation:third internationalworkshop;revisedpapers/VMCAI2002,Venice,Italy,January 21-22,2002.AgostinoCortesi(ed.).-Berlin;Heidelberg;NewYork; Barcelona;HongKong;London;Milan;Paris;Tokyo:Springer,2002 (Lecturenotesincomputerscience;Vol.2294) ISBN3-540-43631-6 CRSubjectClassification(1998):F.3.1-2,D.3.1,D.2.4 ISSN0302-9743 ISBN3-540-43631-6Springer-VerlagBerlinHeidelbergNewYork Thisworkissubjecttocopyright.Allrightsarereserved,whetherthewholeorpartofthematerialis concerned,specificallytherightsoftranslation,reprinting,re-useofillustrations,recitation,broadcasting, reproductiononmicrofilmsorinanyotherway,andstorageindatabanks.Duplicationofthispublication orpartsthereofispermittedonlyundertheprovisionsoftheGermanCopyrightLawofSeptember9,1965, initscurrentversion,andpermissionforusemustalwaysbeobtainedfromSpringer-Verlag.Violationsare liableforprosecutionundertheGermanCopyrightLaw. Springer-VerlagBerlinHeidelbergNewYork amemberofBertelsmannSpringerScience+BusinessMediaGmbH http://www.springer.de ©Springer-VerlagBerlinHeidelberg2002 PrintedinGermany Typesetting:Camera-readybyauthor,dataconversionbyBollerMediendesign Printedonacid-freepaper SPIN10722206 06/3142 543210 Preface This volume contains the revised version of papers presented at VMCAI 2002, theThirdInternationalWorkshoponVerification,ModelChecking,andAbstract Interpretation, Venice (Italy), January 21-22, 2002. Themaingoaloftheworkshopwastogiveanoverviewofthemaindirections decisive for the growth and cross-fertilization of major research activities in program analysis and verification. TheVMCAI serieswasstartedin1997withthe aimofgatheringresearchers interestedininvestigatingsimilaritiesanddifferencesamongthesethreeresearch methodologies, that may be summarized as follows: - programverificationaimsatprovingthatprogramsmeettheirspecifications, i.e., that the actual programbehavior corresponds to the desired one. - model checking is a specific approach to the verification of temporal prop- erties of reactive and concurrent systems, which has been very successful in the area of finite-state programs. - abstract interpretation is a method for designing and comparing semantics of program,expressing various types of programproperties; in particular,it has been successfully used to infer run-time programproperties that can be valuable in optimizing programs. Theprogramcommitteeselected22papersoutof41submissionsonthebasis of at least 3 reviews. The principal selection criteria were relevance, quality, and clarity. The resulting volume offers the reader an interesting perspective of the current research trends in the area. In particular, the papers contribute to the following topics: Security and Protocols, Timed Systems and Games, Static Analysis, Optimizations, Types and Verification, and Temporal Logics and Systems. The quality of the papers, the interesting discussions at the workshop, and the friendly atmosphere enjoyed by all participants in Venice, encouraged us in the projectof making VMCAI anannualprivilegedforumfor researchersin the area. Specialthanksareduetotheinstitutionsthatsponsoredtheevent:theCom- puter Science Department of the University Ca’ Foscari, the European Associ- ation for Programming Languages and Systems (EAPLS), the MIUR Project “InterpretazioneAstratta,TypeSystemseAnalisiControl-Flow”andtheMIUR Project“MetodiFormaliperlaSicurezza-MEFISTO”.Weareespeciallygrate- ful to C. Braghin for her helpful support in organizing the workshop. March 2002 Agostino Cortesi Program Committee Chair Agostino Cortesi Univ. Ca’ Foscari - Venezia (Italy) Program Committee Annalisa Bossi Univ. Ca’ Foscari Dennis Dams Bell Labs and TU Eindhoven Javier Esparza TU Munchen Chris Hankin Imperial College Joxan Jaffar NU Singapore Thomas Jensen Irisa Rennes Cosimo Laneve Univ. di Bologna Baudouin Le Charlier UC Louvain La Neuve Michael Leuschel Univ. of Southampton Giorgio Levi Univ. di Pisa Torben Mogensen DIKU, Copenhagen Supratik Mukhopadhyay Univ. of Pennsylvania Thomas Reps Univ. of Wisconsin Hanne Riis Nielson TU of Denmark David Schmidt Kansas State University Pascal Van Hentenryck Brown University Additional Referees Busi Nadia Levi Francesca Scozzari Francesca Charatonik Witold Levin Vladimir Sharygina Natasha Thao Dang Lovengreen Hans Henrik Sokolsky Oleg Di Pierro Alessandra Maggiolo Schettini An- Spoto Fausto Elphick Daniel drea Steffen Martin Faella Marco Maier Patrick Sun Hongyan Ferrari Gianluigi Martinelli Fabio Taguchi Kenji Giacobazzi Roberto Murano Aniello ThiagarajanP.S. Godefroid Patrice Namjoshi Kedar Tronci Enrico Gori Roberta Ngan Chin Wei Varea Mauricio Hansen Michael R. Pinna Michele Voicu Razvan Hansen Rene Rydhof Ravi Kavita Xiaoqun Du Khoo Siau-Cheng Roychoudhury Abhik Zavattaro Gianluigi La Torre Salvatore Sacerdoti Coen Claudio Table of Contents Security and Protocols Combining Abstract Interpretation and Model Checking for Analysing Security Properties of Java Bytecode ................................. 1 Cinzia Bernardeschi, Nicoletta De Francesco Proofs Methods for Bisimulation Based Information Flow Security ....... 16 Riccardo Focardi, Carla Piazza, Sabina Rossi A Formal Correspondence between Offensive and Defensive JavaCard Virtual Machines .................................................. 32 Gilles Barthe, Guillaume Dufay, Line Jakubiec, Sima˜o Melo de Sousa Analyzing Cryptographic Protocols in a Reactive Framework ............ 46 R.K. Shyamasundar Timed Systems and Games An Abstract Schema for Equivalence-Checking Games .................. 65 Li Tan Synchronous Closing of Timed SDL Systems for Model Checking......... 79 Natalia Sidorova, Martin Steffen Automata-Theoretic Decision of Timed Games ........................ 94 Marco Faella, Salvatore La Torre, Aniello Murano Static Analysis Compositional Termination Analysis of Symbolic ForwardAnalysis....... 109 Witold Charatonik, Supratik Mukhopadhyay, Andreas Podelski Combining Norms to Prove Termination .............................. 126 Samir Genaim, Michael Codish, John Gallagher, Vitaly Lagoon Static Monotonicity Analysis for λ-definable Functions over Lattices ..... 139 Andrzej S. Murawski, Kwangkeun Yi A Refinement of the Escape Property................................. 154 Patricia M. Hill, Fausto Spoto VIII Table of Contents Optimizations Storage Size Reduction by In-place Mapping of Arrays.................. 167 Remko Tronc¸on, Maurice Bruynooghe, Gerda Janssens, Francky Catthoor Verifying BDD Algorithms through Monadic Interpretation ............. 182 Sava Krsti´c, John Matthews Improving the Encoding of LTL Model Checking into SAT .............. 196 Alessandro Cimatti, Marco Pistore, Marco Roveri, Roberto Sebastiani Types and Verification Automatic Verification of Probabilistic Free Choice..................... 208 Lenore Zuck, Amir Pnueli, Yonit Kesten An Experiment in Type Inference and Verification by Abstract Interpretation ..................................................... 225 Roberta Gori, Giorgio Levi Weak Muller Acceptance Conditions for Tree Automata ................ 240 Salvatore La Torre, Aniello Murano, Margherita Napoli A Fully Abstract Model for Higher-Order Mobile Ambients ............. 255 Mario Coppo, Mariangiola Dezani-Ciancaglini Temporal Logics and Systems A Simulation Preorder for Abstraction of Reactive Systems ............. 272 Ferucio Lauren¸tiu T¸iplea, Aurora T¸iplea Approximating ATL∗ in ATL........................................ 289 Aidan Harding, Mark Ryan, Pierre-Yves Schobbens Model Checking Modal Transition Systems Using Kripke Structures ...... 302 Michael Huth ParameterizedVerification of a Cache Coherence Protocol: Safety and Liveness ................................................ 317 Kai Baukus, Yassine Lakhnech, Karsten Stahl Author Index ................................................. 331 Combining Abstract Interpretation and Model Checking for Analysing Security Properties of Java Bytecode Cinzia Bernardeschiand Nicoletta De Francesco Dipartimentodi Ingegneria della Informazione Universit`a di Pisa, Via Diotsalvi 2, 56126 Pisa, Italy {cinzia, nico}@iet.unipi.it Abstract. We present an approach enabling end-users to prove secu- rity properties of the Java bytecode by statically analysing the code itself,thuseliminatingtheruntimecheckfortheaccesspermission.The approach is based on the combination of two well-known techniques: abstract interpretationandmodelchecking.Bymeansofanoperational abstractsemanticsofthebytecode,webuiltafinitetransitionsystemem- bodyingsecurityinformations andabstracting from actual values.Then we model check it against some formulae expressingsecurity properties. WeusetheSMVmodelchecker.Amainpointofthepaperisthedefini- tion ofthepropertiesthattheabstract semantics mustsatisfy toensure the absence of security leakages. 1 Introduction and Motivation Java Virtual Machine Language (referred to hereafter as JVML) [12] is becom- ing a widely used medium for distributing platform-independent programs. In multilevel secure systems, the problemof the disclosure of sensitive information of programs written in JVML is particularly important. One of the main moti- vations is avoiding the damages produced by malicious programs which try to broadcast secret information. Mobile Java bytecode is checked by the Virtual Machine for safety properties: a bytecode Verifier enforces static constraints on Java bytecode to rule out type errors, access control violation, object initial- isation failure and other dynamic errors. Moreover, to protect end-users from hostile programs,Java security model assigns access privileges to code and pro- videsacustomisable”sandbox”inwhichJavabytecoderuns.Atrun-timeaJava bytecode can do anything within the boundaries of its sandbox, but it can not take any action outside those boundaries. Thispaperpresentsanapproachenablingend-userstoprovesecurityproper- ties ofthe Javabytecodeby staticallyanalysingthe code itself,thus eliminating the run time check for the access permission. The approach is based on the combination of two well-known techniques: abstract interpretation and model checking. Abstract interpretation [7] is a method for analyzing programs by col- lecting approximate information about their run-time behavior. It is based on A.Cortesi(Ed.):VMCAI2002,LNCS2294,pp.1–15,2002. (cid:3)c Springer-VerlagBerlinHeidelberg2002

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.