Mechanized Information Flow Analysis through Inductive Assertions

Mechanized Information Flow Analysis through Inductive Assertions

We present a method for verifying information flow properties of software programs using inductive assertions and theorem proving. Given a program annotated with information flow assertions at cutpoints, the method uses a theorem prover and operational semantics to generate and discharge verificatio...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Hunt, W.A., Krug, R.B., Ray, S., Young, W.D.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Algorithms
Analytical models
Application software
Computational modeling
Computer simulation
Counting circuits
Information analysis
Information security
Random access memory
Registers
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:We present a method for verifying information flow properties of software programs using inductive assertions and theorem proving. Given a program annotated with information flow assertions at cutpoints, the method uses a theorem prover and operational semantics to generate and discharge verification conditions. This obviates the need to develop a verification condition generator (VCG) or a customized logic for information flow properties. The method is compositional: a subroutine needs to be analyzed once, rather than at each call site. The method is being mechanized in the ACL2 theorem prover, and we discuss initial results demonstrating its applicability.
DOI:10.1109/FMCAD.2008.ECP.33