Lehrstuhl Programmierparadigmen Logo Quis-Custodiet
People
About us
Projects
Publications
Courses
Jobs
Theses
Impressum
Location

de en

 

Karlsruher Institut für Technologie Informatik KIT - Karlsruhe Institut of technology (Universität Karlsruhe)

 

 

Machine-checked software security analyses

The Idea

Software security analyses are nowadays of ever growing importance. But: Quis Custodiet Ipsos Custodes? (Who will guard the guards?). More and more such analyses are being published, many of them without any proof of correctness, others are happy with using pen-and-paper.

This project is a cooperation of two groups (Universität Karlsruhe and TU München) to construct machine checked correctness proofs for several new precise techniques in the area of Language Based Security focusing on their semantical aspects resp. falsify published techniques.

The Goals

What we want to achieve with this project:
  • reaching a new level of reliability of Language Based Security
  • developing new techniques to validate the underlying language description
  • integrating semantics, theorem provers and program analysis with Language Based Security

The Basis

A starting point of this project are these semantics for Java and C++, both proved typesafe in Isabelle/HOL, as well as dependency analysis techniques and Information Flow Control for Java and C.

Language Based Security (LBS) uses techniques such as semantics of programming languages and program analysis. LBS examines source or object codes to guarantee certain security properties or to find security holes. A branch of LBS is the Information Flow Control (IFC) which is used to guarantee confidentiality and integrity of data.

The Tasks

In our group we focus on the following tasks:

  • formalising selected LBS techniques and verifying against an operational semantics of the underlying language (Java or C++) , using theorem provers
  • expanding the underlying operational semantics of Java and C++ kernels to cope with realistic programs with a special focus on concurrency

The Results

We can already present some results in expanding the underlying semantics and formalising the basic program analysis:

  • the Jinja language now incorporates arrays and threads, we adapted the source code, byte code and compiler
  • dynamic and static intraprocedural slicing is proven correct using a framework that abstracts from the underlying semantics
  • we instantiated this framework with the Jinja byte code, thus dynamic and static intraprocedural slicing for Jinja byte code is proven correct
    • li>as a first result concerning Information Flow Control, we showed that slicing-based IFC guarantees Low-Deterministic Security

Funded by the DFG. Previous work was done at the University of Passau.

Participants

Department Head
Prof. Snelting, Gregor
Scientific Staff
Lochbihler, Andreas
Lohner, Denis
Wasserrab, Daniel

Publications

2010
A. Lochbihler: Verifying a Compiler for Java Threads. ESOP 2010
2009
D. Wasserrab: Backing up Slicing: Verifying the Interprocedural Two-Phase Horwitz-Reps-Binkley Slicer. AFP 2008
A. Lochbihler: Formalising FinFuns - Generating Code for Functions as Data from Isabelle/HOL. TPHOLs 2009
D. Wasserrab, D. Lohner, G. Snelting: On PDG-Based Noninterference and its Modular Proof. PLAS 2009
2008
G. Snelting, D. Wasserrab: A Correctness Proof for the Volpano/Smith Security Typing System. AFP 2008
D. Wasserrab: Towards Certified Slicing. AFP 2008
D. Wasserrab, A. Lochbihler: Formalizing a Framework for Dynamic Slicing of Program Dependence Graphs in Isabelle/HOL. TPHOLS 2008
A. Lochbihler: Type Safe Nondeterminism - A Formal Semantics of Java Threads. FOOL 2008
IPD-Web - developed 2002-2008 ver 2.0 @ IPD Goos, IPD Tichy, ITM Zitterbart, IPD Snelting