Counterfactually reasoning about security
Proceedings of the 4th international conference on Security of information and networks
| Hi-index | 0.00 |
This paper describes a formal change impact analysis approach forsystematic evolution of communicating systems. Systems are modeledusing a network of communicating extended finite state machines(CEFSMs) with variables ranging over commonly used data typesincluding numbers, booleans, arrays, and object fields.Parameterized messages exchanged over queues and shared variablesare used for communication. Changes to the system are performed atthe transition level by adding/deleting transitions. Given a changedtransition, the impacted system transitions are automaticallycomputed using a bounded, selective, state exploration based on theinductive assertion approach. A theorem prover extended with queueaxioms is used to discharge the verification conditions. Multiplesymbolic values for each variable present in a system state arerepresented as a set of rewrite rules to minimize state spaceoverheads. Rewrite-rule based procedures are described for reducingthe number of symbolic values in system states. We also describeheuristics to identify simultaneously enabled and disablingtransitions and describe a procedure to reduce the number ofverification conditions generated during the impact analysis. Theeffectiveness of the proposed approach is illustrated on severalapplications including web services and cache coherence protocols.