Automated test data generation using an iterative relaxation method
SIGSOFT '98/FSE-6 Proceedings of the 6th ACM SIGSOFT international symposium on Foundations of software engineering
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Software Testing Techniques
Information flow inference for ML
ACM Transactions on Programming Languages and Systems (TOPLAS)
A Comparison of Some Structural Testing Strategies
IEEE Transactions on Software Engineering
Information transmission in computational systems
SOSP '77 Proceedings of the sixth ACM symposium on Operating systems principles
RIFLE: An Architectural Framework for User-Centric Information-Flow Security
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
DART: directed automated random testing
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Dynamic Dependency Monitoring to Secure Information Flow
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
Automaton-based Confidentiality Monitoring of Concurrent Programs
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
Automata-based confidentiality monitoring
ASIAN'06 Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues
CUTE and jCUTE: concolic unit testing and explicit path model-checking tools
CAV'06 Proceedings of the 18th international conference on Computer Aided Verification
PathCrawler: automatic generation of path tests by combining static and dynamic analysis
EDCC'05 Proceedings of the 5th European conference on Dependable Computing
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Dynamic Observers for the Synthesis of Opaque Systems
ATVA '09 Proceedings of the 7th International Symposium on Automated Technology for Verification and Analysis
Synthesis of opaque systems with static and dynamic masks
Formal Methods in System Design
Hi-index | 0.00 |
Noninterference, which is an information flow property, is typically used as a baseline security policy to formalize confidentiality of secret information manipulated by a program. Noninterference verification mechanisms are usually based on static analyses and, to a lesser extent, on dynamic analyses. In contrast to those works, this paper proposes an information flow testing mechanism. This mechanism is sound from the point of view of noninterference. It is based on standard testing techniques and on a combination of dynamic and static analyses. Concretely, a semantics integrating a dynamic information flow analysis is proposed. This analysis makes use of static analyses results. This special semantics is built such that, once a path coverage property has been achieved on a program, a sound conclusion regarding the noninterfering behavior of the program can be established.