Statecharts: A visual formalism for complex systems
Science of Computer Programming
Three partition refinement algorithms
SIAM Journal on Computing
CCS expressions finite state processes, and three problems of equivalence
Information and Computation
An implementation of an efficient algorithm for bisimulation equivalence
Science of Computer Programming
The temporal logic of reactive and concurrent systems
The temporal logic of reactive and concurrent systems
The concurrency workbench: a semantics-based tool for the verification of concurrent systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
LCLint: a tool for using specifications to check code
SIGSOFT '94 Proceedings of the 2nd ACM SIGSOFT symposium on Foundations of software engineering
IEEE Transactions on Software Engineering
ACM Transactions on Information and System Security (TISSEC)
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A Calculus of Communicating Systems
A Calculus of Communicating Systems
Bebop: A Symbolic Model Checker for Boolean Programs
Proceedings of the 7th International SPIN Workshop on SPIN Model Checking and Software Verification
A Temporal Calculus of Communicating Systems
CONCUR '90 Proceedings of the Theories of Concurrency: Unification and Extension
Unit verification: the CARA experience
International Journal on Software Tools for Technology Transfer (STTT)
Synthesizing fast intrusion prevention/detection systems from high-level specifications
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
| Hi-index | 0.00 |
With security becoming an important concern for both users as well as designers of large-scale software systems, it is necessary to introduce security considerations very early in the system development life-cycle namely in the modeling phase itself. But the main problem in the widespread adoption of security modeling has been that representations of even moderate-size systems consume so much memory (due to the infamous state space explosion problem) that designers are loathe to spend time increasing the complexity of their models by introducing security aspects in the design phase itself. In this paper we propose a technique called security check which entails taking small units of a system, putting them in a "security harness" that exercises relevant executions appropriately within the unit, and then model checking these more tractable units. For most systems whose security requirements are localized to individual system components or interactions between small numbers of components, security check offers a means of coping with state explosion. Another major benefit of security check is that it enables us to detect system vulnerabilities even when the attack behavior is not known. And for known attack patterns security check can provide models of suspicious behavior which can then be used for intrusion detection at a later stage.