automated reasoning for system security and privacy
play

Automated Reasoning for System Security and Privacy Laura Kovcs - PowerPoint PPT Presentation

Sep 08, 2023 •154 likes •696 views

Chalmers Automated Reasoning for System Security and Privacy Laura Kovcs Chalmers Automated Reasoning for Rigorous Systems Engineering In a vague sense, automated reasoning involves: 1. Representing a problem as a mathematical/logical

  1. Chalmers Automated Reasoning for System Security and Privacy Laura Kovács

  2. Chalmers Automated Reasoning for Rigorous Systems Engineering In a vague sense, automated reasoning involves: 1. Representing a problem as a mathematical/logical statement 2. Computer-supported automatic check whether this statement is true

  3. Chalmers Automated Reasoning for Rigorous Systems Engineering My group @ TU Wien applies automated reasoning for: - Ensuring correctness of software - Generating program properties - Software synthesis - … - System security

  4. Chalmers Automated Reasoning for Rigorous Systems Engineering My group @ TU Wien applies automated reasoning for: - Ensuring correctness of software - Generating program properties - Software synthesis - … - System security

  5. Chalmers Laura Kovács Automated Reasoning for Software Correctness (ex. ~200kLoC, VAMPIRE prover) Chalmers

  6. Chalmers Laura Kovács Automated Reasoning for Software Correctness a=0, b=0, c=0; while (a<n) do if A[a]>0 then B[b]=A[a]+h(b); b=b+1; else C[c]=A[a]; c=c+1; a=a+1; end do Chalmers

  7. Chalmers Laura Kovács Automated Reasoning for Software Correctness a=0, b=0, c=0; while (a<n) do if A[a]>0 then B[b]=A[a]+h(b); b=b+1; Safety property: else C[c]=A[a]; c=c+1; ( " p)(0≤p<b Þ a=a+1; ( $ q)(0≤q<a Ù B[p]=A[q]+h(p) Ù A[q]>0) end do Chalmers

  8. Chalmers Laura Kovács Automated Reasoning for Software Correctness cnt=0, fib1=1, fib2=0; while (cnt<n) do t=fib1; fib1=fib1+fib2; fib2=t; cnt++; end do h a=0, b=0, c=0; while (a<n) do if A[a]>0 then B[b]=A[a]+h(b); b=b+1; else C[c]=A[a]; c=c+1; a=a+1; end do Chalmers

  9. Chalmers Laura Kovács Automated Reasoning for Software Correctness cnt=0, fib1=1, fib2=0; while (cnt<n) do t=fib1; fib1=fib1+fib2; fib2=t; cnt++; end do h Safety property: fib1 4 + fib2 4 + 2*fib1*fib2 3 – 2 fib1 3 *fib2 - fib1 2 *fib2 2 -1 = 0 a=0, b=0, c=0; while (a<n) do if A[a]>0 then B[b]=A[a]+h(b); b=b+1; else C[c]=A[a]; c=c+1; a=a+1; end do Chalmers

  10. Chalmers Laura Kovács Automated Reasoning for Software Correctness Generating and Ensuring Safety Properties Chalmers

  11. Chalmers Laura Kovács Automated Reasoning for System Security and Privacy Generating and Ensuring Security and Privacy Properties Chalmers

  12. Chalmers Laura Kovács Automated Reasoning for Security and Privacy - Array a : bit-wise representation of a secret key - Hamming weight hw : number of 1s in the key i=0, hw=0; while (i<n) do hw=hw+a[i]; i=i+1; end do Chalmers

  13. Chalmers Laura Kovács Automated Reasoning for Security and Privacy - Array a : bit-wise representation of a secret key - Hamming weight hw : number of 1s in the key - Leaking hw ? i=0, hw=0; (e.g. measure of side-channel leakage) while (i<n) do hw=hw+a[i]; i=i+1; end do Chalmers

  14. Chalmers Laura Kovács Automated Reasoning for Security and Privacy - Array a : bit-wise representation of a secret key Verifying Relational Properties using Trace Logic - Hamming weight hw : number of 1s in the key Gilles Barthe ∗ † , Renate Eilers ‡ , Pamina Georgiou ‡ , Bernhard Gleiss ‡ , Laura Kovács ‡§ , Matteo Maffei ‡ ∗ Max Planck Institute for Security and Privacy, Germany † IMDEA Software Institute, Spain ‡ TU Wien, Austria § Chalmers University of Technology, Sweden Abstract —We present a logical framework for the verification 1 func main() of relational properties in imperative programs. Our frame- 2 { work reduces verification of relational properties of imperative 3 const Int [] a; programs to a validity problem in trace logic, an expressive 4 const Int alength; instance of first-order predicate logic. Trace logic draws its 5 expressiveness from its syntax, which allows expressing properties 6 Int i = 0; over computation traces. Its axiomatization supports fine-grained 7 Int hw = 0; reasoning about intermediate steps in program execution, notably 8 loop iterations. We present an algorithm to encode the semantics 9 while (i < alength) of programs as well as their relational properties in trace logic, 10 { and then show how first-order theorem proving can be used - Leaking hw ? i=0, hw=0; 11 hw = hw + a[i]; to reason about the resulting trace logic formulas. Our work 12 i = i + 1; is implemented in the tool R APID and evaluated with examples 13 } while (i<n) do coming from the security field. 14 } I. I hw=hw+a[i]; i=i+1; end do - No matter what permutation of a , the hw is the same Chalmers

  15. Chalmers Laura Kovács Automated Reasoning for Security and Privacy Relational Verification i=0, hw=0; i=0, hw=0; while (i<n) do while (i<n) do hw=hw+a[i]; hw=hw+a[i]; i=i+1; i=i+1; end do end do Chalmers

  16. Chalmers Laura Kovács Automated Reasoning for Security and Privacy Relational Verification v w Input array a w v Input array a i=0, hw=0; i=0, hw=0; while (i<n) do while (i<n) do hw=hw+a[i]; hw=hw+a[i]; i=i+1; i=i+1; end do end do Chalmers

  17. Chalmers Laura Kovács Automated Reasoning for Security and Privacy Relational Verification v w Input array a w v Input array a i=0, hw=0; i=0, hw=0; while (i<n) do while (i<n) do hw=hw+a[i]; hw=hw+a[i]; i=i+1; i=i+1; end do end do hw = hw Chalmers

  18. Chalmers Laura Kovács Automated Reasoning for Security and Privacy Relational Verification Induction v w Input array a w v Input array a i=0, hw=0; i=0, hw=0; while (i<n) do while (i<n) do hw=hw+a[i]; hw=hw+a[i]; i=i+1; i=i+1; end do end do hw = hw Chalmers

  19. Chalmers Laura Kovács Automated Reasoning for Security and Privacy Relational Verification Commutativity Induction v w Input array a w v Input array a i=0, hw=0; i=0, hw=0; while (i<n) do while (i<n) do hw=hw+a[i]; hw=hw+a[i]; i=i+1; i=i+1; end do end do hw = hw Chalmers

  20. Chalmers Laura Kovács Automated Reasoning for Security and Privacy Relational Verification Commutativity Induction Induction v w Input array a w v Input array a i=0, hw=0; i=0, hw=0; while (i<n) do while (i<n) do hw=hw+a[i]; hw=hw+a[i]; i=i+1; i=i+1; end do end do hw = hw Chalmers

  21. Chalmers Laura Kovács Automated Reasoning for Security and Privacy Relational Verification v w Input array a w v Input array a i=0, hw=0; i=0, hw=0; while (i<n) do while (i<n) do hw=hw+a[i]; hw=hw+a[i]; i=i+1; i=i+1; end do end do hw = hw Chalmers

  22. Chalmers Laura Kovács Automated Reasoning for Security and Privacy Relational Verification (non-interference, sensitivity) v w Input array a w v Input array a i=0, hw=0; i=0, hw=0; while (i<n) do while (i<n) do hw=hw+a[i]; hw=hw+a[i]; i=i+1; i=i+1; end do end do hw = hw Chalmers

  23. Chalmers Laura Kovács Automated Reasoning for Security and Privacy New Reasoning Challenges: • First-order theories of data structures quantifiers + int/real, naturals/term algebras, arrays, … • Induction not a first-order property • Aggregates (sum, min, max, …) not first-order quantifiers Chalmers

  24. Chalmers Laura Kovács Automated Reasoning for Security and Privacy New Reasoning Challenges: • First-order theories of data structures quantifiers + int/real, naturals/term algebras, arrays, … • Induction not a first-order property • Aggregates (sum, min, max, …) not first-order quantifiers Chalmers

  25. Chalmers Laura Kovács Automated Reasoning for Security and Privacy New Reasoning Challenges: • First-order theories of data structures quantifiers + int/real, naturals/term algebras, arrays, … • Induction not a first-order property • Aggregates (sum, min, max, …) not first-order quantifiers Chalmers

  26. Chalmers What Kind of Automated Reasoners can be Used? Input Examples Impact Propositional MiniSat, SAT Solver Intel formulae Lingeling (First-order) Microsoft, SMT Solvers CVC4, Z3 formulae + theories Amazon First-order formulae Theorem Provers Vampire, E Intel, Amazon (+ theories) Proof Assistants Higher-order Isabelle, Coq Intel, Apple (interactive) formulae

  27. Chalmers Our Automated Reasoner: VAMPIRE Input Examples Impact Propositional MiniSat, SAT Solver Intel formulae Lingeling (First-order) Microsoft, SMT Solvers CVC4, Z3 formulae + theories Amazon First-order formulae Theorem Provers Vampire , E Intel, Amazon (+ theories) Proof Assistants Higher-order Isabelle, Coq Intel, Apple (interactive) formulae

  28. Chalmers What is VAMPIRE? • An automated theorem prover for first-order logic and theories. https://vprover.github.io/download.html • Completely automatic: once you started a proof attempt, it can only be interrupted by terminating the process. • Champion of the CASC world-cup in first-order theorem proving: won CASC > 50 times.

  29. Chalmers VAMPIRE • It produces detailed proofs • It competes with SMT solvers on their problems • In normal operation, it is saturation-based • It is portfolio-based - works best when uses lots of strategies • It supports lots of extra features and options helpful, for example, system security, including induction and theory reasoning.

  30. Chalmers Laura Kovács Automated Reasoning with VAMPIRE for Security and Privacy Chalmers

Recommend

Automated Reasoning: Some Successes and New Challenges Predrag Jani ci c

Automated Reasoning: Some Successes and New Challenges Predrag Jani ci c

What is this talk about? What is automated reasoning? Automated reasoning in propositional logic Automated reasoning in first-order logic Automated reasoning in higher-order logic Automated reasoning in geometry Conclusions Automated

806 views • 52 slides
Introduction to Automated Reasoning and Satisfiability Marijn J.H. Heule

Introduction to Automated Reasoning and Satisfiability Marijn J.H. Heule

Introduction to Automated Reasoning and Satisfiability Marijn J.H. Heule http://www.cs.cmu.edu/~mheule/15816-f19/ Automated Reasoning and Satisfiability, September 3, 2019 1/40 Automated Reasoning Has Many Applications security planning and

1.04k views • 56 slides
Automated Reasoning Course Presentation Summary Automated Reasoning Motivations Course Plan

Automated Reasoning Course Presentation Summary Automated Reasoning Motivations Course Plan

Automated Reasoning Automated Reasoning Course Presentation Summary Automated Reasoning Motivations Course Plan Resources Exam Methods Motivations Automated Reasoning Automated reasoning mechanising the reasoning process. reasoning :

159 views • 14 slides
Applications for Automated Reasoning Marijn J.H. Heule http://www.cs.cmu.edu/~mheule/15816-f19/

Applications for Automated Reasoning Marijn J.H. Heule http://www.cs.cmu.edu/~mheule/15816-f19/

Applications for Automated Reasoning Marijn J.H. Heule http://www.cs.cmu.edu/~mheule/15816-f19/ Automated Reasoning and Satisfiability, September 5, 2019 1/38 Automated Reasoning Has Many Applications security planning and formal

1.17k views • 71 slides
Automated Reasoning Introduction Jacques Fleuriot Automated Reasoning Introduction Lecture 1,

Automated Reasoning Introduction Jacques Fleuriot Automated Reasoning Introduction Lecture 1,

Automated Reasoning Introduction Jacques Fleuriot Automated Reasoning Introduction Lecture 1, page 1 What is it to Reason? Informally, reasoning is: to seek or attain knowledge or truth or the process of drawing conclusions with

876 views • 18 slides
Automated Reasoning 1 Automated Reasoning John Harrison Univ ersit y of Cam bridge

Automated Reasoning 1 Automated Reasoning John Harrison Univ ersit y of Cam bridge

Automated Reasoning 1 Automated Reasoning John Harrison Univ ersit y of Cam bridge What is automated reasoning? Automatic vs. in teractiv e. Successes of the AI and logic approac hes Dev elopmen t of

523 views • 23 slides
Automated Reasoning (what this course is about) AUTOMATED REASONING machine does 'thinking'

Automated Reasoning (what this course is about) AUTOMATED REASONING machine does 'thinking'

0ai Automated Reasoning (what this course is about) AUTOMATED REASONING machine does 'thinking' machine does book-keeping, Krysia Broda user does nothing user does 'thinking'. Room 378 Concerned with GENERAL DEDUCTION - applicable in many

390 views • 5 slides
Automated Reasoning 6 AI Slides (6e) c Lin Zuoquan@PKU 1998-2020 1 6 6 Automated Reasoning

Automated Reasoning 6 AI Slides (6e) c Lin Zuoquan@PKU 1998-2020 1 6 6 Automated Reasoning

Automated Reasoning 6 AI Slides (6e) c Lin Zuoquan@PKU 1998-2020 1 6 6 Automated Reasoning 6.1 Automated theorem proving 6.2 Forward and backward chaining 6.3 Resolution 6.4 Model checking AI Slides (6e) c Lin Zuoquan@PKU

1.02k views • 97 slides
13 Automated Reasoning 13.0 Introduction to Weak 13.3 PROLOG and Methods in Theorem

13 Automated Reasoning 13.0 Introduction to Weak 13.3 PROLOG and Methods in Theorem

13 Automated Reasoning 13.0 Introduction to Weak 13.3 PROLOG and Methods in Theorem Automated Reasoning Proving 13.4 Further Issues in 13.1 The General Problem Automated Reasoning Solver and Difference 13.5 Epilogue and Tables

775 views • 51 slides
Automated Reasoning LTL Model Checking Alan Bundy Automated Reasoning LTL Model Checking

Automated Reasoning LTL Model Checking Alan Bundy Automated Reasoning LTL Model Checking

Automated Reasoning LTL Model Checking Alan Bundy Automated Reasoning LTL Model Checking Lecture 9, page 1 Introduction So far we have looked at theorem proving Powerful, especially where good sets of rewrite rules or decision procedures

639 views • 26 slides
Automated Reasoning Induction Alan Bundy Automated Reasoning Induction Lecture 14, page 1 A

Automated Reasoning Induction Alan Bundy Automated Reasoning Induction Lecture 14, page 1 A

Automated Reasoning Induction Alan Bundy Automated Reasoning Induction Lecture 14, page 1 A Summation Problem What is 1 + 2 + 3 + .... + 999 + 1000? Is there a formula for the general solution? Can we prove this? Automatically?

429 views • 27 slides
Automated Reasoning Model Checking with SPIN (II) Alan Bundy Automated Reasoning SPIN (II)

Automated Reasoning Model Checking with SPIN (II) Alan Bundy Automated Reasoning SPIN (II)

Automated Reasoning Model Checking with SPIN (II) Alan Bundy Automated Reasoning SPIN (II) page 1 Verifying Global Properties Assertions can be used to verify a property locally locally For example, place assert(MemReturned) at the

441 views • 25 slides
Automated Reasoning Model Checking with SPIN Alan Bundy Automated Reasoning SPIN Lecture 10,

Automated Reasoning Model Checking with SPIN Alan Bundy Automated Reasoning SPIN Lecture 10,

Automated Reasoning Model Checking with SPIN Alan Bundy Automated Reasoning SPIN Lecture 10, page 1 Model Checking in Practice System behaviour: what is possible in our model? We will use the language Promela to specify behaviour

341 views • 18 slides
Automated Reasoning Resolution Theorem Proving Temur Kutsia RISC, Johannes Kepler University,

Automated Reasoning Resolution Theorem Proving Temur Kutsia RISC, Johannes Kepler University,

Automated Reasoning Resolution Theorem Proving Temur Kutsia RISC, Johannes Kepler University, Linz, Austria kutsia@risc.jku.at What is Automated Reasoning Reasoning: The process of making inferences. Automated reasoning studies methods to

2.15k views • 192 slides
Automated Reasoning and its Applications John Harrison Intel Corporation Colloquium, Institute

Automated Reasoning and its Applications John Harrison Intel Corporation Colloquium, Institute

Automated Reasoning and its Applications John Harrison Intel Corporation Colloquium, Institute of Mathematics Hanoi 30th July 2009 0 What is automated reasoning? Attempting to perform logical reasoning in an automatic and algorithmic way.

537 views • 35 slides
Automated Reasoning for Security Protocol Analysis The ASW Protocol Revisited: A Unified View

Automated Reasoning for Security Protocol Analysis The ASW Protocol Revisited: A Unified View

Automated Reasoning for Security Protocol Analysis The ASW Protocol Revisited: A Unified View Paul Hankes Drielsma and Sebastian M odersheim Information Security, ETH Zurich ARSPA Paul Hankes Drielsma 1 Introduction ASW: an

508 views • 14 slides
Automated Reasoning: A Survey John Harrison University of Cambridge (visiting TU M unchen)

Automated Reasoning: A Survey John Harrison University of Cambridge (visiting TU M unchen)

Automated Reasoning: A Survey 1 Automated Reasoning: A Survey John Harrison University of Cambridge (visiting TU M unchen) What is automated reasoning? Theoretical and practical limits Successes of the AI and logic approaches

316 views • 28 slides
CSC2542 Topics in Knowledge Representation &amp; Reasoning: Automated Planning &amp; Reasoning

CSC2542 Topics in Knowledge Representation &amp; Reasoning: Automated Planning &amp; Reasoning

CSC2542 Topics in Knowledge Representation &amp; Reasoning: Automated Planning &amp; Reasoning About Action Fall 2010 General Information URL: http://www.cs.toronto.edu/~sheila/2542/f10 Lectures: Thursday 2:00 4:00 PM, BA3116 (for now)

167 views • 15 slides
Automated Reasoning Rewrite Rules Jacques Fleuriot Automated Reasoning Rewrite Rules Lecture

Automated Reasoning Rewrite Rules Jacques Fleuriot Automated Reasoning Rewrite Rules Lecture

Automated Reasoning Rewrite Rules Jacques Fleuriot Automated Reasoning Rewrite Rules Lecture 8, page 1 Term Rewriting Rewriting is a technique for replacing terms in an expression with equivalent terms useful for simplification, e.g.

485 views • 23 slides
Automated Reasoning Model Checking with Spin (III) Alan Bundy Automated Reasoning Model

Automated Reasoning Model Checking with Spin (III) Alan Bundy Automated Reasoning Model

Automated Reasoning Model Checking with Spin (III) Alan Bundy Automated Reasoning Model Checking with Spin (III) Lecture 12, page 1 Outline of Verification Process Objective: form one big automata, which Spin can use for verification.

1.01k views • 25 slides
Automated Reasoning for Systems Engineering Laura Kov acs Vienna University of Technology

Automated Reasoning for Systems Engineering Laura Kov acs Vienna University of Technology

Automated Reasoning for Systems Engineering Laura Kov acs Vienna University of Technology Future and Our Motivation 1. Automated reasoning, in particular theorem proving will remain central in software verification and program analysis.

881 views • 69 slides
Automated Reasoning (what this course is about) machine does 'thinking' user does 'thinking'

Automated Reasoning (what this course is about) machine does 'thinking' user does 'thinking'

0ai Automated Reasoning (what this course is about) machine does 'thinking' user does 'thinking' AUTOMATED REASONING user does nothing machine keeps the books Krysia Broda Concerned with GENERAL DEDUCTION - applicable in many areas.

357 views • 6 slides
Automated Reasoning Rippling: Heuristic Guidance for Inductive Proof (II) Alan Bundy Automated

Automated Reasoning Rippling: Heuristic Guidance for Inductive Proof (II) Alan Bundy Automated

Automated Reasoning Rippling: Heuristic Guidance for Inductive Proof (II) Alan Bundy Automated Reasoning Rippling (II) Lecture 17, page 1 Ripple-Based Heuristics Induction Rules: choose induction which best supports rippling. Lemmas:

490 views • 25 slides
CS573 Data Privacy and Security Data Privacy and Security in Healthcare Data Privacy and Security

CS573 Data Privacy and Security Data Privacy and Security in Healthcare Data Privacy and Security

CS573 Data Privacy and Security Data Privacy and Security in Healthcare Data Privacy and Security in Healthcare Li Xiong Healthcare security and privacy HIPAA overview Research survey on information security and privacy in healthcare

1.05k views • 57 slides

More recommend