formal verification and security group
play

Formal Verification and Security Group Research Interests Natasha - PowerPoint PPT Presentation

Feb 03, 2023 •48 likes •578 views

Formal Verification and Security Group Research Interests Natasha Sharygina www.verify.inf.usi.ch Universit` a della Svizzera Italiana (USI) October 30, 2009 FVS Group (USI) Research Interests October 30, 2009 1 / 21 Outline FVS group

  1. Formal Verification and Security Group Research Interests Natasha Sharygina www.verify.inf.usi.ch Universit` a della Svizzera Italiana (USI) October 30, 2009 FVS Group (USI) Research Interests October 30, 2009 1 / 21

  2. Outline • FVS group at USI • Group projects • Synergy of precise and fast abstraction • SMT-based decision procedures • Loop summarization FVS Group (USI) Research Interests October 30, 2009 2 / 21

  3. Formal Verification and Security Group at USI Universit` a della Svizzera Italiana (USI or University of Lugano) is located in the southernmost (and sunniest) part of Switzerland. Members: • Prof. Natasha Sharygina • Postdoc: Roberto Bruttomesso • PhD Students: Aliaksei Tsitovich, Simone Rollini FVS Group (USI) Research Interests October 30, 2009 3 / 21

  4. Formal Verification and Security Group at USI FVS Group (USI) Research Interests October 30, 2009 3 / 21

  5. Synergy of precise and fast abstraction FVS Group (USI) Research Interests October 30, 2009 4 / 21

  6. Project motivation: existing approaches to abstraction in CEGAR loop are not perfect Precise abstraction • Minimal number of abstract transitions (no spurious transitions) FVS Group (USI) Research Interests October 30, 2009 5 / 21

  7. Project motivation: existing approaches to abstraction in CEGAR loop are not perfect Precise abstraction • Minimal number of abstract transitions (no spurious transitions) • Adding new predicates is enough to refine spurious path FVS Group (USI) Research Interests October 30, 2009 5 / 21

  8. Project motivation: existing approaches to abstraction in CEGAR loop are not perfect Precise abstraction • Minimal number of abstract transitions (no spurious transitions) • Adding new predicates is enough to refine spurious path • But... Very slow computation (exponential in the number of predicates). FVS Group (USI) Research Interests October 30, 2009 5 / 21

  9. Project motivation: existing approaches to abstraction in CEGAR loop are not perfect Fast abstraction Precise abstraction • Many ways to approximate the • Minimal number of abstract abstraction (Cartesian transitions (no spurious abstraction, predicate transitions) partitioning etc.) • Adding new predicates is enough to refine spurious path • But... Very slow computation (exponential in the number of predicates). FVS Group (USI) Research Interests October 30, 2009 5 / 21

  10. Project motivation: existing approaches to abstraction in CEGAR loop are not perfect Fast abstraction Precise abstraction • Many ways to approximate the • Minimal number of abstract abstraction (Cartesian transitions (no spurious abstraction, predicate transitions) partitioning etc.) • Adding new predicates is enough • Usually very fast computation to refine spurious path • But... Very slow computation (exponential in the number of predicates). FVS Group (USI) Research Interests October 30, 2009 5 / 21

  11. Project motivation: existing approaches to abstraction in CEGAR loop are not perfect Fast abstraction Precise abstraction • Many ways to approximate the • Minimal number of abstract abstraction (Cartesian transitions (no spurious abstraction, predicate transitions) partitioning etc.) • Adding new predicates is enough • Usually very fast computation to refine spurious path • But... • But... Very slow computation • Introduces spurious transitions (exponential in the number of (abstraction contains both predicates). spurious transitions and spurious paths) • Requires many refinement iterations to remove numerous spurious transitions. FVS Group (USI) Research Interests October 30, 2009 5 / 21

  12. Our solution: combine fast and precise predicate abstraction in CEGAR loop Start with fast abstraction Program Model Checking Abstraction No violations Counterexample π Real bug Refinement Simulation Spurious Refine as precise as possible FVS Group (USI) Research Interests October 30, 2009 6 / 21

  13. Components of our algorithm • FastAbstraction : given a set of predicates Π and a concrete transition relation T computes program over-approximation for ˆ T Π . • PreciseAbstraction : given a set of predicates Π and a concrete transition relation T computes the minimal abstraction for ˆ T Π . • SpuriousTransition ( π ): given a path π , maps every transition t in = ˆ π to a set of predicates P , s.t. P ⊆ Π and t �| T P . • SpuriousPath ( π ): given a path π , maps every transition t in π to a = ˆ set of predicates P , s.t. π �| T σ SP ( t ) . Note that Π ⊆ P , i.e., SpuriousPath introduces new predicates. FVS Group (USI) Research Interests October 30, 2009 7 / 21

  14. The “synergy” algorithm MixCegarLoop( TransitionSystem M, Property F ) begin Let’s proceed stepwise Π = InitialPredicates( F,T ) ; α = FastAbstraction( T, Π ) ; while not TIMEOUT do π = ModelCheck( α ,F ) ; if π = ∅ then return CORRECT; else σ ST = SpuriousTransition( π ) ; if σ ST � = ∅ then foreach t ∈ π do C = PreciseAbstraction( T, σ ST ( t ) ) ; α = α ∧ C ; else σ SP = SpuriousPath( π ) ; if σ SP � = ∅ then return INCORRECT; else foreach t ∈ π do Π = Π ∪ σ SP ( t ); C = PreciseAbstraction( T, σ SP ( t ) ) ; α = α ∧ C ; end FVS Group (USI) Research Interests October 30, 2009 8 / 21

  15. The “synergy” algorithm Choose initial predi- MixCegarLoop( TransitionSystem M, Property F ) begin cates Π and use them Π = InitialPredicates( F,T ) ; α = FastAbstraction( T, Π ) ; for fast abstraction while not TIMEOUT do π = ModelCheck( α ,F ) ; if π = ∅ then return CORRECT; else σ ST = SpuriousTransition( π ) ; if σ ST � = ∅ then foreach t ∈ π do C = PreciseAbstraction( T, σ ST ( t ) ) ; α = α ∧ C ; else σ SP = SpuriousPath( π ) ; if σ SP � = ∅ then return INCORRECT; else foreach t ∈ π do Π = Π ∪ σ SP ( t ); C = PreciseAbstraction( T, σ SP ( t ) ) ; α = α ∧ C ; end FVS Group (USI) Research Interests October 30, 2009 8 / 21

  16. The “synergy” algorithm Perform Model Check- MixCegarLoop( TransitionSystem M, Property F ) begin ing and obtain coun- Π = InitialPredicates( F,T ) ; α = FastAbstraction( T, Π ) ; terexample π (if it ex- while not TIMEOUT do π = ModelCheck( α ,F ) ; ists) if π = ∅ then return CORRECT; else σ ST = SpuriousTransition( π ) ; if σ ST � = ∅ then foreach t ∈ π do C = PreciseAbstraction( T, σ ST ( t ) ) ; α = α ∧ C ; else σ SP = SpuriousPath( π ) ; if σ SP � = ∅ then return INCORRECT; else foreach t ∈ π do Π = Π ∪ σ SP ( t ); C = PreciseAbstraction( T, σ SP ( t ) ) ; α = α ∧ C ; end FVS Group (USI) Research Interests October 30, 2009 8 / 21

  17. The “synergy” algorithm MixCegarLoop( TransitionSystem M, Property F ) Compute spurious tran- begin Π = InitialPredicates( F,T ) ; sitions ( σ ST : ∀ t ∈ π → α = FastAbstraction( T, Π ) ; while not TIMEOUT do = ˆ P ⊆ Π ∧ t �| T P ) π = ModelCheck( α ,F ) ; if π = ∅ then return CORRECT; else σ ST = SpuriousTransition( π ) ; if σ ST � = ∅ then foreach t ∈ π do C = PreciseAbstraction( T, σ ST ( t ) ) ; α = α ∧ C ; else σ SP = SpuriousPath( π ) ; if σ SP � = ∅ then return INCORRECT; else foreach t ∈ π do Π = Π ∪ σ SP ( t ); C = PreciseAbstraction( T, σ SP ( t ) ) ; α = α ∧ C ; end FVS Group (USI) Research Interests October 30, 2009 8 / 21

  18. The “synergy” algorithm 1 Perform Precise- MixCegarLoop( TransitionSystem M, Property F ) Abstraction for begin Π = InitialPredicates( F,T ) ; predicates P α = FastAbstraction( T, Π ) ; while not TIMEOUT do related to spurious π = ModelCheck( α ,F ) ; if π = ∅ then return CORRECT; transitions ∀ t ∈ π . else σ ST = SpuriousTransition( π ) ; if σ ST � = ∅ then 2 Remove detected foreach t ∈ π do spurious C = PreciseAbstraction( T, σ ST ( t ) ) ; α = α ∧ C ; transitions by else σ SP = SpuriousPath( π ) ; refining original if σ SP � = ∅ then return INCORRECT; abstraction else foreach t ∈ π do Π = Π ∪ σ SP ( t ); C = PreciseAbstraction( T, σ SP ( t ) ) ; Note, all spurious transitions related α = α ∧ C ; to detected predicates are removed end at once! FVS Group (USI) Research Interests October 30, 2009 8 / 21

  19. The “synergy” algorithm Otherwise check if π MixCegarLoop( TransitionSystem M, Property F ) begin has any spurious path Π = InitialPredicates( F,T ) ; α = FastAbstraction( T, Π ) ; ( σ SP : t ∈ π → Π ⊆ while not TIMEOUT do π = ModelCheck( α ,F ) ; = ˆ P ∧ π �| T σ SP ( t ) ) if π = ∅ then return CORRECT; else σ ST = SpuriousTransition( π ) ; if σ ST � = ∅ then foreach t ∈ π do C = PreciseAbstraction( T, σ ST ( t ) ) ; α = α ∧ C ; else σ SP = SpuriousPath( π ) ; if σ SP � = ∅ then return INCORRECT; else foreach t ∈ π do Π = Π ∪ σ SP ( t ); C = PreciseAbstraction( T, σ SP ( t ) ) ; α = α ∧ C ; end FVS Group (USI) Research Interests October 30, 2009 8 / 21

Recommend

Formal Methods Chapter 21 Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide

Formal Methods Chapter 21 Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide

Formal Methods Chapter 21 Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 21-1 Outline Formal verification techniques Design verification languages Bell-LaPadula and SPECIAL Current verification systems

911 views • 63 slides
Model-Checking Acknowledgment Formal Verification Formal verification means to apply

Model-Checking Acknowledgment Formal Verification Formal verification means to apply

Model-Checking Acknowledgment Formal Verification Formal verification means to apply mathematical arguments to prove the correctness of systems Systems have bugs Formal verification aims to find and correct such bugs Why? Computer systems

1.42k views • 122 slides
Formal Verification and Computer Architecture A Validated Formal Model of the x86 ISA for

Formal Verification and Computer Architecture A Validated Formal Model of the x86 ISA for

Formal Verification and Computer Architecture A Validated Formal Model of the x86 ISA for Analyzing Computing Systems Shilpi Goel shilpi@centtech.com Formal Verification Engineer Centaur Technology, Inc. Software and Reliability Can we rely

1.14k views • 78 slides
Formal Hardware Verification: getting started Mary Sheeran Making Formal Verification work Aim

Formal Hardware Verification: getting started Mary Sheeran Making Formal Verification work Aim

Formal Hardware Verification: getting started Mary Sheeran Making Formal Verification work Aim for automation (bit level) Find niches where formal methods work well Use assertions/ properties first in sim. and then in FV (the acronym is ABV,

1.14k views • 65 slides
Formal Verification in Industry John Harrison Intel Corporation The cost of bugs Formal

Formal Verification in Industry John Harrison Intel Corporation The cost of bugs Formal

Formal Verification in Industry 1 Formal Verification in Industry John Harrison Intel Corporation The cost of bugs Formal verification Machine-checked proof Automatic and interactive approaches HOL Light Floating point

366 views • 25 slides
Security protocols: formal models and verification Sergiu Bursuc School of Computer Science,

Security protocols: formal models and verification Sergiu Bursuc School of Computer Science,

Security protocols: formal models and verification Sergiu Bursuc School of Computer Science, University of Bristol Finse Winter School, 7 May 2015 Security protocols: roles and goals Roles: P 1 , . . . , P n (e.g. clients, servers, devices,

1.43k views • 127 slides
Shuntaint: Emulation-based Security Testing for Formal Verification Bruno Luiz

Shuntaint: Emulation-based Security Testing for Formal Verification Bruno Luiz

Shuntaint: Emulation-based Security Testing for Formal Verification Bruno Luiz ramosblc@gmail.com Black Hat Europe 2009 Overview Give a brief overview of the emulation- based security testing Introduction to VEX Formalism

376 views • 26 slides
Formal Verification of e-Auction protocols Jannik Dreier, Pascal Lafourcade, Yassine Lakhnech

Formal Verification of e-Auction protocols Jannik Dreier, Pascal Lafourcade, Yassine Lakhnech

Introduction Formal Definitions Case Studies Conclusion Formal Verification of e-Auction protocols Jannik Dreier, Pascal Lafourcade, Yassine Lakhnech Universit Grenoble 1, CNRS, VERIMAG firstname.lastname@imag.fr Principles of Security and

806 views • 68 slides
Formal Verification of Floating-Point Arithmetic John Harrison Intel Corporation Formal

Formal Verification of Floating-Point Arithmetic John Harrison Intel Corporation Formal

Formal Verification of Floating-Point Arithmetic 1 Formal Verification of Floating-Point Arithmetic John Harrison Intel Corporation Formal verification Machine-checked proof Automatic and interactive approaches HOL Light

539 views • 19 slides
Formal Verification of Mathematical Algorithms John Harrison Intel Corporation The cost of

Formal Verification of Mathematical Algorithms John Harrison Intel Corporation The cost of

Formal Verification of Mathematical Algorithms 1 Formal Verification of Mathematical Algorithms John Harrison Intel Corporation The cost of bugs Formal verification Levels of verification HOL Light Formalizing mathematics

353 views • 19 slides
Formal Verification of RISC-V cores with riscv-formal Clifford Wolf CTO, Symbiotic EDA

Formal Verification of RISC-V cores with riscv-formal Clifford Wolf CTO, Symbiotic EDA

Formal Verification of RISC-V cores with riscv-formal Clifford Wolf CTO, Symbiotic EDA http://www.clifford.at/papers/2018/riscv-formal/ About assertion based formal verification (formal ABV) Assertion based verification (ABV) Uses

781 views • 39 slides
Formal Verification with Yosys-SMTBMC Clifford Wolf Yosys Flows Synthesis Formal

Formal Verification with Yosys-SMTBMC Clifford Wolf Yosys Flows Synthesis Formal

Formal Verification with Yosys-SMTBMC Clifford Wolf Yosys Flows Synthesis Formal Verification Yosys-STMBMC iCE40 FPGAs Bounded Model Checking (Project IceStorm) Using any SMT-LIB2 solver (using QF_AUFBV logic) Xilinx

707 views • 56 slides
Towards Formal Verification in Cryptographic Web Applications A Three Year Evolution Nadim

Towards Formal Verification in Cryptographic Web Applications A Three Year Evolution Nadim

Towards Formal Verification in Cryptographic Web Applications A Three Year Evolution Nadim Kobeissi PROSECCO: Pro gramming Sec urely with C rypt o graphy. Team at INRIA Paris specializing in applied cryptography and formal verification.

357 views • 14 slides
Program Verification (6EC version only) Erik Poll Digital Security Radboud University Nijmegen

Program Verification (6EC version only) Erik Poll Digital Security Radboud University Nijmegen

Program Verification (6EC version only) Erik Poll Digital Security Radboud University Nijmegen Overview Program Verification using Verification Condition Generators JML a formal specification language for Java Used for the

620 views • 41 slides
Verification of Security Protocols Part I eronique Cortier 1 V September, 2010 Fosad 2010 1

Verification of Security Protocols Part I eronique Cortier 1 V September, 2010 Fosad 2010 1

Introduction on security protocols Formal models Unbounded number of sessions Verification of Security Protocols Part I eronique Cortier 1 V September, 2010 Fosad 2010 1 LORIA, CNRS 1/65 V eronique Cortier Verification of Security

1.29k views • 111 slides
Formal verification of low-level execution platforms Roberto Guanciale Assistant professor

Formal verification of low-level execution platforms Roberto Guanciale Assistant professor

Roberto Guanciale Estonian Winter School Day 01 Formal verification of low-level execution platforms Roberto Guanciale Assistant professor Computer Security Department of Theoretical Computer Science @KTH Research interest in Formal

895 views • 71 slides
Formal modeling and verification of the Java Card security architecture Eduardo Gimnez

Formal modeling and verification of the Java Card security architecture Eduardo Gimnez

VERIFICARD Formal modeling and verification of the Java Card security architecture Eduardo Gimnez Olivier Ly Trusted Logic SchlumbergerSema SchlumbergerSema January 8th, 2002 SchlumbergerSema & Trusted

800 views • 38 slides
A GENERAL-PURPOSE CRN-TO-DSD COMPILER WITH FORMAL VERIFICATION, OPTIMIZATION, AND SIMULATION

A GENERAL-PURPOSE CRN-TO-DSD COMPILER WITH FORMAL VERIFICATION, OPTIMIZATION, AND SIMULATION

A GENERAL-PURPOSE CRN-TO-DSD COMPILER WITH FORMAL VERIFICATION, OPTIMIZATION, AND SIMULATION CAPABILITIES Stefan Badelt , Seung Woo Shin, Robert F. Johnson, Qing Dong, Chris Thachuk, and Erik Winfree DNA and Natural Algorithms (DNA) Group,

320 views • 28 slides
Formal Specification and Verification Formal specification (2) 29.11.2016 Viorica

Formal Specification and Verification Formal specification (2) 29.11.2016 Viorica

Formal Specification and Verification Formal specification (2) 29.11.2016 Viorica Sofronie-Stokkermans e-mail: sofronie@uni-koblenz.de 1 Until now Logic Formal specification (generalities) Algebraic specification 2 Formal

627 views • 19 slides
Formal Specification and Verification Formal specification (2) 6.12.2016 Viorica

Formal Specification and Verification Formal specification (2) 6.12.2016 Viorica

Formal Specification and Verification Formal specification (2) 6.12.2016 Viorica Sofronie-Stokkermans e-mail: sofronie@uni-koblenz.de 1 Until now Logic Formal specification (generalities) Algebraic specification Transition systems 2

798 views • 62 slides
Formal Verification and Testing for Formal Verification and Testing for Reactive Systems

Formal Verification and Testing for Formal Verification and Testing for Reactive Systems

ARTIST2 - ARTIST2 - MOTIVES MOTIVES Trento - - Italy, February 19 Italy, February 19- -23, 2007 23, 2007 Trento Session: Testing and Runtime Verification Formal Verification and Testing for Formal Verification and Testing for Reactive

881 views • 31 slides
Machine Learning in Formal Verification Manish Pandey, PhD Chief Architect, New Technologies

Machine Learning in Formal Verification Manish Pandey, PhD Chief Architect, New Technologies

Machine Learning in Formal Verification Manish Pandey, PhD Chief Architect, New Technologies Synopsys, Inc. June 18, 2017 1 Build Better Formal Verification Tools? CAR BICYCLE DOG S oftware that learns from experience and enables

767 views • 40 slides
Formal Verification with SymbiYosys and Yosys-SMTBMC Clifford Wolf Availability of various EDA

Formal Verification with SymbiYosys and Yosys-SMTBMC Clifford Wolf Availability of various EDA

Formal Verification with SymbiYosys and Yosys-SMTBMC Clifford Wolf Availability of various EDA tools for students, hobbyists, enthusiasts FPGA Synthesis Formal Verification Free to use: Free to use: Xilinx Vivado WebPack,

819 views • 49 slides
Formal Verification via MCMAS & PRISM Hongyang Qu University of Sheffield 1 December 2015

Formal Verification via MCMAS & PRISM Hongyang Qu University of Sheffield 1 December 2015

Formal Verification via MCMAS & PRISM Hongyang Qu University of Sheffield 1 December 2015 Outline Motivation for Formal Verification Overview of MCMAS Overview of PRISM Formal verification It is a systematic way to check

461 views • 34 slides

More recommend