Lyee Methodology Mohamed Mejri & Béchir Ktari Computer Science Department Laval University Quebec Canada
Agenda � Introduction � Expertise � Projects � Interest � Collaboration � Conclusion
Introduction
Expertise � Languages, Semantics and Formal Methods � Static and dynamic analysis of code � Advanced compilation techniques: � Certified Compilation � Typing � etc. � Computer Security � Specification and analysis of cryptographic protocols and e-commerce protocols � Malicious code detection
Projects Network Level Correct cryptographic protocols Correct e-commerce protocols Intrusion Detection Application Level Static analysis Dynamic analysis / Monitoring Self-certified code
Projects: Dymna � Dymna (cryptographic and e-commerce protocols analysis) � Theory: logic, typing system, model-checking, abstract interpretation, rewriting, etc. � Practice: A tool delivered to CSE (Canadian Security Establishment) � Distinctions: Many articles in international conferences and Journal � Collaboration: Standfort University (John Mitchel)
Dymna Inputs
Dymna Outputs
Projects: MaliCOTS � MaliCOTS (Detection of Malicious Code) � Theory: logic, semantics, model-checking, certified compilation, static and dynamic analysis, etc. � Practice: Three tools delivered to CRDV � Distinctions: � Thee Canadian prices:TechnoFed’2000, OCTAS’2001 et CIPA’2001 � Many technical reports and articles � Collaboration: Research Center CRDV.
MaliCOTS: Security Policy � Never do send after read(f). � Automata send() read(f) read(f) start has_read send() bad – Logic ( µ -calculus) Always( [ read(f) ] never( do( send ) ) ) ν X.[read(f)]( ¬µ Y.<send>tt ∨ <all>Y) ∧ [all]X
MaliCOTS: SPCheck
MaliCOTS: SPCheck
Interest � Software Engineering: � Formal methods used to: � Specify, � Implement, and � Verify a software. � Programming Languages: � Syntax, semantics � Different paradigms: procedural, functional, parallel, object oriented, etc. � Compilation Techniques: � Proof Carrying Code, etc. � Computer Security
Collaboration
Collaboration � A deep Studying of the Lyee Methodology: � Compare Lyee with other methodologies � Identify more beneficial features of Lyee methodology � Identifying some sub-projects in order to � Formalize, simplify, or/and ameliorate (if necessarily) some aspects of the methodology to make it more user-friendly � Develop some new modules for LyeeAll to address other important aspects that are not handled yet
Collaboration � Evaluate the methodology at different aspects � Suitable for modularity: develop complex system from small and simple ones � Suitable for hierarchical description: allows both low level and high level description � Suitable for formal validation and verification � A proof that the program complies with security policies � Easiness to learn and use: requirement skills of the users � Suitable for which kind of application � Suitable for maintenance: Y2K problem � Etc.
Collaboration Requirements (words, LyeeBelt definitions conditions) Lyee Program LyeeAll Legacy Structures Program (Any Language) (Any Language)
Collaboration Project I Requirements (words, Parallel LyeeBelt definitions LyeeParallel Program conditions) Lyee Program LyeeAll Legacy Structures Program (Any Language) (Any Language)
Collaboration P= P 1 || Lyee …|| LyeeParallel Structures P n PVM (Parallel Virual Machine) PVM P PVM P 3 2 P PVM 4 PVM P Network 1 PVM PVM P P n 4
Collaboration Requirements (words, LyeeBelt definitions conditions) Lyee Program LyeeAll Legacy Structures Program (Any Language) (Any Language) Project 2 Optimized LyeeOptimizer Program
Collaboration Begin E= D+ 2* C D= C+ A+ B Program C= A+ B Iterate B= 2* A A= 1 LyeeOptimizer Begin A= 1 B= 2* A C= A+ B Iterate Optimized D= C+ A+ B Program E= D+ 2* C
Collaboration Requirements (words, LyeeBelt definitions conditions) Lyee Program LyeeAll Legacy Structures Program (Any Language) (Any Language) Business LyeeVerifier Policies Reports Project 3
Collaboration Requirements (words, LyeeBelt definitions conditions) Lyee Program LyeeAll Legacy Structures Program (Any Language) (Any Language) LyeeAnalyser (Equivalence, Profiling, etc.) Reports Project 4
Collaboration State of the art Studying Evaluate Compare I dentifying sub-projects LyeeParallel LyeeOptimizer LyeeVerifier LyeeAnalyzer Etc.
Collaboration � Contributions � Theoretical aspects: Articles, Conferences, etc. � Practical aspects: Tools, prototypes, etc. � Documentation: Technical reports , etc. � Scientific exchanges : Meeting, seminaries, presentations, etc. � High qualified students � A working group on Lyee Methodology
Conclusion � Lyee Methodology � Our feeling � Toward a promising methodology: Good ideas behind the methodology � A lot of works are need to be done to show the power of this methodology � Collaboration � We are motivated to participate on this methodology � We believe that we can bring a significant contribution on this methodology
Recommend
More recommend