Various Notions of Opacity Verified and Enforced at Runtime

In this paper, we are interested in the validation of opacity where opacity means the impossibility for an attacker to retrieve the value of a secret in a system of interest. Roughly speaking, ensuring opacity provides confidentiality of a secret on the system that must not leak to an attacker. More specifically, we study how we can verify and enforce, at system runtime, several levels of opacity. Besides already considered notions of opacity, we also introduce a new one that provides a stronger level of confidentiality.

[1]  Philippe Darondeau,et al.  Supervisory Control for Opacity , 2010, IEEE Transactions on Automatic Control.

[2]  Grigore Rosu,et al.  Synthesizing Monitors for Safety Properties: This Time with Calls and Returns , 2008, RV.

[3]  Christos G. Cassandras,et al.  Introduction to Discrete Event Systems , 1999, The Kluwer International Series on Discrete Event Dynamic Systems.

[4]  Klaus Havelund,et al.  Confirmation of deadlock potentials detected by runtime analysis , 2006, PADTAD '06.

[5]  Benoît Caillaud,et al.  Concurrent Secrets , 2007, 2006 8th International Workshop on Discrete Event Systems.

[6]  Edward Y. Chang,et al.  Characterization of Temporal Property Classes , 1992, ICALP.

[7]  Amir Pnueli,et al.  PSL Model Checking and Run-Time Verification Via Testers , 2006, FM.

[8]  Hervé Marchand,et al.  Dynamic Observers for the Synthesis of Opaque Systems , 2009, ATVA.

[9]  Fred B. Schneider,et al.  Enforceable security policies , 2000, TSEC.

[10]  Eric Bodden,et al.  Racer: effective race detection using aspectj , 2008, ISSTA '08.

[11]  Thierry Jéron,et al.  Monitoring confidentiality by diagnosis techniques , 2009, 2009 European Control Conference (ECC).

[12]  Lujo Bauer,et al.  Enforcing Non-safety Security Policies with Program Monitors , 2005, ESORICS.

[13]  Zohar Manna,et al.  A hierarchy of temporal properties (invited paper, 1989) , 1990, PODC '90.

[14]  Yliès Falcone,et al.  Runtime Verification of Safety-Progress Properties , 2009, RV.

[15]  Christoforos N. Hadjicostis,et al.  Verification of $K$-Step Opacity and Analysis of Its Complexity , 2009, IEEE Transactions on Automation Science and Engineering.

[16]  Yliès Falcone,et al.  Enforcement monitoring wrt. the safety-progress classification of properties: NOTE: ACM has found that the authors of this paper failed to cite a work they previously published with much identical content entitled Synthesizing Enforcement Monitors wrt. the Safety-Progress Classification of Propertie , 2009, SAC '09.

[17]  Jérémy Dubreil,et al.  Monitoring and Supervisory Control for Opacity Properties , 2009 .

[18]  Maciej Koutny,et al.  Opacity generalised to transition systems , 2005, International Journal of Information Security.

[19]  Christoforos N. Hadjicostis,et al.  Notions of security and opacity in discrete event systems , 2007, 2007 46th IEEE Conference on Decision and Control.

[20]  Christoforos N. Hadjicostis,et al.  Delayed State Estimation in Discrete Event Systems and Applications to Security Problems , 2008 .

[21]  Kevin W. Hamlen,et al.  Computability classes for enforcement mechanisms , 2006, TOPL.

[22]  Lujo Bauer,et al.  Run-Time Enforcement of Nonsafety Policies , 2009, TSEC.

[23]  Edward Y. Chang,et al.  The Safety-Progress Classification , 1993 .