Enforcement and validation (at runtime) of various notions of opacity

We are interested in the validation of opacity. Opacity models the impossibility for an attacker to retrieve the value of a secret in a system of interest. Roughly speaking, ensuring opacity provides confidentiality of a secret on the system that must not leak to an attacker. More specifically, we study how we can model-check, verify and enforce at system runtime, several levels of opacity. Besides existing notions of opacity, we also introduce K-step strong opacity, a more practical notion of opacity that provides a stronger level of confidentiality.

[1]  Yliès Falcone,et al.  Enforcement monitoring wrt. the safety-progress classification of properties: NOTE: ACM has found that the authors of this paper failed to cite a work they previously published with much identical content entitled Synthesizing Enforcement Monitors wrt. the Safety-Progress Classification of Propertie , 2009, SAC '09.

[2]  Yliès Falcone,et al.  Runtime enforcement of K-step opacity , 2013, 52nd IEEE Conference on Decision and Control.

[3]  Christoforos N. Hadjicostis,et al.  Verification of K-step opacity and analysis of its complexity , 2011, Proceedings of the 48h IEEE Conference on Decision and Control (CDC) held jointly with 2009 28th Chinese Control Conference.

[4]  Jérémy Dubreil,et al.  Monitoring and Supervisory Control for Opacity Properties , 2009 .

[5]  Yliès Falcone,et al.  Various Notions of Opacity Verified and Enforced at Runtime , 2010 .

[6]  Yliès Falcone,et al.  What can you verify and enforce at runtime? , 2012, International Journal on Software Tools for Technology Transfer.

[7]  Kevin W. Hamlen,et al.  Computability classes for enforcement mechanisms , 2006, TOPL.

[8]  Thierry Jéron,et al.  Monitoring confidentiality by diagnosis techniques , 2009, 2009 European Control Conference (ECC).

[9]  Lujo Bauer,et al.  Run-Time Enforcement of Nonsafety Policies , 2009, TSEC.

[10]  Christoforos N. Hadjicostis,et al.  Verification of initial-state opacity in security applications of discrete event systems , 2013, Inf. Sci..

[11]  Christos G. Cassandras,et al.  Introduction to Discrete Event Systems , 1999, The Kluwer International Series on Discrete Event Dynamic Systems.

[12]  Lujo Bauer,et al.  Enforcing Non-safety Security Policies with Program Monitors , 2005, ESORICS.

[13]  Klaus Havelund,et al.  Verify Your Runs , 2005, VSTTE.

[14]  Benoît Caillaud,et al.  Concurrent Secrets , 2007, 2006 8th International Workshop on Discrete Event Systems.

[15]  Shigemasa Takai,et al.  A Formula for the Supremal Controllable and Opaque Sublanguage Arising in Supervisory Control , 2008 .

[16]  Christoforos N. Hadjicostis,et al.  Opacity-Enforcing Supervisory Strategies via State Estimator Constructions , 2012, IEEE Transactions on Automatic Control.

[17]  Duminda Wijesekera,et al.  Status-Based Access Control , 2008, TSEC.

[18]  Maciej Koutny,et al.  Opacity Generalised to Transition Systems , 2005, Formal Aspects in Security and Trust.

[19]  Stéphane Lafortune,et al.  Enforcement of opacity properties using insertion functions , 2012, 2012 IEEE 51st IEEE Conference on Decision and Control (CDC).

[20]  Pavol Cerný,et al.  Preserving Secrecy Under Refinement , 2006, ICALP.

[21]  Philippe Darondeau,et al.  Supervisory Control for Opacity , 2010, IEEE Transactions on Automatic Control.

[22]  Yliès Falcone,et al.  You Should Better Enforce Than Verify , 2010, RV.

[23]  Martin Leucker,et al.  A brief account of runtime verification , 2009, J. Log. Algebraic Methods Program..

[24]  Christoforos N. Hadjicostis,et al.  Verification of $K$-Step Opacity and Analysis of Its Complexity , 2009, IEEE Transactions on Automation Science and Engineering.

[25]  Christoforos N. Hadjicostis,et al.  Notions of security and opacity in discrete event systems , 2007, 2007 46th IEEE Conference on Decision and Control.

[26]  Thierry Jéron,et al.  Automatic Testing of Access Control for Security Properties , 2009, TestCom/FATES.

[27]  Shigemasa Takai,et al.  Verification and synthesis for secrecy in discrete-event systems , 2009, 2009 American Control Conference.

[28]  Yliès Falcone,et al.  Runtime enforcement monitors: composition, synthesis, and enforcement abilities , 2011, Formal Methods Syst. Des..

[29]  Yliès Falcone,et al.  Runtime Verification of Safety-Progress Properties , 2009, RV.

[30]  Hervé Marchand,et al.  Dynamic Observers for the Synthesis of Opaque Systems , 2009, ATVA.

[31]  Fred B. Schneider,et al.  Enforceable security policies , 2000, TSEC.

[32]  Amir Pnueli,et al.  PSL Model Checking and Run-Time Verification Via Testers , 2006, FM.

[33]  Grigore Rosu,et al.  Efficient monitoring of safety properties , 2004, International Journal on Software Tools for Technology Transfer.

[34]  Yliès Falcone,et al.  Synthesizing Enforcement Monitors wrt. the Safety-Progress Classification of Properties , 2008, ICISS.