Verifying information flow properties of hybrid systems

In this paper, we study the problem of analyzing information flow properties of hybrid systems. We begin by formalizing non-interference -- the baseline information flow property -- for hybrid systems. We then present a type system for statically enforcing non-interference, together with a proof of soundness. We conclude with discussions on future work towards analyzing more permissive information flow properties.

[1]  David Sands,et al.  Dimensions and principles of declassification , 2005, 18th IEEE Computer Security Foundations Workshop (CSFW'05).

[2]  P. Olver Nonlinear Systems , 2013 .

[3]  Alexander Aiken,et al.  Secure Information Flow as a Safety Problem , 2005, SAS.

[4]  Peter J. Denning,et al.  Protection: principles and practice , 1972, AFIPS '72 (Spring).

[5]  Michael Backes,et al.  Automatic Discovery and Quantification of Information Leaks , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[6]  Jerome H. Saltzer,et al.  End-to-end arguments in system design , 1984, TOCS.

[7]  Geoffrey Smith,et al.  A Sound Type System for Secure Flow Analysis , 1996, J. Comput. Secur..

[8]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[9]  Antoine Girard,et al.  SpaceEx: Scalable Verification of Hybrid Systems , 2011, CAV.

[10]  Alvaro A. Cárdenas,et al.  Attacks against process control systems: risk assessment, detection, and response , 2011, ASIACCS '11.

[11]  Andrew C. Myers,et al.  Language-based information-flow security , 2003, IEEE J. Sel. Areas Commun..

[12]  Thomas A. Henzinger,et al.  The theory of hybrid automata , 1996, Proceedings 11th Annual IEEE Symposium on Logic in Computer Science.