Making abstract models complete †

Completeness is a key feature of abstract interpretation. It corresponds to exactness of the abstraction of fix-points and relies upon the need of absence of false alarms in static program analysis. Making abstract interpretation complete is therefore a major problem in approximating the semantics of programming languages. In this paper, we consider the problem of making abstract interpretations complete by minimally modifying the predicate transformer, i.e. the semantics, of a program. We study the mathematical properties of complete functions on complete lattices and prove the existence of minimal transformations of monotone functions to achieve completeness. We then apply minimal complete transformers to prove the minimality of standard program transformations in security, such as static program monitoring.

[1]  Orna Grumberg,et al.  Abstract interpretation of reactive systems , 1997, TOPL.

[2]  Jasvir Nagra,et al.  Threading Software Watermarks , 2004, Information Hiding.

[3]  Gilberto Filé,et al.  A unifying view of abstract domain design , 1996, CSUR.

[4]  Roberto Giacobazzi,et al.  An abstract interpretation-based model for safety semantics , 2011, Int. J. Comput. Math..

[5]  H. Peter Gumm Another Glance at the Alpern-Schneider Characterization of Safety and Liveness in Concurrent Executions , 1993, Inf. Process. Lett..

[6]  Roberto Giacobazzi,et al.  Semantics-based code obfuscation by abstract interpretation , 2009, J. Comput. Secur..

[7]  Fred B. Schneider,et al.  Enforceable security policies , 2000, TSEC.

[8]  Brian A. Davey,et al.  An Introduction to Lattices and Order , 1989 .

[9]  Simon L. Peyton Jones,et al.  Imperative functional programming , 1993, POPL '93.

[10]  Somesh Jha,et al.  A semantics-based approach to malware detection , 2007, POPL '07.

[11]  Morgan Ward,et al.  The Closure Operators of a Lattice , 1942 .

[12]  Ramarathnam Venkatesan,et al.  A Graph Theoretic Approach to Software Watermarking , 2001, Information Hiding.

[13]  Tsutomu Matsumoto,et al.  Security Evaluation of a Type of Table-Network Implementation of Block Ciphers , 2006, ASIAN.

[14]  Patrick Cousot,et al.  Comparing the Galois Connection and Widening/Narrowing Approaches to Abstract Interpretation , 1992, PLILP.

[15]  Ohad Kammar,et al.  Algebraic foundations for effect-dependent optimisations , 2012, POPL '12.

[16]  Patrick Cousot,et al.  A constructive characterization of the lattices of all retractions, pre-closure, quasi-closure and closure operators on a complete lattice , 1979 .

[17]  Patrick Cousot,et al.  Abstract Interpretation Frameworks , 1992, J. Log. Comput..

[18]  Francesco Logozzo,et al.  Refining Abstract Interpretation-Based Static Analyses with Hints , 2009, APLAS.

[19]  Flemming Nielson,et al.  Principles of Program Analysis , 1999, Springer Berlin Heidelberg.

[20]  Christian S. Collberg,et al.  Watermarking, Tamper-Proofing, and Obfuscation-Tools for Software Protection , 2002, IEEE Trans. Software Eng..

[21]  Roberto Giacobazzi,et al.  Uniform Closures: Order-Theoretically Reconstructing Logic Program Semantics and Abstract Domain Refinements , 1998, Inf. Comput..

[22]  Xavier Rival,et al.  The trace partitioning abstract domain , 2007, TOPL.

[23]  Patrick Cousot,et al.  Systematic design of program analysis frameworks , 1979, POPL.

[24]  Roberto Giacobazzi,et al.  Refining and Compressing Abstract Domains , 1997, ICALP.

[25]  Roberto Giacobazzi,et al.  Incompleteness, Counterexamples, and Refinements in Abstract Model-Checking , 2001, SAS.

[26]  Patrick Cousot,et al.  Combination of Abstractions in the ASTRÉE Static Analyzer , 2006, ASIAN.

[27]  Isabella Mastroeni Deriving Bisimulations by Simplifying Partitions , 2008, VMCAI.

[28]  Roberto Giacobazzi,et al.  Transforming Abstract Interpretations by Abstract Interpretation , 2008, SAS.

[29]  Patrick Cousot,et al.  Fixpoint-Guided Abstraction Refinements , 2007, SAS.

[30]  Sriram K. Rajamani,et al.  Counterexample Driven Refinement for Abstract Interpretation , 2006, TACAS.

[31]  Andreas Podelski,et al.  Relative Completeness of Abstraction Refinement for Software Model Checking , 2002, TACAS.

[32]  Christian S. Collberg,et al.  Software watermarking: models and dynamic embeddings , 1999, POPL '99.

[33]  Isabella Mastroeni Algebraic Power Analysis by Abstract Interpretation , 2004, High. Order Symb. Comput..

[34]  Roberto Giacobazzi,et al.  Optimal Domains for Disjunctive Abstract Intepretation , 1998, Sci. Comput. Program..

[35]  Helmut Veith,et al.  Counterexample-guided abstraction refinement for symbolic model checking , 2003, JACM.

[36]  P. Cousot,et al.  Constructive versions of tarski's fixed point theorems , 1979 .

[37]  Roberto Giacobazzi,et al.  Abstract non-interference: parameterizing non-interference by abstract interpretation , 2004, POPL.

[38]  Francesco Ranzato,et al.  Generalized Strong Preservation by Abstract Interpretation , 2004, J. Log. Comput..

[39]  Christian S. Collberg,et al.  A Functional Taxonomy for Software Watermarking , 2002, ACSC.

[40]  Roberto Giacobazzi,et al.  Making abstract interpretations complete , 2000, JACM.

[41]  Patrick Cousot Constructive design of a hierarchy of semantics of a transition system by abstract interpretation , 2002, Theor. Comput. Sci..