Idea: Unwinding Based Model-Checking and Testing for Non-Interference on EFSMs

Undesired flows of information between different sensitivity levels or domains can seriously compromise the security of a system. Moreover, even if specifications are secure, unwanted flows can still be present in implementations. In this paper we present a model-based technique to discover unwanted information flows in specifications and to test systems for unwanted flows. We base our approach on an unwinding relation for Extended Finite State Machines. We preliminary validate our approach by means of an implementation that allows us to benchmark the efficiency of our model-checking algorithm.

[1]  Peter Y. A. Ryan,et al.  Process algebra and non-interference , 2001 .

[2]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[3]  A. Jefferson Offutt,et al.  Generating Tests from UML Specifications , 1999, UML.

[4]  Jim Woodcock,et al.  Non-interference through Determinism , 1994, J. Comput. Secur..

[5]  Roberto Gorrieri,et al.  The Compositional Security Checker: A Tool for the Verification of Information Flow Security Properties , 1997, IEEE Trans. Software Eng..

[6]  Pedro R. D'Argenio,et al.  Secure information flow by self-composition , 2004, Proceedings. 17th IEEE Computer Security Foundations Workshop, 2004..

[7]  Jan Jürjens,et al.  Non-interference on UML State-Charts , 2012, TOOLS.

[8]  Bernd Finkbeiner,et al.  Temporal Logics for Hyperproperties , 2013, POST.

[9]  Alexander Pretschner,et al.  SPaCiTE -- Web Application Testing Engine , 2012, 2012 IEEE Fifth International Conference on Software Testing, Verification and Validation.

[10]  Bruno Legeard,et al.  A taxonomy of model‐based testing approaches , 2012, Softw. Test. Verification Reliab..

[11]  José Meseguer,et al.  Unwinding and Inference Control , 1984, 1984 IEEE Symposium on Security and Privacy.

[12]  Benjamin C. Pierce,et al.  Testing noninterference, quickly , 2013, Journal of Functional Programming.

[13]  Alexander Pretschner,et al.  A Generic Fault Model for Quality Assurance , 2013, MoDELS.

[14]  Benjamin C. Pierce,et al.  Reactive noninterference , 2009, CCS.