Automatic Flow Analysis for Event-B

Bendisposto, Jens; Leuschel, Michaël

doi:10.1007/978-3-642-19811-3_5

Cited by 10 publications

(4 citation statements)

References 15 publications

(17 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Bendisposto et. al [16] proposed an automatic flow analysis by deriving a flow graph structure from an Event-B model specification. The derived graph contained information about dependence and independence of events which can be used for flow analysis and model comprehension.…”

Section: Related Workmentioning

confidence: 99%

Integrating Information Flow Analysis in Unifying Theories of Programming

2021

2021 IEEE 26th Pacific Rim International Symposium on Dependable Computing (PRDC)

View full text Add to dashboard Cite

This paper presents a formal approach for modelling and reasoning about information flow control in software systems under Hoare and He's Unifying Theories of Programming (UTP). We investigate the problem of integrating information flow control into system design in a unified semantic setting.Our approach can therefore treat information flow analysis and control in various families of specification languages and programming paradigms in a more general way. In addition, we formalise the link between classes of predicates as a paired function which maps set of the predicates from one class into set of the predicates from the other with a concern of flow security preservation. The proposed flow-sensitive combined theories of multiple level classes of predicates can be applied to ensure flow security in different paradigms under stepwise development.

show abstract

Section: Related Workmentioning

confidence: 99%

Integrating Information Flow Analysis in Unifying Theories of Programming

2021

2021 IEEE 26th Pacific Rim International Symposium on Dependable Computing (PRDC)

View full text Add to dashboard Cite

show abstract

“…Bendisposto et. al [14] proposed an automatic flow analysis by deriving a flow graph structure from an Event-B model specification. The derived graph contained information about dependence and independence of events which can be used for flow analysis and model comprehension.…”

Section: Related Workmentioning

confidence: 99%

On Information Flow Control in Event-B and Refinement

2013

2013 International Symposium on Theoretical Aspects of Software Engineering

View full text Add to dashboard Cite

This paper investigates the problem of preserving information flow security in Event-B specification models and during the process of refining an abstract specification to be more concrete. A typed Event-B model is presented to enforce information flow security. We then present an approach to the problem of preserving information flow properties under abstraction refinement. The novelty of the approach is that we formalise refinement transformation in terms of the mathematical concept of Galois connection for the purpose of information-flow analysis and control. That is, the stateinvariant and state-transition predicates of the models are used to generate the Galois connection. We show how the refinement transformation ensures to preserve the security properties during the development steps from the beginning abstract-level specification to a concrete implementation.

show abstract

“…However, there has been no treatment for flow analysis and control in abstract specification languages and security preservation under refinement in the above works. There have been a number of works addressing flow analysis in Event-B, but without considering timing leakage [20], [21], [1]. Mu [1] presents a type system for flow control in Event-B models.…”

Section: Related Workmentioning

confidence: 99%

“…Bendisposto et. al [21] derive a flow graph structure from an Event-B model specification to manage the information about dependence and independence of events for flow analysis. Comparing with these works, we have presented a framework to reason about time sensitive flow control in specification language and relevant relations of the stepwise refinement transformations.…”

Section: Related Workmentioning

confidence: 99%

Time-sensitive information flow control in timed event-B

Qin

2017

2017 International Symposium on Theoretical Aspects of Software Engineering (TASE)

View full text Add to dashboard Cite

Protecting confidential data in today's computing environments is an important problem. Information flow control can help to avoid information leakage and violations introduced by executing the software applications. In software development cycle, it is important to handle security related issues from the beginning specifications at the level of abstract. Mu [1] investigated the problem of preserving information flow security in the Event-B specification models. A typed Event-B model was presented to enforce information flow security and to prevent direct flows introduced by the system. However, in practice, timing behaviours of programs can also introduce a covert flow. The problem of run-time flow monitoring and controlling must also be addressed. This paper investigates information flow control in the Event-B specification language with timing constructs. We present a timed Event-B system by introducing timers and relevant time constraints into the system events. We suggest a time-sensitive flow security condition for the timed Event-B systems, and present a type system to close the covert channels of timing flows for the system by ensuring the security condition. We then investigate how to refine timed events during the stepwise refinement modelling to satisfy the security condition.

show abstract

Automatic Flow Analysis for Event-B

Cited by 10 publications

References 15 publications

Integrating Information Flow Analysis in Unifying Theories of Programming

Integrating Information Flow Analysis in Unifying Theories of Programming

On Information Flow Control in Event-B and Refinement

Time-sensitive information flow control in timed event-B

Contact Info

Product

Resources

About