Parametric Timed Model Checking for Guaranteeing Timed Opacity

Abstract: 0000−0001−8473−9555] and Sun Jun 4[0000−0002−3545−1392]Abstract. Information leakage can have dramatic consequences on systems security. Among harmful information leaks, the timing information leakage is the ability for an attacker to deduce internal information depending on the system execution time. We address the following problem: given a timed system, synthesize the execution times for which one cannot deduce whether the system performed some secret behavior. We solve this problem in the setting of timed … Show more

“…-the parametric verification of an asynchronous memory circuit by ST-Microelectronics (from a model described in [37]), -verification of parametric scheduling problems by Astrium Space Transportation [40] and ArianeGroup SAS [13], -analysis of music scores [38], -verifying the multi-processor image processing system of an unmanned aerial aircraft with uncertain periods, as a benchmark made public by Thales [46], -parametric pattern matching and monitoring of logs from the automative industry [20], -synthesis of timing/cost parameters in attack-fault trees [23,31], -testing product lines using parametric constraints [44], -verification of an industrial asynchronous leader election algorithm by Thales using IMITATOR combined with abstractions [18], -performing parametric opacity analyses for timed automata [30], and -synthesis of parameter valuations guaranteeing liveness properties for the Bounded Retransmission Protocol [11].…”

IMITATOR 3: Synthesis of Timing Parameters Beyond Decidability

“…-the parametric verification of an asynchronous memory circuit by ST-Microelectronics (from a model described in [37]), -verification of parametric scheduling problems by Astrium Space Transportation [40] and ArianeGroup SAS [13], -analysis of music scores [38], -verifying the multi-processor image processing system of an unmanned aerial aircraft with uncertain periods, as a benchmark made public by Thales [46], -parametric pattern matching and monitoring of logs from the automative industry [20], -synthesis of timing/cost parameters in attack-fault trees [23,31], -testing product lines using parametric constraints [44], -verification of an industrial asynchronous leader election algorithm by Thales using IMITATOR combined with abstractions [18], -performing parametric opacity analyses for timed automata [30], and -synthesis of parameter valuations guaranteeing liveness properties for the Bounded Retransmission Protocol [11].…”

IMITATOR 3: Synthesis of Timing Parameters Beyond Decidability

“…In [Cas09], the problem of checking opacity for timed automata is considered: it is undecidable whether a system is opaque, i. e., whether an attacker can deduce whether some set of actions was performed, by only observing a given set of observable actions (with their timing). In [AS19], we proposed an alternative (and decidable) notion of opacity for timed automata, in which the intruder can only observe the execution time of the system. We also extend this notion to PTAs, and propose a procedure to automatically synthesize internal timings and admissible execution times for which the system remains opaque.…”

Parametric non-interference in timed automata

Guaranteeing Timed Opacity using Parametric Timed Model Checking