“…Its application to security is based on the idea that an undesired interference from a high-security level part of the system to another one at low-security level can be revealed by comparing different system views that are obtained by changing the behavior of the interfering high-security level components (see, e.g., [29,16,27]). While the original definition of noninterference is not component oriented, several approaches in the literature have subsequently proposed a compositional treatment of it (see, e.g., [23,13,28,19,32,14,26,8,7]). In this paper, we extend previous work by introducing a component-oriented formulation of noninterference that enables compositional security verification driven by system topology.…”