Using equivalence-checking to verify robustness to denial of service

“…If two systems are secure according to this principle, then their composition is secure as well. Based on similar ideas, several papers ( [13,19,14,26,8,7] to cite a few) apply compositional reasoning to the verification of security protocols.…”

“…Its application to security is based on the idea that an undesired interference from a high-security level part of the system to another one at low-security level can be revealed by comparing different system views that are obtained by changing the behavior of the interfering high-security level components (see, e.g., [29,16,27]). While the original definition of noninterference is not component oriented, several approaches in the literature have subsequently proposed a compositional treatment of it (see, e.g., [23,13,28,19,32,14,26,8,7]). In this paper, we extend previous work by introducing a component-oriented formulation of noninterference that enables compositional security verification driven by system topology.…”

“…On the one hand, there are already several works addressing component-oriented verification of functional properties based on equivalence checking (see, e.g., [6,21,15,2]). On the other hand, equivalence checking has been successfully applied to the compositional verification of noninterference (see, e.g., [16,13,32,26]). …”

Component-oriented verification of noninterference

“…If two systems are secure according to this principle, then their composition is secure as well. Based on similar ideas, several papers ( [13,19,14,26,8,7] to cite a few) apply compositional reasoning to the verification of security protocols.…”

“…Its application to security is based on the idea that an undesired interference from a high-security level part of the system to another one at low-security level can be revealed by comparing different system views that are obtained by changing the behavior of the interfering high-security level components (see, e.g., [29,16,27]). While the original definition of noninterference is not component oriented, several approaches in the literature have subsequently proposed a compositional treatment of it (see, e.g., [23,13,28,19,32,14,26,8,7]). In this paper, we extend previous work by introducing a component-oriented formulation of noninterference that enables compositional security verification driven by system topology.…”

“…On the one hand, there are already several works addressing component-oriented verification of functional properties based on equivalence checking (see, e.g., [6,21,15,2]). On the other hand, equivalence checking has been successfully applied to the compositional verification of noninterference (see, e.g., [16,13,32,26]). …”

Component-oriented verification of noninterference