TY - GEN
T1 - Automating Modular Verification of Secure Information Flow
AU - Pick, Lauren
AU - Fedyukovich, Grigory
AU - Gupta, Aarti
N1 - Publisher Copyright:
© 2020 FMCAD Association.
PY - 2020/9/21
Y1 - 2020/9/21
N2 - Verifying secure information flow by reducing it to safety verification is a popular approach, based on constructing product programs or self-compositions of given programs. However, most such existing efforts are non-modular, i.e., they do not infer relational specifications for procedures in interprocedural programs. Such relational specifications can help to verify security properties in a modular fashion, e.g., for verifying clients of library APIs. They also provide security contracts at procedure boundaries to aid code understanding and maintenance. There has been recent interest in constructing modular product programs, but where users are required to provide procedure summaries and related annotations. In this work, we propose to automatically infer relational specifications for procedures in modular product programs. Our approach uses syntax-guided synthesis techniques and grammar templates that target verification of secure information flow properties. This enables automation of modular verification for such properties, thereby reducing the annotation burden. We have implemented our techniques on top of a solver for constrained Horn clauses (CHC). Our evaluation demonstrates that our tool is capable of inferring adequate relational specifications for procedures without requiring annotations. Furthermore, it outperforms an existing state-of-the-art hyperproperty verifier and a modular CHC-based verifier on benchmarks with loops or recursion.
AB - Verifying secure information flow by reducing it to safety verification is a popular approach, based on constructing product programs or self-compositions of given programs. However, most such existing efforts are non-modular, i.e., they do not infer relational specifications for procedures in interprocedural programs. Such relational specifications can help to verify security properties in a modular fashion, e.g., for verifying clients of library APIs. They also provide security contracts at procedure boundaries to aid code understanding and maintenance. There has been recent interest in constructing modular product programs, but where users are required to provide procedure summaries and related annotations. In this work, we propose to automatically infer relational specifications for procedures in modular product programs. Our approach uses syntax-guided synthesis techniques and grammar templates that target verification of secure information flow properties. This enables automation of modular verification for such properties, thereby reducing the annotation burden. We have implemented our techniques on top of a solver for constrained Horn clauses (CHC). Our evaluation demonstrates that our tool is capable of inferring adequate relational specifications for procedures without requiring annotations. Furthermore, it outperforms an existing state-of-the-art hyperproperty verifier and a modular CHC-based verifier on benchmarks with loops or recursion.
KW - Formal verification
KW - information security
KW - model checking
UR - http://www.scopus.com/inward/record.url?scp=85099233733&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85099233733&partnerID=8YFLogxK
U2 - 10.34727/2020/isbn.978-3-85448-042-6_23
DO - 10.34727/2020/isbn.978-3-85448-042-6_23
M3 - Conference contribution
AN - SCOPUS:85099233733
T3 - Proceedings of the 20th Conference on Formal Methods in Computer-Aided Design, FMCAD 2020
SP - 158
EP - 168
BT - Proceedings of the 20th Conference on Formal Methods in Computer-Aided Design, FMCAD 2020
A2 - Ivrii, Alexander
A2 - Strichman, Ofer
A2 - Hunt, Warren A.
A2 - Weissenbacher, Georg
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 20th International Conference on Formal Methods in Computer-Aided Design, FMCAD 2020
Y2 - 21 September 2020 through 24 September 2020
ER -