Chapter

Deductive Software Verification – The KeY Book

Volume 10001 of the series Lecture Notes in Computer Science pp 453-471

Date:

Information Flow Analysis

  • Christoph SchebenAffiliated withKarlsruhe Institute of Technology
  • , Simon GreinerAffiliated withKarlsruhe Institute of Technology Email author 

* Final gross prices may vary according to local VAT.

Get Access

Abstract

Information flow analysis detects and controls how sensitive information is propagated through an application. We give a formal model of what it means for sensitive information to be revealed, as well as an extension of JML that allows for the specification of information flow concerns. We present an approach by which we can verify these JML contracts using KeY. It is based on two symbolic executions of the program.