A formal framework for software faults and permissions based on unified theory of programming
- 89 Downloads
Safety and security are essential properties required by network and mobile applications. The former is concerned with detection of software faults and recovery from failures, and the latter is mainly about specifying and enforcing security policies. However, how to precisely understand and formally specify essential notations in safety and security disciplines, and how to integrate these properties with functional behaviour of programs, are still open issues. For this sake, in this paper, we propose a formal framework, trying to interpret safety and security notations on a common ontology, and combine security property with functional specification in a unified formalism. Our main contributions are two-folds: first, we formally define the notions of fault, failure and error in the traditional state-based model; and secondly, formally define permission mechanism in Android security system, and represent Hoare triples for security-related actions.
KeywordsSafety Security Faults Semantics Permission Android Formal methods
The authors acknowledge the Shaanxi Province Natural Science Foundation research project (Grant No. 2017JM6105) for support.
- 8.Sari, A., Akkaya, M.: Fault tolerance mechanisms in distributed systems. Int. J. Commun. Netw. Syst. Sci. 8(12), 471–482 (2015)Google Scholar
- 9.Chen, J., Ebnenasir, A., Kulkarni, S.S., et al.: The complexity of adding multitolerance. ACM Trans. Auton. Adapt. Syst. 9(3), 15–48 (2014)Google Scholar
- 17.Long, F., Sidirogloudouskos, S., Rinard, M.C., et al.: Automatic runtime error repair and containment via recovery shepherding. Program. Lang. Des. Implement. 49(6), 227–238 (2014)Google Scholar
- 19.Arzt, S., Rasthofer, S., Fritz, C., et al.: FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps. Program. Lang. Des. Implement. 49(6), 259–269 (2014)Google Scholar