Advertisement

Parametric Timed Model Checking for Guaranteeing Timed Opacity

  • Étienne AndréEmail author
  • Jun Sun
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11781)

Abstract

Information leakage can have dramatic consequences on systems security. Among harmful information leaks, the timing information leakage is the ability for an attacker to deduce internal information depending on the system execution time. We address the following problem: given a timed system, synthesize the execution times for which one cannot deduce whether the system performed some secret behavior. We solve this problem in the setting of timed automata (TAs). We first provide a general solution, and then extend the problem to parametric TAs, by synthesizing internal timings making the TA secure. We study decidability, devise algorithms, and show that our method can also apply to program analysis.

Notes

Acknowledgements

We thank Sudipta Chattopadhyay for helpful suggestions, Jiaying Li for his help with preliminary model conversion, and a reviewer for suggesting Remark 1.

References

  1. 1.
    Abbasi, I.H., Lodhi, F.K., Kamboh, A.M., Hasan, O.: Formal verification of gate-level multiple side channel parameters to detect hardware Trojans. In: Artho, C., Ölveczky, P.C. (eds.) FTSCS 2016. CCIS, vol. 694, pp. 75–92. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-53946-1_5CrossRefGoogle Scholar
  2. 2.
    Alur, R., Dill, D.L.: A theory of timed automata. TCS 126(2), 183–235 (1994).  https://doi.org/10.1016/0304-3975(94)90010-8MathSciNetCrossRefzbMATHGoogle Scholar
  3. 3.
    Alur, R., Henzinger, T.A., Vardi, M.Y.: Parametric real-time reasoning. In: Kosaraju, S.R., Johnson, D.S., Aggarwal, A. (eds.) STOC, pp. 592–601. ACM, New York (1993).  https://doi.org/10.1145/167088.167242
  4. 4.
    André, É.: What’s decidable about parametric timed automata? STTT 21(2), 203–219 (2019).  https://doi.org/10.1007/s10009-017-0467-0CrossRefGoogle Scholar
  5. 5.
    André, É., Chatain, T., Encrenaz, E., Fribourg, L.: An inverse method for parametric timed automata. IJFCS 20(5), 819–836 (2009).  https://doi.org/10.1142/S0129054109006905MathSciNetCrossRefzbMATHGoogle Scholar
  6. 6.
    André, É., Fribourg, L., Kühne, U., Soulat, R.: IMITATOR 2.5: a tool for analyzing robustness in scheduling problems. In: Giannakopoulou, D., Méry, D. (eds.) FM 2012. LNCS, vol. 7436, pp. 33–36. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-32759-9_6CrossRefGoogle Scholar
  7. 7.
    Barbuti, R., Francesco, N.D., Santone, A., Tesei, L.: A notion of non-interference for timed automata. FI 51(1–2), 1–11 (2002)MathSciNetzbMATHGoogle Scholar
  8. 8.
    Benattar, G., Cassez, F., Lime, D., Roux, O.H.: Control and synthesis of non-interferent timed systems. Int. J. Control 88(2), 217–236 (2015).  https://doi.org/10.1080/00207179.2014.944356MathSciNetCrossRefzbMATHGoogle Scholar
  9. 9.
    Cassez, F.: The dark side of timed opacity. In: Park, J.H., Chen, H.-H., Atiquzzaman, M., Lee, C., Kim, T., Yeo, S.-S. (eds.) ISA 2009. LNCS, vol. 5576, pp. 21–30. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-02617-1_3CrossRefGoogle Scholar
  10. 10.
    Chattopadhyay, S., Roychoudhury, A.: Scalable and precise refinement of cache timing analysis via model checking. In: RTSS, pp. 193–203 (2011).  https://doi.org/10.1109/RTSS.2011.25
  11. 11.
    Chu, D., Jaffar, J., Maghareh, R.: Precise cache timing analysis via symbolic execution. In: RTAS, pp. 293–304 (2016).  https://doi.org/10.1109/RTAS.2016.7461358
  12. 12.
    Doychev, G., Feld, D., Köpf, B., Mauborgne, L., Reineke, J.: Cacheaudit: a tool for the static analysis of cache side channels. In: King, S.T. (ed.) USENIX Security Symposium, pp. 431–446. USENIX Association (2013)Google Scholar
  13. 13.
    Gardey, G., Mullins, J., Roux, O.H.: Non-interference control synthesis for security timed automata. ENTCS 180(1), 35–53 (2007).  https://doi.org/10.1016/j.entcs.2005.05.046CrossRefzbMATHGoogle Scholar
  14. 14.
    Hune, T., Romijn, J., Stoelinga, M., Vaandrager, F.W.: Linear parametric model checking of timed automata. JLAP 52–53, 183–220 (2002).  https://doi.org/10.1016/S1567-8326(02)00037-1MathSciNetCrossRefzbMATHGoogle Scholar
  15. 15.
    Jovanović, A., Lime, D., Roux, O.H.: Integer parameter synthesis for real-time systems. TSE 41(5), 445–461 (2015).  https://doi.org/10.1109/TSE.2014.2357445CrossRefGoogle Scholar
  16. 16.
    Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996).  https://doi.org/10.1007/3-540-68697-5_9CrossRefGoogle Scholar
  17. 17.
    Lv, M., Yi, W., Guan, N., Yu, G.: Combining abstract interpretation with model checking for timing analysis of multicore software. In: RTSS, pp. 339–349. IEEE Computer Society (2010).  https://doi.org/10.1109/RTSS.2010.30
  18. 18.
    Nielson, F., Nielson, H.R., Vasilikos, P.: Information flow for timed automata. In: Aceto, L., Bacci, G., Bacci, G., Ingólfsdóttir, A., Legay, A., Mardare, R. (eds.) Models, Algorithms, Logics and Tools. LNCS, vol. 10460, pp. 3–21. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-63121-9_1CrossRefGoogle Scholar
  19. 19.
    Vasilikos, P., Nielson, F., Nielson, H.R.: Secure information release in timed automata. In: Bauer, L., Küsters, R. (eds.) POST 2018. LNCS, vol. 10804, pp. 28–52. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-89722-6_2CrossRefGoogle Scholar
  20. 20.
    Wang, C., Schaumont, P.: Security by compilation: an automated approach to comprehensive side-channel resistance. SIGLOG News 4(2), 76–89 (2017).  https://doi.org/10.1145/3090064.3090071CrossRefGoogle Scholar
  21. 21.
    Wu, M., Guo, S., Schaumont, P., Wang, C.: Eliminating timing side-channel leaks using program repair. In: Tip, F., Bodden, E. (eds.) ISSTA, pp. 15–26. ACM (2018).  https://doi.org/10.1145/3213846.3213851
  22. 22.
    Zhang, J., Gao, P., Song, F., Wang, C.: SCInfer: refinement-based verification of software countermeasures against side-channel attacks. In: Chockler, H., Weissenbacher, G. (eds.) CAV 2018. LNCS, vol. 10982, pp. 157–177. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-96142-2_12CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Université Paris 13, LIPN, CNRS, UMR 7030VilletaneuseFrance
  2. 2.JFLI, CNRSTokyoJapan
  3. 3.National Institute of InformaticsTokyoJapan
  4. 4.School of Information SystemsSingapore Management UniversitySingaporeSingapore

Personalised recommendations