Model Checking Information Flow in Reactive Systems

  • Rayna Dimitrova
  • Bernd Finkbeiner
  • Máté Kovács
  • Markus N. Rabe
  • Helmut Seidl
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7148)


Most analysis methods for information flow properties do not consider temporal restrictions. In practice, however, such properties rarely occur statically, but have to consider constraints such as when and under which conditions a variable has to be kept secret. In this paper, we propose a natural integration of information flow properties into linear-time temporal logics (LTL). We add a new modal operator, the hide operator, expressing that the observable behavior of a system is independent of the valuations of a secret variable. We provide a complexity analysis for the model checking problem of the resulting logic SecLTL and we identify an expressive fragment for which this question is efficiently decidable. We also show that the path based nature of the hide operator allows for seamless integration into branching time logics.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Vardi, M.Y., Wolper, P.: Reasoning about infinite computations. Inf. Comput. 115, 1–37 (1994)MathSciNetCrossRefzbMATHGoogle Scholar
  2. 2.
    Kupferman, O., Vardi, M.Y., Wolper, P.: An automata-theoretic approach to branching-time model checking. J. ACM 47, 312–360 (2000)MathSciNetCrossRefzbMATHGoogle Scholar
  3. 3.
    Vardi, M.Y.: Alternating Automata and Program Verification. In: van Leeuwen, J. (ed.) Computer Science Today. LNCS, vol. 1000, pp. 471–485. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  4. 4.
    Goguen, J.A., Meseguer, J.: Security policies and security models. In: IEEE Symposium on Security and Privacy, pp. 11–20 (1982)Google Scholar
  5. 5.
    Zdancewic, S., Myers, A.C.: Observational determinism for concurrent program security. In: Proc. 16th IEEE Computer Security Foundations Workshop (2003)Google Scholar
  6. 6.
    Broberg, N., Sands, D.: Paralocks – role-based information flow control and beyond. In: Proc. of POPL 2010 (2010)Google Scholar
  7. 7.
    Askarov, A., Myers, A.: A Semantic Framework for Declassification and Endorsement. In: Gordon, A.D. (ed.) ESOP 2010. LNCS, vol. 6012, pp. 64–84. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  8. 8.
    Alur, R., Černý, P., Zdancewic, S.: Preserving Secrecy Under Refinement. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006. LNCS, vol. 4052, pp. 107–118. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  9. 9.
    Clarkson, M.R., Schneider, F.B.: Hyperproperties. Journal of Computer Security 18, 1157–1210 (2010)CrossRefGoogle Scholar
  10. 10.
    Miyano, S., Hayashi, T.: Alternating finite automata on omega-words. Theor. Comput. Sci. 32, 321–330 (1984)MathSciNetCrossRefzbMATHGoogle Scholar
  11. 11.
    Huisman, M., Worah, P., Sunesen, K.: A temporal logic characterisation of observational determinism. In: CSFW, p. 3. IEEE Computer Society (2006)Google Scholar
  12. 12.
    Fagin, R., Halpern, J.Y., Moses, Y., Vardi, M.Y.: Reasoning About Knowledge. MIT Press (1995)Google Scholar
  13. 13.
    van der Meyden, R., Shilov, N.V.: Model Checking Knowledge and Time in Systems with Perfect Recall. In: Pandu Rangan, C., Raman, V., Sarukkai, S. (eds.) FST TCS 1999. LNCS, vol. 1738, pp. 432–445. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  14. 14.
    Shilov, N.V., Garanina, N.O.: Model checking knowledge and fixpoints. In: FICS, pp. 25–39 (2002)Google Scholar
  15. 15.
    Engelhardt, K., Gammie, P., van der Meyden, R.: Model Checking Knowledge and Linear Time: PSPACE Cases. In: Artemov, S., Nerode, A. (eds.) LFCS 2007. LNCS, vol. 4514, pp. 195–211. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  16. 16.
    Balliu, M., Dam, M., Guernic, G.L.: Epistemic temporal logic for information flow security. In: Proc. PLAS 2011 (2011)Google Scholar
  17. 17.
    Alur, R., Černý, P., Chaudhuri, S.: Model Checking on Trees with Path Equivalences. In: Grumberg, O., Huth, M. (eds.) TACAS 2007. LNCS, vol. 4424, pp. 664–678. Springer, Heidelberg (2007)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Rayna Dimitrova
    • 1
  • Bernd Finkbeiner
    • 1
  • Máté Kovács
    • 2
  • Markus N. Rabe
    • 1
  • Helmut Seidl
    • 2
  1. 1.Universität des SaarlandesGermany
  2. 2.Technische Universität MünchenGermany

Personalised recommendations