Robust Declassification by Incremental Typing
Security of software systems has to be preserved while they grow and change incrementally. The problem is to make the analysis of their security properties adhere to such a development. In particular we concentrate here on static type systems. Given a non-incremental type system, the algorithm we propose permits using it incrementally, so avoiding to develop new incremental versions of it. As a proof-of-concept we show how our technique permits an incremental checking of non-interference with robust declassification, starting from the classical type system by Myers, Sabelfeld and Zdancewic.
- 4.Busi, M., Degano, P., Galletta, L.: Using standard typing algorithms incrementally. In: 11th NASA Formal Methods, Proceedings. To appear in LNCS. Springer (2019). https://arxiv.org/abs/1808.00225
- 8.Harman, M., O’Hearn, P.: From start-ups to scale-ups: opportunities and open problems for static and dynamic program analysis. In: IEEE International Working Conference on Source Code Analysis and Manipulation (2018)Google Scholar