Skip to main content
SpringerLink
Log in

Responsibility Analysis by Abstract Interpretation

  • Conference paper
  • First Online:
Static Analysis (SAS 2019)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 11822))

Included in the following conference series:

Abstract

Given a behavior of interest in the program, statically determining the corresponding responsible entity is a task of critical importance, especially in program security. Classical static analysis techniques (e.g. dependency analysis, taint analysis, slicing, etc.) assist programmers in narrowing down the scope of responsibility, but none of them can explicitly identify the responsible entity. Meanwhile, the causality analysis is generally not pertinent for analyzing programs, and the structural equations model (SEM) of actual causality misses some information inherent in programs, making its analysis on programs imprecise. In this paper, a novel definition of responsibility based on the abstraction of event trace semantics is proposed, which can be applied in program security and other scientific fields. Briefly speaking, an entity \(E_{R }\) is responsible for behavior \(\mathcal {B}\), if and only if \(E_{R }\) is free to choose its input value, and such a choice is the first one that ensures the occurrence of \(\mathcal {B}\) in the forthcoming execution. Compared to current analysis methods, the responsibility analysis is more precise. In addition, our definition of responsibility takes into account the cognizance of the observer, which, to the best of our knowledge, is a new innovative idea in program analysis.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Abadi, M., Banerjee, A., Heintze, N., Riecke, J.G.: A core calculus of dependency. In: POPL, pp. 147–160. ACM (1999)

    Google Scholar 

  2. Agrawal, H., Horgan, J.R.: Dynamic program slicing. In: PLDI, pp. 246–256. ACM (1990)

    Google Scholar 

  3. Ball, T., Naik, M., Rajamani, S.K.: From symptom to cause: localizing errors in counterexample traces. In: POPL, pp. 97–105. ACM (2003)

    Google Scholar 

  4. Beebee, H., Hitchcock, C., Menzie, P.: The Oxford Handbook of Causation. Oxford University Press, Oxford (2009)

    Google Scholar 

  5. Beer, I., Ben-David, S., Chockler, H., Orni, A., Trefler, R.J.: Explaining counterexamples using causality. Form. Methods Syst. Des. 40(1), 20–40 (2012)

    Article  Google Scholar 

  6. Chen, B., Pearl, J., Bareinboim, E.: Incorporating knowledge into structural equation models using auxiliary variables. In: IJCAI, pp. 3577–3583. IJCAI/AAAI Press (2016)

    Google Scholar 

  7. Cheney, J., Ahmed, A., Acar, U.A.: Provenance as dependency analysis. Math. Struct. Comput. Sci. 21(6), 1301–1337 (2011)

    Article  MathSciNet  Google Scholar 

  8. Chockler, H., Halpern, J.Y.: Responsibility and blame: a structural-model approach. J. Artif. Intell. Res. 22, 93–115 (2004)

    Article  MathSciNet  Google Scholar 

  9. Chockler, H., Halpern, J.Y., Kupferman, O.: What causes a system to satisfy a specification? ACM Trans. Comput. Log. 9(3), 20:1–20:26 (2008)

    Article  MathSciNet  Google Scholar 

  10. Christopher, W.J.: Structural Equation Models, From Paths to Networks. Studies in Systems, Decision and Control, vol. 22. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-16507-3

    Book  Google Scholar 

  11. Cousot, P., Cousot, R.: Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: POPL, pp. 238–252. ACM (1977)

    Google Scholar 

  12. Cousot, P., Cousot, R.: Systematic design of program analysis frameworks. In: POPL, pp. 269–282. ACM Press (1979)

    Google Scholar 

  13. Deng, C., Cousot, P.: Responsibility analysis by abstract interpretation. arXiv:1907.08251 [cs.PL] (2019)

  14. Dillig, I., Dillig, T., Aiken, A.: Automated error diagnosis using abductive inference. In: PLDI, pp. 181–192. ACM (2012)

    Google Scholar 

  15. Frankle, J., Park, S., Shaar, D., Goldwasser, S., Weitzner, D.J.: Practical accountability of secret processes. In: USENIX Security Symposium, pp. 657–674. USENIX Association (2018)

    Google Scholar 

  16. Goguen, J.A., Meseguer, J.: Security policies and security models. In: IEEE Symposium on Security and Privacy, pp. 11–20. IEEE Computer Society (1982)

    Google Scholar 

  17. Griesmayer, A., Staber, S., Bloem, R.: Automated fault localization for C programs. Electr. Notes Theor. Comput. Sci. 174(4), 95–111 (2007)

    Article  Google Scholar 

  18. Groce, A., Chaki, S., Kroening, D., Strichman, O.: Error explanation with distance metrics. STTT 8(3), 229–247 (2006)

    Article  Google Scholar 

  19. Halpern, J.Y., Pearl, J.: Causes and explanations: a structural-model approach: Part 1: Causes. In: UAI, pp. 194–202. Morgan Kaufmann (2001)

    Google Scholar 

  20. Halpern, J.Y., Pearl, J.: Causes and explanations: a structural-model approach. Part I: causes. The Br. J. Philos. Sci. 56(4), 843–887 (2005)

    Article  Google Scholar 

  21. Hangal, S., Lam, M.S.: Tracking down software bugs using automatic anomaly detection. In: ICSE, pp. 291–301. ACM (2002)

    Google Scholar 

  22. Hume, D.: An Enquiry Concerning Human Understanding. A. Millar, London (1748). http://www.davidhume.org/texts/ehu.html

  23. Jagadeesan, R., Jeffrey, A., Pitcher, C., Riely, J.: Towards a theory of accountability and audit. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 152–167. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04444-1_10

    Chapter  Google Scholar 

  24. Jin, H.S., Ravi, K., Somenzi, F.: Fate and FreeWill in error traces. In: Katoen, J.-P., Stevens, P. (eds.) TACAS 2002. LNCS, vol. 2280, pp. 445–459. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-46002-0_31

    Chapter  MATH  Google Scholar 

  25. Jose, M., Majumdar, R.: Cause clue clauses: error localization using maximum satisfiability. In: PLDI, pp. 437–446. ACM (2011)

    Article  Google Scholar 

  26. King, D., Jaeger, T., Jha, S., Seshia, S.A.: Effective blame for information-flow violations. In: SIGSOFT FSE, pp. 250–260. ACM (2008)

    Google Scholar 

  27. Korel, B., Rilling, J.: Dynamic program slicing methods. Inf. Softw. Technol. 40(11–12), 647–659 (1998)

    Article  Google Scholar 

  28. Lewis, D.: Causation. J. Philos. 70(17), 556–567 (1973)

    Article  Google Scholar 

  29. Menzies, P.: Counterfactual theories of causation. In: Zalta, E.N. (ed.) The Stanford Encyclopedia of Philosophy. Metaphysics Research Lab, Stanford University, Winter 2017 edn. (2017)

    Google Scholar 

  30. Pearl, J.: Causality: Models, Reasoning and Inference, 2nd edn. Cambridge University Press, Cambridge (2013)

    MATH  Google Scholar 

  31. Pistoia, M., Flynn, R.J., Koved, L., Sreedhar, V.C.: Interprocedural analysis for privileged code placement and tainted variable detection. In: Black, A.P. (ed.) ECOOP 2005. LNCS, vol. 3586, pp. 362–386. Springer, Heidelberg (2005). https://doi.org/10.1007/11531142_16

    Chapter  Google Scholar 

  32. Qi, D., Roychoudhury, A., Liang, Z., Vaswani, K.: Darwin: an approach for debugging evolving programs. In: ESEC/SIGSOFT FSE, pp. 33–42. ACM (2009)

    Google Scholar 

  33. Ravi, K., Somenzi, F.: Minimal assignments for bounded model checking. In: Jensen, K., Podelski, A. (eds.) TACAS 2004. LNCS, vol. 2988, pp. 31–45. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24730-2_3

    Chapter  MATH  Google Scholar 

  34. Renieris, M., Reiss, S.P.: Fault localization with nearest neighbor queries. In: ASE, pp. 30–39. IEEE Computer Society (2003)

    Google Scholar 

  35. Rival, X.: Understanding the Origin of Alarms in Astrée. In: Hankin, C., Siveroni, I. (eds.) SAS 2005. LNCS, vol. 3672, pp. 303–319. Springer, Heidelberg (2005). https://doi.org/10.1007/11547662_21

    Chapter  Google Scholar 

  36. van Sliedregt, E.: Individual Criminal Responsibility in International Law. Oxford Monographs in International Law. Oxford University Press, Oxford (2012)

    Google Scholar 

  37. Urban, C., Müller, P.: An abstract interpretation framework for input data usage. In: Ahmed, A. (ed.) ESOP 2018. LNCS, vol. 10801, pp. 683–710. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-89884-1_24

    Chapter  Google Scholar 

  38. Weiser, M.: Program slicing. In: ICSE, pp. 439–449. IEEE Computer Society (1981)

    Google Scholar 

  39. Weiser, M.: Program slicing. IEEE Trans. Softw. Eng. 10(4), 352–357 (1984)

    Article  Google Scholar 

  40. Weitzner, D.J., Abelson, H., Berners-Lee, T., Feigenbaum, J., Hendler, J.A., Sussman, G.J.: Information accountability. Commun. ACM 51(6), 82–87 (2008)

    Article  Google Scholar 

Download references

Acknowledgment

This work was supported in part by NSF Grant CNS-1446511. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the National Science Foundation. P. Cousot thanks Marco Pistoia for initial discussions on responsibility while visiting the Thomas J. Watson Research Center at Hawthorne in 2005.

Author information

Authors and Affiliations

  1. Computer Science Department, New York University, New York, USA

    Chaoqiang Deng & Patrick Cousot

Authors
  1. Chaoqiang Deng
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Patrick Cousot
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Patrick Cousot .

Editor information

Editors and Affiliations

  1. University of Colorado, Boulder, CO, USA

    Bor-Yuh Evan Chang

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Deng, C., Cousot, P. (2019). Responsibility Analysis by Abstract Interpretation. In: Chang, BY. (eds) Static Analysis. SAS 2019. Lecture Notes in Computer Science(), vol 11822. Springer, Cham. https://doi.org/10.1007/978-3-030-32304-2_18

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-32304-2_18

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-32303-5

  • Online ISBN: 978-3-030-32304-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation