Abstract
Contract-based design is a promising methodology for taming the complexity of developing sophisticated systems. A formal contract distinguishes between assumptions, which are constraints that the designer of a component puts on the environments in which the component can be used safely, and guarantees, which are promises that the designer asks from the team that implements the component. A theory of formal contracts can be formalized as an interface theory, which supports the composition and refinement of both assumptions and guarantees.
Although there is a rich landscape of contract-based design methods that address functional and extra-functional properties, we present the first interface theory that is designed for ensuring system-wide security properties. Our framework provides a refinement relation and a composition operation that support both incremental design and independent implementability. We develop our theory for both stateless and stateful interfaces. We illustrate the applicability of our framework with an example inspired from the automotive domain.
This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 956123 and was funded in part by the FWF project W1255-N23 and by the ERC-2020-AdG 101020093.
Chapter PDF
Similar content being viewed by others
References
de Alfaro, L., Henzinger, T.A.: Interface automata. In: European Software Engineering Conference/Foundations on Software Engineering (ESEC/FSE). p. 109120. ACM (2001). https://doi.org/10.1145/503209.503226
de Alfaro, L., Henzinger, T.A.: Interface theories for component-based design. In: Embedded Software. LNCS, vol. 2211, pp. 148–165. Springer (2001). https://doi.org/10.1007/3-540-45449-7_11
de Alfaro, L., Henzinger, T.A.: Interface-based design. In: Engineering Theories of Software Intensive Systems. NATO Science Series (Series II: Mathematics, Physics and Chemistry), vol. 195, pp. 83–104. Springer Netherlands (2005). https://doi.org/10.1007/1-4020-3532-2_3
de Alfaro, L., Henzinger, T.A., Stoelinga, M.: Timed interfaces. In: Embedded Software. LNCS, vol. 2491, pp. 108–122. Springer (2002). https://doi.org/10.1007/3-540-45828-X_9
Alur, R., Henzinger, T.A., Kupferman, O., Vardi, M.Y.: Alternating refinement relations. In: CONCUR’98 Concurrency Theory. LNCS, vol. 1466, pp. 163–178. Springer (1998). https://doi.org/10.1007/BFb0055622
Balliu, M., Dam, M., Le Guernic, G.: Epistemic temporal logic for information flow security. In: Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security (PLAS). pp. 1–12. ACM (2011). https://doi.org/10.1145/2166956.2166962
Benadjila, R., Renard, M., Lopes-Esteves, J., Kasmi, C.: One car, two frames: attacks on hitag-2 remote keyless entry systems revisited. In: 11th USENIX Workshop on Offensive Technologies (2017)
Benveniste, A., Caillaud, B., Nickovic, D., Passerone, R., Raclet, J., Reinkemeier, P., Sangiovanni-Vincentelli, A.L., Damm, W., Henzinger, T.A., Larsen, K.G.: Contracts for system design. Foundations and Trends in Electronic Design Automation 12(2-3), 124–400 (2018). https://doi.org/10.1561/1000000053
Bozzelli, L., Maubert, B., Pinchinat, S.: Unifying hyper and epistemic temporal logics. In: Foundations of Software Science and Computation Structures (FoSSaCS). LNCS, vol. 9034, pp. 167–182. Springer (2015). https://doi.org/10.1007/978-3-662-46678-0_11
Chakrabarti, A., de Alfaro, L., Henzinger, T.A., Stoelinga, M.: Resource interfaces. In: Embedded Software. LNCS, vol. 2855, pp. 117–133. Springer (2003). https://doi.org/10.1007/978-3-540-45212-6_9
Clarkson, M.R., Finkbeiner, B., Koleini, M., Micinski, K.K., Rabe, M.N., Sánchez, C.: Temporal logics for hyperproperties. In: Principles of Security and Trust (POST). LNCS, vol. 8414, pp. 265–284. Springer (2014). https://doi.org/10.1007/978-3-642-54792-8_15
Clarkson, M.R., Schneider, F.B.: Hyperproperties. Journal of Computer Security 18(6), 1157–1210 (2010). https://doi.org/10.3233/JCS-2009-0393
David, A., Larsen, K.G., Legay, A., Nyman, U., Wasowski, A.: Timed I/O automata: a complete specification theory for real-time systems. In: Proceedings of the 13th ACM International Conference on Hybrid Systems: Computation and Control (HSCC). pp. 91–100. ACM (2010). https://doi.org/10.1145/1755952.1755967
Floyd, R.W.: Assigning meanings to programs. Proceedings of Symposium on Applied Mathematics 19, 19–32 (1967). https://doi.org/10.1007/978-94-011-1793-7_4
Focardi, R., Maffei, M.: Types for security protocols. Formal Models and Techniques for Analyzing Security Protocols 5, 143–181 (2011). https://doi.org/10.3233/978-1-60750-714-7-143
Graf, J., Hecker, M., Mohr, M.: Using JOANA for information flow control in Java programs - a practical guide. In: Software Engineering 2013 - Workshopband. LNI, vol. P-215, pp. 123–138. Gesellschaft für Informatik e.V. (2013), https://dl.gi.de/20.500.12116/17361
Hamilton, M.D., Tunstall, M., Popovici, E.M., Marnane, W.P.: Side channel analysis of an automotive microprocessor. In: IET Irish Signals and Systems Conference (ISSC). pp. 4–9. Institution of Engineering and Technology (2008). https://doi.org/10.1049/cp:20080630
Hammer, C., Snelting, G.: Flow-sensitive, context-sensitive, and object-sensitive information flow control based on program dependence graphs. International Journal of Information Security 8(6), 399–422 (2009). https://doi.org/10.1007/s10207-009-0086-1
Hoare, C.A.R.: An axiomatic basis for computer programming. Communications of the ACM 12(10), 576–580 (1969). https://doi.org/10.1145/363235.363259
Larsen, K.G., Nyman, U., Wasowski, A.: Interface input/output automata. In: Misra, J., Nipkow, T., Sekerinski, E. (eds.) International Symposium on Formal Methods (FM). LNCS, vol. 4085, pp. 82–97. Springer (2006). https://doi.org/10.1007/11813040_7
Lee, M., D’Argenio, P.R.: Describing secure interfaces with interface automata. Electronic Notes in Theoretical Computer Science 264(1), 107–123 (2010). https://doi.org/10.1016/j.entcs.2010.07.008
Mantel, H.: On the composition of secure systems. In: IEEE Symposium on Security and Privacy. pp. 88–101. IEEE Computer Society (2002). https://doi.org/10.1109/SECPRI.2002.1004364
Mantel, H., Sands, D., Sudbrock, H.: Assumptions and guarantees for compositional noninterference. In: IEEE Computer Security Foundations Symposium (CSF). pp. 218–232. IEEE (2011). https://doi.org/10.1109/CSF.2011.22
Meyer, B.: Applying ‘design by contract’. Computer 25(10), 40–51 (1992). https://doi.org/10.1109/2.161279
Mikulcak, M., Herber, P., Göthel, T., Glesner, S.: Information flow analysis of combined simulink/stateflow models. Information Technology And Control 48(2), 299–315 (2019). https://doi.org/10.5755/j01.itc.48.2.21759
Pnueli, A.: The temporal logic of programs. In: Annual Symposium on Foundations of Computer Science (FOCS). pp. 46–57. IEEE Computer Society (1977). https://doi.org/10.1109/SFCS.1977.32
Raclet, J.B., Badouel, E., Benveniste, A., Caillaud, B., Legay, A., Passerone, R.: A modal interface theory for component-based design. Fundamenta Informaticae 108(1-2), 119–149 (2011). https://doi.org/10.3233/FI-2011-416
Ratasich, D., Khalid, F., Geissler, F., Grosu, R., Shafique, M., Bartocci, E.: A roadmap toward the resilient internet of things for cyber-physical systems. IEEE Access 7, 13260–13283 (2019). https://doi.org/10.1109/ACCESS.2019.2891969
Sabelfeld, A., Myers, A.C.: Language-based information-flow security. IEEE Journal on Selected Areas in Communications 21(1), 5–19 (2003). https://doi.org/10.1109/JSAC.2002.806121
Schneider, F.B.: Enforceable security policies. ACM Transactions on Information and System Security 3(1), 30–50 (2000). https://doi.org/10.1145/353323.353382
Tripakis, S., Lickly, B., Henzinger, T.A., Lee, E.A.: A theory of synchronous relational interfaces. ACM Transactions on Programming Languages and Systems (TOPLAS) 33(4), 14 (2011). https://doi.org/10.1145/1985342.1985345
Verdult, R., Garcia, F.D., Balasch, J.: Gone in 360 seconds: Hijacking with hitag2. In: 21st USENIX Security Symposium. pp. 237–252 (2012)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Open Access This chapter is licensed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license and indicate if changes were made.
The images or other third party material in this chapter are included in the chapter's Creative Commons license, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons license and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder.
Copyright information
© 2022 The Author(s)
About this paper
Cite this paper
Bartocci, E., Ferrère, T., Henzinger, T.A., Nickovic, D., da Costa, A.O. (2022). Information-flow Interfaces. In: Johnsen, E.B., Wimmer, M. (eds) Fundamental Approaches to Software Engineering. FASE 2022. Lecture Notes in Computer Science, vol 13241. Springer, Cham. https://doi.org/10.1007/978-3-030-99429-7_1
Download citation
DOI: https://doi.org/10.1007/978-3-030-99429-7_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-99428-0
Online ISBN: 978-3-030-99429-7
eBook Packages: Computer ScienceComputer Science (R0)