CISPA
Browse

Finding ∀∃ Hyperbugs using Symbolic Execution

Download (764.83 kB)
journal contribution
posted on 2024-11-08, 08:34 authored by Arthur CorrensonArthur Correnson, Tobias Nießen, Bernd FinkbeinerBernd Finkbeiner, Georg Weissenbacher
Many important hyperproperties, such as refinement and generalized non-interference, fall into the class of ∀∃ hyperproperties and require, for each execution trace of a system, the existence of another trace relating to the first one in a certain way. The alternation of quantifiers renders ∀∃ hyperproperties extremely difficult to verify, or even just to test. Indeed, contrary to trace properties, where it suffices to find a single counterexample trace, refuting a ∀∃ hyperproperty requires not only to find a trace, but also a proof that no second trace satisfies the specified relation with the first trace. As a consequence, automated testing of ∀∃ hyperproperties falls out of the scope of existing automated testing tools. In this paper, we present a fully automated approach to detect violations of ∀∃ hyperproperties in software systems. Our approach extends bug-finding techniques based on symbolic execution with support for trace quantification. We provide a prototype implementation of our approach, and demonstrate its effectiveness on a set of challenging examples.

History

Primary Research Area

  • Reliable Security Guarantees

Journal

Proceedings of the ACM on Programming Languages

Volume

8

Page Range

1420-1445

Publisher

Association for Computing Machinery (ACM)

Open Access Type

  • Gold

Sub Type

  • Article

BibTeX

@article{Correnson:Nießen:Finkbeiner:Weissenbacher:2024, title = "Finding ∀∃ Hyperbugs using Symbolic Execution", author = "Correnson, Arthur" AND "Nießen, Tobias" AND "Finkbeiner, Bernd" AND "Weissenbacher, Georg", year = 2024, month = 10, journal = "Proceedings of the ACM on Programming Languages", number = "OOPSLA2", pages = "1420--1445", publisher = "Association for Computing Machinery (ACM)", issn = "2475-1421", doi = "10.1145/3689761" }

Usage metrics

    Categories

    No categories selected

    Licence

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC