Normalising Lustre Preserves Security

by   Sanjiva Prasad, et al.

The synchronous reactive data flow language LUSTRE is an expressive language, equipped with a suite of tools for modelling, simulating and model-checking a wide variety of safety-critical systems. A critical intermediate step in the formally certified compilation of LUSTRE involves translation to a well-behaved sub-language called "Normalised LUSTRE" (NLUSTRE). Recently, we proposed a simple Denning-style lattice-based secure information flow type system for NLUSTRE, and proved its soundness by establishing that security-typed programs are non-interfering with respect to the co-inductive stream semantics. In this paper, we propose a similar security type system for unrestricted LUSTRE, and show that Bourke et al.'s semantics-preserving normalisation transformations from LUSTRE to NLUSTRE are security-preserving as well. A novelty is the use of refinement security types for node calls. The main result is the preservation of security types by the normalisation transformations. The soundness of our security typing rules is shown by establishing that well-security-typed programs are non-interfering, via a reduction to type-preservation (here), semantics-preservation (Bourke et al.) and our previous result of non-interference for NLUSTRE.



There are no comments yet.


page 1

page 2

page 3

page 4


Secure Information Flow Typing in LUSTRE

Synchronous reactive data flow is a paradigm that provides a high-level ...

First-order Gradual Information Flow Types with Gradual Guarantees

Gradual type systems seamlessly integrate statically-typed programs with...

Verifying that a compiler preserves concurrent value-dependent information-flow security

It is common to prove by reasoning over source code that programs do not...

A Permission-Dependent Type System for Secure Information Flow Analysis

We introduce a novel type system for enforcing secure information flow i...

Only Connect, Securely

The lattice model proposed by Denning in her seminal work provided secur...

Robust Hyperproperty Preservation for Secure Compilation (Extended Abstract)

We map the space of soundness criteria for secure compilation based on t...

Secure Optimization Through Opaque Observations

Secure applications implement software protections against side-channel ...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.