Annabelle McIver

Compact Course: Prof. Dr. Annabelle McIver, Macquarie University, Sydney,
Australia

"Refinement, Probability and Security"

Seminar Room I11 (ground floor, Room 2002, "Altbau")

9.11., 13:30: Lecture 1 Probability, nondeterminism and refinement
10.11., 13:30: Lecture 2 Shadow semantics for security-aware refinement
11.11., 16:00: Lecture 3 Probabilistic Shadow Semantics for quantitative security refinement

(click titles for the slides)

Stepwise refinement [Wirth 71] is the top-down presentation of a software system's functionality as a sequence of layers of increasing detail, beginning with the very abstract and ending with the very concrete, and with each layer an
incremental "refinement" of the previous one. Making the separation between layers small means that each refinement step can be kept under conceptual control, in many cases even verified correct. Even though actually developing
systems this way remains a theoretical ideal (sometime achieved), the refinement framework is in practice provides a framework for encouraging correct, accountable and even efficient code.

Lecture 1: Probability, nondeterminism and refinement

In this lecture we'll introduce the basic semantic structures for sequential programs containing both probability and demonic nondeterminism [McIver 05]. The role of determinism nondetermism is that, interpreted during development time, it corresponds to the abstraction of detail that forms the basis for stepwise refinement. Without it, proper refinement of probabilistic systems is not possible, in theory or in practice. We'll look at the underlying domains for operational (relational-style) semantics and a correponding quantitative program logic together with some applications to verification.

Lecture 2: Shadow semantics for security-aware refinement

This lecture describes recent advances in the stepwise-refinement method that incorporate the identification and preservation of security properties [Morgan09, McIver09]. The model and logic presented is inspired by, but abstracted
from, the probabilistic refinement discussed in Lecture 1 . The objectives of this lecture are to describe the underlying mathematics and resulting restrictions to standard refinement required in order to ensure that security properties are preserved. The methods will be illustrated by secure refinement laws and the verification of a non-trivial case study.

Lecture 3: Probabilistic Shadow Semantics for quantitative security refinement

This lecture takes the model from Lecture 2, which had no probability, and reintroduces probability in order to reason about programs that are proof against more powerful attackers. We'll spend some time looking at the underlying probabilistic domain for security and its associated refinement relation. Finally we'll show how, in spite of the abstractions made in the Shadow Semantics, we can promote verification in that simpler context to the more discriminating probabilistic context.

[Wirth 71] Program Development by Stepwise Refinement, Niklaus Wirth, Communications of the ACM, Vol 14, No. 4, April 1971.
[McIver 05] Abstraction, Refinement and Proof for Probabilistic Systems, A McIver and C Morgan, Monographs in Computer Science, Springer, 2005.
[Morgan 09] The Shadow Knows: Refinement of Ignorance in sequential programs, C Morgan, Science of Computer Programming vol. 74(8) (629--653) 2009.
[McIver 09] Sums and Lovers: Case studies in security and refinement, FM09 (to appear).

BSc/MSc/Diploma Topics
Teaching WS 2012/13
Hybrid Systems Group

We are looking for a HiWi for the Compiler Construction course. If you are interested, please contact Thomas Noll.

Joost-Pieter Katoen has been appointed as a member of the renowned Academia Europaea (Academy of Europe), a European, non-governmental association acting as an Academy whose members are scientists and scholars who collectively aim to promote learning, education and research.

Vacancies for postdoctoral researchers in "Automated Analysis of Probabilistic Programs". Application deadline: August 15, 2013.

Joost-Pieter Katoen has been awarded a Distinguished Professorship from the RWTH Aachen University.

The Hybrid Systems: Computation and Control (HSCC'13) conference in Philadelphia has been very successful: Hongfei Fu received the best student paper award for his paper "Approximating acceptance probabilities of CTMC-paths on multi-clock deterministic timed automata". Besides, the paper by Ilya Tkachev, Alexandru Mereacre, Alessandro Abate and Joost-Pieter Katoen was ranked second in the overall best paper award selection.

Joost-Pieter Katoen has been elected as Steering Committee Chair of ETAPS (www.etaps.org), the largest conference on theory and practice of software in Europe. He is the first non-UK ETAPS SC chair since the conference was initiated in 1998. More information here.

The Alumni-Magazine of RWTH Aachen University contains an interview with our former PhD student and postdoctoral researcher, Dr. Tingting Han.

HiWi's wanted to work in a new European Space Agency project for enhancing state-of-the-art design and analysis tools (COMPASS) for the next generation European rockets. Need programming and model checking affinity. See here for details and contact.

We offer openings for several PhD candidates in the area of
"Model-Based Design and Analysis for Dependable Software Systems". Deadline for application: September 14, 2012. For further information click here.

The Theory of Hybrid Systems Group offers two jobs as student assistants within the CEBug project. For more information, look here.

Dino Distefano received the prestigious Roger Needham Award for his work on software verification. This award is for a distinguished research contribution in computer science by a UK based researcher who has completed up to 10 years of post-doctoral research. Dr. Distefano was the first PhD student supervised by Joost-Pieter Katoen.

Marijn Jongerden received the German MMB (Messung, Modellierung und Bewertung von Rechensystemen) Award 2012 of the GI/ITG-Committee for Measurement, Modelling and Evaluation of Computing Systems for his PhD-thesis on "Model-based energy analysis of battery powered systems". His work was supervised by Boudewijn Haverkort (Twente) and Joost-Pieter Katoen.

Our paper "Formal Correctness, Safety, Dependability and Performance Analysis of a Satellite" has been accepted to ICSE 2012 in the track SE in Practice (18% acceptance rate). The paper treats a new satellite from the European Space Agency that was modeled and analyzed with modern tools during the actual satellite design.

Joost-Pieter Katoen will act as DJ in the "Nacht der Professoren" in the Apollo bar and cinema.