SecCSL: security concurrent separation logic
Authors
School of Computer Science and Engineering
UNSW,
Sydney 2052, Australia
Abstract
We present SecCSL, a concurrent separation logic for proving expressive, data-dependent information flow security properties of low-level programs. SecCSL is considerably more expressive, while being simpler, than recent compositional information flow logics that cannot reason about pointers, arrays etc. To capture security concerns, SecCSL adopts a relational semantics for its assertions. At the same time it inherits the structure of traditional concurrent separation logics; thus SecCSL reasoning can be automated via symbolic execution. We demonstrate this by implementing SecC, an automatic verifier for a subset of the C programming language, which we apply to a range of benchmarks.
BibTeX Entry
@inproceedings{Ernst_Murray_19,
author = {Gidon Ernst and Toby Murray},
booktitle = { International Conference on Computer Aided Verification},
month = jul,
pages = {208--230},
paperurl = {https://trustworthy.systems/publications/papers/Ernst_Murray_19.pdf},
publisher = {Springer},
title = {{SecCSL}: Security Concurrent Separation Logic},
year = {2019}
}
Full text
BibTeX