skip to main content
research-article

Testing noninterference, quickly

Published:25 September 2013Publication History
Skip Abstract Section

Abstract

Information-flow control mechanisms are difficult to design and labor intensive to prove correct. To reduce the time wasted on proof attempts doomed to fail due to broken definitions, we advocate modern random testing techniques for finding counterexamples during the design process. We show how to use QuickCheck, a property-based random-testing tool, to guide the design of a simple information-flow abstract machine. We find that both sophisticated strategies for generating well-distributed random programs and readily falsifiable formulations of noninterference properties are critically important. We propose several approaches and evaluate their effectiveness on a collection of injected bugs of varying subtlety. We also present an effective technique for shrinking large counterexamples to minimal, easily comprehensible ones. Taken together, our best methods enable us to quickly and automatically generate simple counterexamples for all these bugs.

References

  1. T. H. Austin and C. Flanagan. Efficient purely-dynamic information flow analysis. In Workshop on Programming Languages and Analysis for Security (PLAS), PLAS. 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. A. Azevedo de Amorim, N. Collins, A. DeHon, D. Demange, C. Hritcu, D. Pichardie, B. C. Pierce, R. Pollack, and A. Tolmach. A verified information-flow architecture. Under submission, July 2013.Google ScholarGoogle Scholar
  3. S. Berghofer and T. Nipkow. Random testing in Isabelle/HOL. In 2nd International Conference on Software Engineering and Formal Methods (SEFM). 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. A. Birgisson, D. Hedin, and A. Sabelfeld. Boosting the permissiveness of dynamic information-flow tracking by testing. In 17th European Symposium on Research in Computer Security, ESORICS. 2012.Google ScholarGoogle ScholarCross RefCross Ref
  5. L. Bulwahn. The new Quickcheck for Isabelle - random, exhaustive and symbolic testing under one roof. In 2nd International Conference on Certified Programs and Proofs (CPP), volume 7679 of Lecture Notes in Computer Science. 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. L. Bulwahn. Smart testing of functional programs in Isabelle. In 18th International Conference on Logic for Programming, Artificial Intelligence, and Reasoning (LPAR), volume 7180 of Lecture Notes in Computer Science. 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. C. Cadar, D. Dunbar, and D. Engler. KLEE: unassisted and automatic generation of high-coverage tests for complex systems programs. In 8th USENIX conference on Operating systems design and implementation, OSDI. 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. C. Cadar, P. Godefroid, S. Khurshid, C. S. Pasareanu, K. Sen, N. Tillmann, and W. Visser. Symbolic execution for software testing in practice: preliminary assessment. In 33rd International Conference on Software Engineering, ICSE '11. 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. K. Claessen and J. Hughes. QuickCheck: a lightweight tool for random testing of Haskell programs. In 5th ACM SIGPLAN International Conference on Functional Programming, ICFP. 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. P. Dybjer, Q. Haiyan, and M. Takeyama. Combining testing and proving in dependent type theory. In 16th International Conference on Theorem Proving in Higher Order Logics (TPHOLs), volume 2758 of Lecture Notes in Computer Science. 2003.Google ScholarGoogle ScholarCross RefCross Ref
  11. C. Eastlund. Doublecheck your theorems. In ACL2, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. J. S. Fenton. Memoryless subsystems. The Computer Journal, 17(2):143--147, 1974.Google ScholarGoogle ScholarCross RefCross Ref
  13. P. Godefroid, N. Klarlund, and K. Sen. DART: directed automated random testing. In ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI. 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. J. A. Goguen and J. Meseguer. Unwinding and inference control. In IEEE Symposium on Security and Privacy, 1984.Google ScholarGoogle ScholarCross RefCross Ref
  15. D. Hedin and A. Sabelfeld. Information-flow security for a core of JavaScript. In 25th IEEE Computer Security Foundations Symposium (CSF), CSF. 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. C. Hrit¸cu, M. Greenberg, B. Karel, B. C. Pierce, and G. Morrisett. All your IFCException are belong to us. In 34th IEEE Symposium on Security and Privacy. May 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. J. Hughes. QuickCheck testing for fun and profit. In 9th International Symposium on Practical Aspects of Declarative Languages (PADL), volume 4354 of Lecture Notes in Computer Science. 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. C. Klein, J. Clements, C. Dimoulas, C. Eastlund, M. Felleisen, M. Flatt, J. A. McCarthy, J. Rafkind, S. Tobin-Hochstadt, and R. B. Findler. Run your research: On the effectiveness of lightweight mechanization. In Principles of Programming Languages (POPL), 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. C. Pacheco and M. D. Ernst. Randoop: feedback-directed random testing for Java. In 22nd ACM SIGPLAN Conference on Object-Oriented Programming Systems And Applications, OOPSLA. 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. H. Raju Chamarthi, P. Dillinger, M. Kaufmann, and P. Manolios. Integrating testing and interactive theorem proving. In ACL2, 2011.Google ScholarGoogle ScholarCross RefCross Ref
  21. J. Regehr, Y. Chen, P. Cuoq, E. Eide, C. Ellison, and X. Yang. Testcase reduction for C compiler bugs. In 33rd ACM SIGPLAN conference on Programming Language Design and Implementation. ACM, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. A. Russo and A. Sabelfeld. Dynamic vs. static flow-sensitive security analysis. In 23rd Computer Security Foundations Symposium (CSF), CSF. 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. A. Sabelfeld and A. Myers. Language-based information-flow security. IEEE Journal on Selected Areas in Communications, 21(1):5--19, January 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. A. Sabelfeld and A. Russo. From dynamic to static and back: Riding the roller coaster of information-flow control research. In Ershov Memorial Conference. 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. D. Stefan, A. Russo, J. C. Mitchell, and D. Mazieres. Flexible dynamic information flow control in Haskell. In 4th Symposium on Haskell. 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. N. Williams, B. Marre, and P. Mouy. On-the-fly generation of Kpath tests for C functions. In 19th IEEE International Conference on Automated Software Engineering, ASE. 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. X. Yang, Y. Chen, E. Eide, and J. Regehr. Finding and understanding bugs in C compilers. In ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI. 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. S. A. Zdancewic. Programming Languages for Information Security. PhD thesis, Cornell University, August 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. A. Zeller and R. Hildebrandt. Simplifying and isolating failure-inducing input. IEEE Transactions on Software Engineering, 28(2):183--200, 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Testing noninterference, quickly

        Recommendations

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in

        Full Access

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader
        About Cookies On This Site

        We use cookies to ensure that we give you the best experience on our website.

        Learn more

        Got it!