Abstract
A combination of formal methods and security testing for communication layer of multi-agent systems is proposed and studied. We start with security property called bisimulation process opacity. Unfortunately, this property is undecidable in general so we propose its more realistic variant based on simulation and tests and testing. A test represents an attacker’s (i.e. possibly one of the agents) scenario to obtain some confidential information on systems. Here we consider system to be secure if it cannot be compromised by a given test or set of tests. By test we can express also capabilities of an attacker related to time properties such as time measurement accuracy, duration of tests (attacks), complete lack of attacker’s time information and so on. At the end we state a decidability result for testing.
Work supported by the grant VEGA 1/0778/18, the Spanish Ministry of Science and Innovation and the European Union FEDER Funds under grant CAS18/00106 and TIN2015-65845-C3-2-R and by the JCCM regional project SBPLY/17/180501/000276.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Bryans J., Koutny, M., Ryan, P.: Modelling non-deducibility using Petri Nets. In: Proceedings of the 2nd International Workshop on Security Issues with Petri Nets and other Computational Models (2004)
Bryans, J.W., Koutny, M., Mazaré, L., Ryan, P.Y.A.: Opacity generalised to transition systems. In: Dimitrakos, T., Martinelli, F., Ryan, P.Y.A., Schneider, S. (eds.) FAST 2005. LNCS, vol. 3866, pp. 81–95. Springer, Heidelberg (2006). https://doi.org/10.1007/11679219_7
Clark, D., Hunt, S., Malacaria, P.: A static analysis for quantifying the information flow in a simple imperative programming language. J. Comput. Secur. 15(3), 321–371 (2007)
Clarkson, M.R., Myers, A.C., Schneider, F.B.: Quantifying information flow with beliefs. J. Comput. Secur., (2009, to appear)
De Nicola, R., Hennessy, M.C.B.: Testing equivalences for processes. Theoret. Comput. Sci. 34, 83–133 (1984)
Focardi, R., Gorrieri, R., Martinelli, F.: Information flow analysis in a discrete-time process algebra. In: Proceedings of 13th Computer Security Foundation Workshop. IEEE Computer Society Press (2000)
van Glabbeek, R.J., Smolka, S.A., Steffen, B.: Reactive, generative and stratified models of probabilistic processes. Inf. Comput. 121, 59–80 (1995)
Gorrieri, R., Martinelli, F.: A simple framework for real-time cryptographic protocol analysis with compositional proof rules. Sci. Comput. Program. 50(1–3), 23–49 (2004)
Goguen, J.A., Meseguer, J.: Security policies and security models. In: Proceedings of IEEE Symposium on Security and Privacy (1982)
Gruska, D.P., Ruiz, M.C.: Opacity-enforcing for process algebras. In: CS&P 2018 (2018)
Gruska, D.P., Ruiz, M.C.: Initial process security. In: Specification and Verification CS&P 2017 (2017)
Gruska, D.P.: Process opacity for timed process algebra. In: Voronkov, A., Virbitskaite, I. (eds.) PSI 2014. LNCS, vol. 8974, pp. 151–160. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46823-4_13
Gruska, D.P.: Information flow testing. Fundam. Inf. 128(1–2), 81–95 (2013)
Gruska, D.P.: Informational analysis of security and integrity. Fundam. Inf. 120(3–4), 295–309 (2012)
Gruska, D.P.: Gained and excluded private actions by process observations. Fundam. Inf. 109(3), 281–295 (2011)
Gruska, D.P.: Quantifying security for timed process algebras. Fundam. Inf. 93(1–3), 155–169 (2009)
Gruska, D.P.: Probabilistic information flow security. Fundam. Inf. 85(1–4), 173–187 (2008)
Hansson, H., Jonsson, B.: A calculus for communicating systems with time and probabilities. In: Proceedings of 11th IEEE Real - Time Systems Symposium, Orlando (1990)
López, N., Núñez, M.: An overview of probabilistic process algebras and their equivalences. In: Baier, C., Haverkort, B.R., Hermanns, H., Katoen, J.-P., Siegle, M. (eds.) Validation of Stochastic Systems. LNCS, vol. 2925, pp. 89–123. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24611-4_3
Segala, R., Lynch, N.: Probabilistic simulations for probabilistic processes. Nord. J. Comput. 2(2), 250–273 (1995)
Yi, W., Larsen, K.G.: Testing probabilistic and nondeterministic processes. In: Proceeding Proceedings of the IFIP TC6 - WG6.1 (1992)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Gruska, D.P., Ruiz, M.C. (2019). Security Testing for Multi-Agent Systems. In: Rojas, I., Joya, G., Catala, A. (eds) Advances in Computational Intelligence. IWANN 2019. Lecture Notes in Computer Science(), vol 11506. Springer, Cham. https://doi.org/10.1007/978-3-030-20521-8_58
Download citation
DOI: https://doi.org/10.1007/978-3-030-20521-8_58
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-20520-1
Online ISBN: 978-3-030-20521-8
eBook Packages: Computer ScienceComputer Science (R0)