Safety versus Security in the Quality Calculus

Nielson, Hanne Riis; Nielson, Flemming

doi:10.1007/978-3-642-39698-4_18

Safety versus Security in the Quality Calculus

Hanne Riis Nielson¹⁹ &
Flemming Nielson¹⁹

Chapter

1226 Accesses
4 Citations

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 8051))

Abstract

Safety and security are both needed for ensuring that cyber-physical systems live up to expectations, but often an intelligent trade-off is called for, because sometimes it is impossible to obtain optimal safety at the same time as optimal security. In the context of the Quality Calculus we develop a type system for checking the extent to which safety and security goals have been met.

Safety goals include showing that certain error configurations are in fact not reachable and hence do not require intelligent error handling.

Security goals include showing that highly trusted communications can only be performed in highly trusted contexts. This is potentially too demanding and the Quality Calculus is therefore extended with a primitive for endorsing data to a higher trust level (accepting violations of the explicit flow) and for temporarily asserting a higher trust in the context (accepting violations of the implicit flow).

This is illustrated on a worked example taken from the automotive sector and we conclude with a discussion of the theoretical properties of the type system.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Amadio, R.M.: An asynchronous model of locality, failure and process mobility. In: Garlan, D., Le Métayer, D. (eds.) COORDINATION 1997. LNCS, vol. 1282, pp. 374–391. Springer, Heidelberg (1997)
Chapter Google Scholar
Berger, M., Honda, K.: The two-phase commitment protocol in an extended pi-calculus. Electr. Notes Theor. Comput. Sci. 39(1), 21–46 (2000)
Article MATH Google Scholar
Birgisson, A., Russo, A., Sabelfeld, A.: Unifying facets of information integrity. In: Jha, S., Mathuria, A. (eds.) ICISS 2010. LNCS, vol. 6503, pp. 48–65. Springer, Heidelberg (2010)
Chapter Google Scholar
de Moura, L.M., Bjørner, N.: Satisfiability modulo theories: introduction and applications. Commun. ACM 54(9), 69–77 (2011)
Article Google Scholar
De Nicola, R., Gorla, D., Pugliese, R.: Basic observables for a calculus for global computing. In: Caires, L., Italiano, G.F., Monteiro, L., Palamidessi, C., Yung, M. (eds.) ICALP 2005. LNCS, vol. 3580, pp. 1226–1238. Springer, Heidelberg (2005)
Chapter Google Scholar
Francalanza, A., Hennessy, M.: A Theory for Observational Fault Tolerance. J. Log. Algebr. Program. 73(1-2), 22–50 (2007)
Article MathSciNet MATH Google Scholar
Gollmann, D.: Computer Security, 3rd edn. Wiley (2011)
Google Scholar
Lee, E.A.: Cyber physical systems: Design challenges. In: 11th IEEE International Symposium on Object-Oriented Real-Time Distributed Computing (ISORC 2008), pp. 363–369. IEEE Computer Society (2008)
Google Scholar
Malik, S., Zhang, L.: Boolean satisfiability from theoretical hardness to practical success. Commun. ACM 52(8), 76–82 (2009)
Article Google Scholar
Mantel, H., Sands, D., Sudbrock, H.: Assumptions and guarantees for compositional noninterference. In: Proceedings of the 24th IEEE Computer Security Foundations Symposium, pp. 218–232. IEEE Computer Society (2011)
Google Scholar
Milner, R.: Communicating and Mobile Systems: the Pi-Calculus. Cambridge University Press (1999)
Google Scholar
Nielson, H.R., Nielson, F., Vigo, R.: A calculus for quality. In: Păsăreanu, C.S., Salaün, G. (eds.) FACS 2012. LNCS, vol. 7684, pp. 188–204. Springer, Heidelberg (2013)
Chapter Google Scholar
Parrow, J., Victor, B.: The fusion calculus: Expressiveness and symmetry in mobile processes. In: Proc. IEEE Symp. on Logic in Computer Science, pp. 176–185 (1998)
Google Scholar
Riely, J., Hennessy, M.: Distributed processes and location failures. Theor. Comput. Sci. 266(1-2), 693–735 (2001)
Article MathSciNet MATH Google Scholar
Sabelfeld, A., Myers, A.C.: A model for delimited information release. In: Futatsugi, K., Mizoguchi, F., Yonezaki, N. (eds.) ISSS 2003. LNCS, vol. 3233, pp. 174–191. Springer, Heidelberg (2004)
Chapter Google Scholar
Volpano, D.M., Irvine, C.E., Smith, G.: A sound type system for secure flow analysis. Journal of Computer Security 4(2/3), 167–188 (1996)
Article Google Scholar

Download references

Author information

Authors and Affiliations

DTU Compute, Technical University of Denmark, Denmark
Hanne Riis Nielson & Flemming Nielson

Authors

Hanne Riis Nielson
View author publications
You can also search for this author in PubMed Google Scholar
Flemming Nielson
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

International Institute for Software Technology, United Nations University, P.O. Box 3058, Macau, China
Zhiming Liu
Department of Computer Science, University of York, Deramore Lane, YO10 5GH, York, UK
Jim Woodcock
Software Engineering Institute, East China Normal University, 3663 Zhongshan Road (North), 200062, Shanghai, China
Huibiao Zhu

Rights and permissions

Reprints and permissions

Copyright information

About this chapter

Cite this chapter

Nielson, H.R., Nielson, F. (2013). Safety versus Security in the Quality Calculus. In: Liu, Z., Woodcock, J., Zhu, H. (eds) Theories of Programming and Formal Methods. Lecture Notes in Computer Science, vol 8051. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-39698-4_18

Download citation

DOI: https://doi.org/10.1007/978-3-642-39698-4_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-39697-7
Online ISBN: 978-3-642-39698-4
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics