Objectif
Static analysis of programs is a proven technology in the implementation of compilers and interpreters. Recent years have begun to see application of static analysis techniques in novel areas such as software validation (for example Ariane V) and software re-engineering (for example the Y2K problem). This project will demonstrate that static analysis technology facilitates the validation of systems based on the Internet and on smart cards. Static analysis of programs is a proven technology in the implementation of compilers and interpreters. Recent years have begun to see application of static analysis techniques in novel areas such as software validation (for example Ariane V) and software re-engineering (for example the Y2K problem). This project will demonstrate that static analysis technology facilitates the validation of systems based on the Internet and on smart cards.
OBJECTIVES
The objective of the project is to assess the scalability of static analysis technology to the validation of security and safety aspects of realistic languages and applications. We have identified two domains where security is all-important: smart cards and Internet programming. We intend to develop methods that apply to both domains by focussing a substantial part of our efforts on the Java programming language and its dialect Java Card, treating source-level as well as bytecode-level applications.
DESCRIPTION OF WORK
The project has 4 main tasks:
1. Specification of Security Properties:
The objective of this task is to determine the most appropriate way of expressing the dynamic properties of interest for security and safety. We have some experience of using a linear-time temporal logic over program traces for expressing a variety of security properties. This task is an investigation of the scalability and extension of these techniques to realistic case studies.
2. Static Analysis: The focal point of the project is the development of analyses that, on the one hand, provide useful information for the security and safety of systems and, on the other hand, are able to deal with large programs that are subsequently modified. A number of promising approaches exist for developing suitable analyses with varying degrees of precision and cost: e.g. Type and Effect Systems and Flow Logics. Aspects of analysis techniques that are important are modularity and expressibility of control flow analysis.
3. Algorithms and Tools: The implementation of static analyses eventually boils down to constraint solving. We will aim at adapting general tools, which are already available rather than performing ad hoc developments of new tools. As we extend our analysis techniques to cope with larger languages, we may also need to extend the state-of-the-art in constraint solving.
4. Semantics: This task has two sub-parts: modularising semantic specifications and correctness proofs; and semantic specification of security-specific aspects of Java and Java Card. Key technical challenges involve developing good semantic accounts of visibility modifiers and shareable interfaces.
We have defined an abstraction of Java Card Virtual Machine (JCVM) Language, called Carmel, which simplifies analysis and semantics issues while retaining all the expressive power and features of Java Card.We have defined a comprehensive operational semantics for Carmel that addresses not only the virtual machine but also issues related to the Java Card Runtime Environment (JCRE) and Application Programming Interface (JCAPI). We have developed an automatic translator from Java Card to Carmel. It ensures that any tool operating on Carmel applications can also be applied to Java Card applications. We have identified a number of security properties that are typically of interest for applications in the banking area. We have specified and implemented a demonstrative Java Card application to exercise our prototypes. This application (called Demoney) is an electronic purse. Although very basic, it is a realistic representative of similar applications in the banking area, as far as program analysis issues are concerned.
We have shown that flow logic provides a versatile specification language for formalising security properties. We have also shown how Linear Temporal Logic can be used to validate service control properties based on stack inspection. We have proven our flow logic analysis correct with respect to the semantics. We have developed an approach to modular analyses. We have also extended the Succinct Solver to support dynamic universes; this allows partial solutions to be extended when new queries are added. We have developed a new quantitative approach to security analysis which replaces the classical notion of safety (used in program analysis) by "closeness"; this allows us to measure how vulnerable a system might be. We have shown how the hardest attacker approach can be used to detect reference leaks. We have produced a prototype which integrates some of the analyses that we have specified.
Champ scientifique (EuroSciVoc)
CORDIS classe les projets avec EuroSciVoc, une taxonomie multilingue des domaines scientifiques, grâce à un processus semi-automatique basé sur des techniques TLN. Voir: Le vocabulaire scientifique européen.
CORDIS classe les projets avec EuroSciVoc, une taxonomie multilingue des domaines scientifiques, grâce à un processus semi-automatique basé sur des techniques TLN. Voir: Le vocabulaire scientifique européen.
- sciences naturelles informatique et science de l'information logiciel
- sciences naturelles informatique et science de l'information internet
Vous devez vous identifier ou vous inscrire pour utiliser cette fonction
Nous sommes désolés... Une erreur inattendue s’est produite.
Vous devez être authentifié. Votre session a peut-être expiré.
Merci pour votre retour d'information. Vous recevrez bientôt un courriel confirmant la soumission. Si vous avez choisi d'être informé de l'état de la déclaration, vous serez également contacté lorsque celui-ci évoluera.
Programme(s)
Programmes de financement pluriannuels qui définissent les priorités de l’UE en matière de recherche et d’innovation.
Programmes de financement pluriannuels qui définissent les priorités de l’UE en matière de recherche et d’innovation.
Thème(s)
Les appels à propositions sont divisés en thèmes. Un thème définit un sujet ou un domaine spécifique dans le cadre duquel les candidats peuvent soumettre des propositions. La description d’un thème comprend sa portée spécifique et l’impact attendu du projet financé.
Les appels à propositions sont divisés en thèmes. Un thème définit un sujet ou un domaine spécifique dans le cadre duquel les candidats peuvent soumettre des propositions. La description d’un thème comprend sa portée spécifique et l’impact attendu du projet financé.
Appel à propositions
Procédure par laquelle les candidats sont invités à soumettre des propositions de projet en vue de bénéficier d’un financement de l’UE.
Données non disponibles
Procédure par laquelle les candidats sont invités à soumettre des propositions de projet en vue de bénéficier d’un financement de l’UE.
Régime de financement
Régime de financement (ou «type d’action») à l’intérieur d’un programme présentant des caractéristiques communes. Le régime de financement précise le champ d’application de ce qui est financé, le taux de remboursement, les critères d’évaluation spécifiques pour bénéficier du financement et les formes simplifiées de couverture des coûts, telles que les montants forfaitaires.
Régime de financement (ou «type d’action») à l’intérieur d’un programme présentant des caractéristiques communes. Le régime de financement précise le champ d’application de ce qui est financé, le taux de remboursement, les critères d’évaluation spécifiques pour bénéficier du financement et les formes simplifiées de couverture des coûts, telles que les montants forfaitaires.
Coordinateur
SW7 2AZ LONDON
Royaume-Uni
Les coûts totaux encourus par l’organisation concernée pour participer au projet, y compris les coûts directs et indirects. Ce montant est un sous-ensemble du budget global du projet.