Results 1  10
of
2,219,080
Symbolic Model Checking without BDDs
, 1999
"... Symbolic Model Checking [3, 14] has proven to be a powerful technique for the verification of reactive systems. BDDs [2] have traditionally been used as a symbolic representation of the system. In this paper we show how boolean decision procedures, like Stalmarck's Method [16] or the Davis ..."
Abstract

Cited by 910 (74 self)
 Add to MetaCart
Symbolic Model Checking [3, 14] has proven to be a powerful technique for the verification of reactive systems. BDDs [2] have traditionally been used as a symbolic representation of the system. In this paper we show how boolean decision procedures, like Stalmarck's Method [16] or the Davis
Symbolic Model Checking for Realtime Systems
 INFORMATION AND COMPUTATION
, 1992
"... We describe finitestate programs over realnumbered time in a guardedcommand language with realvalued clocks or, equivalently, as finite automata with realvalued clocks. Model checking answers the question which states of a realtime program satisfy a branchingtime specification (given in an ..."
Abstract

Cited by 574 (50 self)
 Add to MetaCart
We describe finitestate programs over realnumbered time in a guardedcommand language with realvalued clocks or, equivalently, as finite automata with realvalued clocks. Model checking answers the question which states of a realtime program satisfy a branchingtime specification (given
Reachability Analysis of Pushdown Automata: Application to ModelChecking
, 1997
"... We apply the symbolic analysis principle to pushdown systems. We represent (possibly infinite) sets of configurations of such systems by means of finitestate automata. In order to reason in a uniform way about analysis problems involving both existential and universal path quantification (like mode ..."
Abstract

Cited by 385 (39 self)
 Add to MetaCart
modelchecking for branchingtime logics), we consider the more general class of alternating pushdown systems and use alternating finitestate automata as a representation structure for their sets of configurations. We give a simple and natural procedure to compute sets of predecessors
ModelChecking in Dense Realtime
 INFORMATION AND COMPUTATION
, 1993
"... Modelchecking is a method of verifying concurrent systems in which a statetransition graph model of the system behavior is compared with a temporal logic formula. This paper extends modelchecking for the branchingtime logic CTL to the analysis of realtime systems, whose correctness depends on t ..."
Abstract

Cited by 329 (7 self)
 Add to MetaCart
Modelchecking is a method of verifying concurrent systems in which a statetransition graph model of the system behavior is compared with a temporal logic formula. This paper extends modelchecking for the branchingtime logic CTL to the analysis of realtime systems, whose correctness depends
Symbolic Model Checking: 10^20 States and Beyond
, 1992
"... Many different methods have been devised for automatically verifying finite state systems by examining stategraph models of system behavior. These methods all depend on decision procedures that explicitly represent the state space using a list or a table that grows in proportion to the number of st ..."
Abstract

Cited by 753 (40 self)
 Add to MetaCart
of states. We describe a general method that represents the state space symbolical/y instead of explicitly. The generality of our method comes from using a dialect of the MuCalculus as the primary specification language. We describe a model checking algorithm for MuCalculus formulas that uses Bryantâ€™s
Network information flow
 IEEE TRANS. INFORM. THEORY
, 2000
"... We introduce a new class of problems called network information flow which is inspired by computer network applications. Consider a pointtopoint communication network on which a number of information sources are to be mulitcast to certain sets of destinations. We assume that the information source ..."
Abstract

Cited by 1961 (24 self)
 Add to MetaCart
We introduce a new class of problems called network information flow which is inspired by computer network applications. Consider a pointtopoint communication network on which a number of information sources are to be mulitcast to certain sets of destinations. We assume that the information
JFlow: Practical MostlyStatic Information Flow Control
 In Proc. 26th ACM Symp. on Principles of Programming Languages (POPL
, 1999
"... A promising technique for protecting privacy and integrity of sensitive data is to statically check information flow within programs that manipulate the data. While previous work has proposed programming language extensions to allow this static checking, the resulting languages are too restrictive f ..."
Abstract

Cited by 579 (32 self)
 Add to MetaCart
for practical use and have not been implemented. In this paper, we describe the new language JFlow, an extension to the Java language that adds staticallychecked information flow annotations. JFlow provides several new features that make information flow checking more flexible and convenient than in previous
Certification of Programs for Secure Information Flow
, 1977
"... This paper presents a certification mechanism for verifying the secure flow of information through a program. Because it exploits the properties of a lattice structure among security classes, the procedure is sufficiently simple that it can easily be included in the analysis phase of most existing c ..."
Abstract

Cited by 488 (1 self)
 Add to MetaCart
This paper presents a certification mechanism for verifying the secure flow of information through a program. Because it exploits the properties of a lattice structure among security classes, the procedure is sufficiently simple that it can easily be included in the analysis phase of most existing
The Protection of Information in Computer Systems
, 1975
"... This tutorial paper explores the mechanics of protecting computerstored information from unauthorized use or modification. It concentrates on those architectural structureswhether hardware or softwarethat are necessary to support information protection. The paper develops in three main sections ..."
Abstract

Cited by 815 (2 self)
 Add to MetaCart
This tutorial paper explores the mechanics of protecting computerstored information from unauthorized use or modification. It concentrates on those architectural structureswhether hardware or softwarethat are necessary to support information protection. The paper develops in three main
LanguageBased InformationFlow Security
 IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS
, 2003
"... Current standard security practices do not provide substantial assurance that the endtoend behavior of a computing system satisfies important security policies such as confidentiality. An endtoend confidentiality policy might assert that secret input data cannot be inferred by an attacker throug ..."
Abstract

Cited by 821 (57 self)
 Add to MetaCart
through the attacker's observations of system output; this policy regulates information flow.
Results 1  10
of
2,219,080