We study a security property for processes in dynamic contexts, i.e., contexts that can be reconfigured at runtime. The security property that we propose in this paper, named Persistent BNDC, is such that a process is "secure" when every state reachable from it satisfies a basic Non-Interference property. We define a suitable bisimulation based equivalence relation among processes, that allows us to express the new property as a single equivalence check, thus avoiding the universal quantifications over all the reachable states (required by Persistent BNDC) and over all the possible hostile environments (implicit in the basic Non-Interference property we adopt). We show that the novel security property is compositional and we discuss how it can be efficiently checked.

There has been a recent surge in work in probabilistic databases, propelled in large part by the huge increase in noisy data sources — from sensor data, experimental data, data from uncurated sources, and many others. There is a growing need for database management systems that can efficiently represent and query such data. In this work, we show how data characteristics can be leveraged to make the query evaluation process more efficient. In particular, we exploit what we refer to as shared correlations where the same uncertainties and correlations occur repeatedly in the data. Shared correlations occur mainly due to two reasons: (1) Uncertainty and correlations usually come from general statistics and rarely vary on a tuple-to-tuple basis; (2) The query evaluation procedure itself tends to re-introduce the same correlations. Prior work has shown that the query evaluation problem on probabilistic databases is equivalent to a probabilistic inference problem on an appropriately constructed probabilistic graphical model (PGM). We leverage this by introducing a new data structure, called the random variable elimination graph (rv-elim graph) that can be built from the PGM obtained from query evaluation. We develop techniques based on bisimulation that can be used to compress the rv-elim graph exploiting the presence of shared correlations in the PGM, the compressed rv-elim graph can then be used to run inference. We validate our methods by evaluating them empirically and show that even with a few shared correlations significant speed-ups are possible.

Abstract. Many biological systems can be modeled using systems of ordinary differential algebraic equations (e.g., S-systems), thus allowing the study of their solutions and behavior automatically with suitable software tools (e.g., PLAS, Octave/Matlab tm). Usually, numerical solutions (traces or trajectories) for appropriate initial conditions are analyzed in order to infer significant properties of the biological systems under study. When several variables are involved and the traces span over a long interval of time, the analysis phase necessitates automation in a scalable and efficient manner. Earlier, we have advocated and experimented with the use of automata and temporal logics for this purpose (XS-systems and Simpathica) and here we continue our investigation more deeply. We propose the use of hybrid automata and we discuss the use of the notions of bisimulation and collapsing for a “qualitative ” analysis of the temporal evolution of biological systems. As compared with our previous approach, hybrid automata allow maintenance of more information about the differential equations (S-system) than standard automata. The use of the notion of bisimulation in the definition of the projection operation (restrictions to a subset of “interesting ” variables) makes it possible to work with reduced automata satisfying the same formulae as the initial ones. Finally, the notion of collapsing is introduced to move toward still simpler and equivalent automaton taming the complexity in terms of states whose number depends on the attained level of approximation.

The notions of bisimulation and simulation are used for graph reduction and are widely employed in many areas: Modal Logic, Concurrency Theory, Set Theory, Formal Verification, etc. In particular, in the context of Formal Verification they are used to tackle the so-called state-explosion problem.

Persistent_BNDC (P_BNDC, for short) is an information-flow security property for processes in dynamic contexts, i.e., contexts that can be reconfigured at runtime. Intuitively, P_BNDC requires that high level interactions never interfere with the low level behavior of the system, in every possible state. P_BNDC is verified by checking whether the system interacting with a high level component is bisimilar or not to the system in isolation. In this work we contribute to the verification of information-flow security in two respects: (i) we give an unwinding condition that allows us to express P_BNDC in terms of a local property on high level actions and (it) we exploit this local property in order to define a proof system which provides a very efficient technique for the development and the verification of P_BNDC processes.

The goal of this paper is to provide a uniform overview of the unification problem in algebras capable of describing sets. The problem has been tackled, directly and indirectly, by many researchers and it can find important applications in various research areas - e.g., deductive databases, theorem proving, static analysis, rapid software prototyping. The problem has been explored in depth, but the various solutions proposed are spread across a large literature, and some of the approaches have been ignored and/or rediscovered by different researchers. In this

We study how to e#ciently decide if a process is Persistent BNDC (P BNDC, for short). The P BNDC property ensures that a process is "secure" in dynamic contexts, i.e., contexts that can be reconfigured at runtime. We exploit a characterization of P BNDC as Weak Bisimulation up to a set of actions. In the case of finite-state processes, we study two methods for computing the largest weak bisimulation up to a set of actions: (1) via Characteristic Formulae and Model Checking for -calculus and (2) via Closure up to a set of actions and Strong Bisimulation. This second method seems to be particularly appealing: it can be performed using already existing tools at a low time complexity.

Abstract not found

In this paper we propose an ecient symbolic algorithm for the problem of determining the maximum bisimulation on a nite structure. The starting point is an algorithm, on explicit representation of graphs, which saves both time and space exploiting the notion of rank. This notion provides a layering of the input model and allows to proceed bottom-up in the bisimulation computation. In this paper we give a procedure that allows to compute the rank of a graph working on its symbolic representation and requiring a linear number of symbolic steps. Then we embed it in a fully symbolic, rank-driven, bisimulation algorithm. Moreover, we show how the notion of rank can be employed to optimize the CTL Model Checking procedures. Key words: Bisimulation, Ordered Binary Decision Diagrams, Symbolic Algorithms, Model Checking.

this paper we consider the problem of computing and representing the bisimulation on a given Kripke structure. Such a problem, central in Model Checking, has been tackled by many authors and various solutions have been given. In particular, the algorithm proposed by Kanellakis and Smolka [7] is used in many model checkers with explicit-state representation, while the algorithm proposed by Bouali and de Simone [3] is used in the case of symbolic representation. The algorithms presented in [2] and [8] are studied to obtain better performances in the case of the so-called on-the-fly Model Checking. The algorithm proposed by Paige and Tarjan in [11] is still the best in terms of worst case time complexity (O(|E| log |N |))