WP6: Static Analysis

Presented by

Flemming Nielson

Informatics and Mathematical Modelling

Technical University of Denmark

at the 3nd review of DEGAS in April 2005

fully automatic and hidden from the user

The DEGAS view: WP5, WP6

sequencediagrams

classdiagrams

activitydiagrams

UM

L de

sign

security features

stochasticfeatures

Markovmodel

staticanalysis

model inprocesscalculus

extraction

reflection

Objectives of WP6

• Comparing and finding new language abstractions to design global applications (D9 month 12)

• Enhancing understanding and applicability of static analysis for global computing systems (D11 month 24, D14 month 33)

• New models and techniques for integrated qualitative and security analysis statically

• Proof-of-concepts implementations to validate the above treatment (D19 month 24).

Language Abstractions

Within DEGAS we have considered analysis of

• ambient calculi (for access control)

• π-calculi (for access control and performance)

• LySa (network security and performance)

An overview of language abstractions are in

D9: Basic Static Mechanisms of Process Algebras for Global Applications

Basics of Static Analysis

Characterising the behaviour:

Actual behaviourStatic analysis(over-approximation)

Model checking /Theorem Proving(under-approximation)

Enhancing Static Analysis

Network security• LySa and its static analysis

Access control• π-calculus and Enhanced Operational Semantics

Discussed in• D11 Models and Techniques for Static Analysis• D14 Final Report on Static Analysis

Analysis of LySa

Protocol

Actual behaviour

Over-approximation

Attacker+

Staticanalysis

Hardestattacker

Prototype: the LySatool

LySa SolutionConstraints

Constraintsolving

Constraintgeneration

Annotated with authentication properties

In Alternation Free Least Fixed-point logic

Includes violations of authentication properties

• Details are in D19 Static Analysers

• The LySatool in integrated in Choreographer• The LySatool is available on the internet:

http://www.imm.dtu.dk/cs_LySa/lysatool

LySa Durring the Thrid Year

• Developed a technique for tracking replay attacks• Implemented analysis of infinite scenarios • Improved efficiency of the LySatool to cater for industrial

size protocols• Improved usability (input/output capabilities of the

LySatool)

• Discovered unknow security issues in• Classical security protocols (Beller-Chang-Yacobi ’93,

Bauer-Bereson-Feiertag ’83)• Modern protocol standards (OASIS) • Case studies (D26)

Enhanced Static Analysis

• Corrado, Pierpaolo, or Chiara:

Please provide a slide (or two) with information about your contribution in D14

Integrating Security and Performance Analysis

Supported by performance analysis using:

• PEPA – for timing attacks (facilitated by Choreographer)

• EOS for protocol performance / effort spent on attacks

Performanceanalysis

Not OK

OK

Design and analysis process

Static securityanalysis

Redesignprotocol

Protocol in LySa

Self-evaluation of WP6

Positioning with respect to state of the art• S1: Strong indicator for discovery of a new class of flaw

in a protocol published in the literature • W1: Weak indicator for application to key exchange

protocol for DEGAS case study

Comparison with competing approaches• S2: Strong indicator for clarifying the fundamentally

different behaviours of model checking and static analysis as regards protocol validation

• W2: Weak indicator for termination properties of our analysis approach

• W2: Weak indicator for allowing to use model checking to validate the flaws reported by static analysis.

Self-evaluation of WP6

Usability and explotation perspectives

• S3: Strong indicator for hardening the design of the analysis tool so that also educated users outside of the research group (mainly MSc-students) are able to use the analysis tool.

• W4: Weak indicator on the ability to analyse the OASIS protocol for Single Sign On.

• W5: good progress towards weak indicator based on the UML to LySa extractor

• S6: Strong indicator for the ability to teach the analysis method to advanced MSc-students and PhD-students that subsequently can use it for projects.