TY - GEN
T1 - Responsibility Analysis by Abstract Interpretation
AU - Deng, Chaoqiang
AU - Cousot, Patrick
N1 - Publisher Copyright:
© Springer Nature Switzerland AG 2019.
PY - 2019
Y1 - 2019
N2 - Given a behavior of interest in the program, statically determining the corresponding responsible entity is a task of critical importance, especially in program security. Classical static analysis techniques (e.g. dependency analysis, taint analysis, slicing, etc.) assist programmers in narrowing down the scope of responsibility, but none of them can explicitly identify the responsible entity. Meanwhile, the causality analysis is generally not pertinent for analyzing programs, and the structural equations model (SEM) of actual causality misses some information inherent in programs, making its analysis on programs imprecise. In this paper, a novel definition of responsibility based on the abstraction of event trace semantics is proposed, which can be applied in program security and other scientific fields. Briefly speaking, an entity is responsible for behavior B, if and only if R is free to choose its input value, and such a choice is the first one that ensures the occurrence of B in the forthcoming execution. Compared to current analysis methods, the responsibility analysis is more precise. In addition, our definition of responsibility takes into account the cognizance of the observer, which, to the best of our knowledge, is a new innovative idea in program analysis.
AB - Given a behavior of interest in the program, statically determining the corresponding responsible entity is a task of critical importance, especially in program security. Classical static analysis techniques (e.g. dependency analysis, taint analysis, slicing, etc.) assist programmers in narrowing down the scope of responsibility, but none of them can explicitly identify the responsible entity. Meanwhile, the causality analysis is generally not pertinent for analyzing programs, and the structural equations model (SEM) of actual causality misses some information inherent in programs, making its analysis on programs imprecise. In this paper, a novel definition of responsibility based on the abstraction of event trace semantics is proposed, which can be applied in program security and other scientific fields. Briefly speaking, an entity is responsible for behavior B, if and only if R is free to choose its input value, and such a choice is the first one that ensures the occurrence of B in the forthcoming execution. Compared to current analysis methods, the responsibility analysis is more precise. In addition, our definition of responsibility takes into account the cognizance of the observer, which, to the best of our knowledge, is a new innovative idea in program analysis.
KW - Abstract interpretation
KW - Causality
KW - Dependency
KW - Program security
KW - Responsibility
KW - Static analysis
UR - http://www.scopus.com/inward/record.url?scp=85075828153&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85075828153&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-32304-2_18
DO - 10.1007/978-3-030-32304-2_18
M3 - Conference contribution
AN - SCOPUS:85075828153
SN - 9783030323035
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 368
EP - 388
BT - Static Analysis - 26th International Symposium, SAS 2019, Proceedings
A2 - Chang, Bor-Yuh Evan
PB - Springer Science and Business Media Deutschland GmbH
T2 - 26th International Static Analysis Symposium, SAS 2019 held as part of the 3rd World Congress on Formal Methods, FM 2019
Y2 - 8 October 2019 through 11 October 2019
ER -