Final Progress Report for Award FA Project: Trace Effect Analysis for Software Security PI: Dr. Christian Skalka The University of

Similar documents
CONTROL OF SENSORS FOR SEQUENTIAL DETECTION A STOCHASTIC APPROACH

REPORT DOCUMENTATION PAGE

Strategic Technical Baselines for UK Nuclear Clean-up Programmes. Presented by Brian Ensor Strategy and Engineering Manager NDA

Durable Aircraft. February 7, 2011

REPORT DOCUMENTATION PAGE

DISTRIBUTION A: Distribution approved for public release.

REPORT DOCUMENTATION PAGE

REPORT DOCUMENTATION PAGE

REPORT DOCUMENTATION PAGE

The Algorithm Theoretical Basis Document for the Atmospheric Delay Correction to GLAS Laser Altimeter Ranges

Coherent distributed radar for highresolution

REPORT DOCUMENTATION PAGE

REPORT DOCUMENTATION PAGE. Thermal transport and measurement of specific heat in artificially sculpted nanostructures. Dr. Mandar Madhokar Deshmukh

Active Denial Array. Directed Energy. Technology, Modeling, and Assessment

COM DEV AIS Initiative. TEXAS II Meeting September 03, 2008 Ian D Souza

14. Model Based Systems Engineering: Issues of application to Soft Systems

Technology Maturation Planning for the Autonomous Approach and Landing Capability (AALC) Program

The Energy Spectrum of Accelerated Electrons from Waveplasma Interactions in the Ionosphere

THE NATIONAL SHIPBUILDING RESEARCH PROGRAM

REPORT DOCUMENTATION PAGE. A peer-to-peer non-line-of-sight localization system scheme in GPS-denied scenarios. Dr.

3. Faster, Better, Cheaper The Fallacy of MBSE?

THE DET CURVE IN ASSESSMENT OF DETECTION TASK PERFORMANCE

REPORT DOCUMENTATION PAGE

Hybrid QR Factorization Algorithm for High Performance Computing Architectures. Peter Vouras Naval Research Laboratory Radar Division

DISTRIBUTION A: Approved for public release.

FAA Research and Development Efforts in SHM

AFRL-RH-WP-TP

A RENEWED SPIRIT OF DISCOVERY

Investigation of a Forward Looking Conformal Broadband Antenna for Airborne Wide Area Surveillance

Innovative 3D Visualization of Electro-optic Data for MCM

N C-0002 P13003-BBN. $475,359 (Base) $440,469 $277,858

Effects of Radar Absorbing Material (RAM) on the Radiated Power of Monopoles with Finite Ground Plane

AFRL-RH-WP-TR

10. WORKSHOP 2: MBSE Practices Across the Contractual Boundary

ADVANCED CONTROL FILTERING AND PREDICTION FOR PHASED ARRAYS IN DIRECTED ENERGY SYSTEMS

Fall 2014 SEI Research Review Aligning Acquisition Strategy and Software Architecture

LONG TERM GOALS OBJECTIVES

REPORT DOCUMENTATION PAGE

Signal Processing Architectures for Ultra-Wideband Wide-Angle Synthetic Aperture Radar Applications

Mathematics, Information, and Life Sciences

Underwater Intelligent Sensor Protection System

Future Trends of Software Technology and Applications: Software Architecture

USAARL NUH-60FS Acoustic Characterization

REPORT DOCUMENTATION PAGE

REPORT DOCUMENTATION PAGE

Thermal Simulation of a Silicon Carbide (SiC) Insulated-Gate Bipolar Transistor (IGBT) in Continuous Switching Mode

U.S. Army Training and Doctrine Command (TRADOC) Virtual World Project

AFRL-RI-RS-TR

Drexel Object Occlusion Repository (DOOR) Trip Denton, John Novatnack and Ali Shokoufandeh

August 9, Attached please find the progress report for ONR Contract N C-0230 for the period of January 20, 2015 to April 19, 2015.

INTEGRATIVE MIGRATORY BIRD MANAGEMENT ON MILITARY BASES: THE ROLE OF RADAR ORNITHOLOGY

Remote Sediment Property From Chirp Data Collected During ASIAEX

Rump Session: Advanced Silicon Technology Foundry Access Options for DoD Research. Prof. Ken Shepard. Columbia University

INFRASOUND SENSOR MODELS AND EVALUATION. Richard P. Kromer and Timothy S. McDonald Sandia National Laboratories

Development of a charged-particle accumulator using an RF confinement method FA

Digital Radiography and X-ray Computed Tomography Slice Inspection of an Aluminum Truss Section

Robotics and Artificial Intelligence. Rodney Brooks Director, MIT Computer Science and Artificial Intelligence Laboratory CTO, irobot Corp

ESME Workbench Enhancements

Analytical Evaluation Framework

Best Practices for Technology Transition. Technology Maturity Conference September 12, 2007

UNCLASSIFIED UNCLASSIFIED 1

Frequency Stabilization Using Matched Fabry-Perots as References

Acoustic Change Detection Using Sources of Opportunity

2008 Monitoring Research Review: Ground-Based Nuclear Explosion Monitoring Technologies INFRAMONITOR: A TOOL FOR REGIONAL INFRASOUND MONITORING

Validated Antenna Models for Standard Gain Horn Antennas

Solar Radar Experiments

REPORT DOCUMENTATION PAGE

MONITORING RUBBLE-MOUND COASTAL STRUCTURES WITH PHOTOGRAMMETRY

POSTPRINT UNITED STATES AIR FORCE RESEARCH ON AIRFIELD PAVEMENT REPAIRS USING PRECAST PORTLAND CEMENT CONCRETE (PCC) SLABS (BRIEFING SLIDES)

PULSED POWER SWITCHING OF 4H-SIC VERTICAL D-MOSFET AND DEVICE CHARACTERIZATION

SA Joint USN/USMC Spectrum Conference. Gerry Fitzgerald. Organization: G036 Project: 0710V250-A1

Department of Defense Partners in Flight

Characteristics of an Optical Delay Line for Radar Testing

Radar Detection of Marine Mammals

Lattice Spacing Effect on Scan Loss for Bat-Wing Phased Array Antennas

REPORT DOCUMENTATION PAGE

Management of Toxic Materials in DoD: The Emerging Contaminants Program

DARPA TRUST in IC s Effort. Dr. Dean Collins Deputy Director, MTO 7 March 2007

THE NATIONAL SHIPBUILDING RESEARCH PROGRAM

STABILITY AND ACCURACY OF THE REALIZATION OF TIME SCALE IN SINGAPORE

Reduced Power Laser Designation Systems

Non-Data Aided Doppler Shift Estimation for Underwater Acoustic Communication

SILICON CARBIDE FOR NEXT GENERATION VEHICULAR POWER CONVERTERS. John Kajs SAIC August UNCLASSIFIED: Dist A. Approved for public release

Effects of Fiberglass Poles on Radiation Patterns of Log-Periodic Antennas

0.18 μm CMOS Fully Differential CTIA for a 32x16 ROIC for 3D Ladar Imaging Systems

ARL-TN-0835 July US Army Research Laboratory

Experimental Observation of RF Radiation Generated by an Explosively Driven Voltage Generator

A Comparison of Two Computational Technologies for Digital Pulse Compression

Joint Milli-Arcsecond Pathfinder Survey (JMAPS): Overview and Application to NWO Mission

IREAP. MURI 2001 Review. John Rodgers, T. M. Firestone,V. L. Granatstein, M. Walter

Experiences Linking Vehicle Motion Simulators to Distributed Simulation Experiments

Thermal Simulation of Switching Pulses in an Insulated Gate Bipolar Transistor (IGBT) Power Module

Ground Based GPS Phase Measurements for Atmospheric Sounding

Loop-Dipole Antenna Modeling using the FEKO code

REPORT DOCUMENTATION PAGE

A New Scheme for Acoustical Tomography of the Ocean

Modeling of Ionospheric Refraction of UHF Radar Signals at High Latitudes

Report Documentation Page

Adaptive CFAR Performance Prediction in an Uncertain Environment

AFOSR Basic Research Strategy

Transcription:

Final Progress Report for Award FA9550-06-1-0313 Project: Trace Effect Analysis for Software Security PI: Dr. Christian Skalka The niversity of Vermont, Burlington, VT 05405 February 28, 2010

REPORT DOCMENTATION PAGE Form Approved OMB No. 0704-0188 Public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing this collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden to Department of Defense, Washington Headquarters Services, Directorate for Information Operations and Reports (0704-0188), 1215 Jefferson Davis Highway, Suite 1204, Arlington, VA 22202-4302. Respondents should be aware that notwithstanding any other provision of law, no person shall be subject to any penalty for failing to comply with a collection of information if it does not display a currently valid OMB control number. PLEASE DO NOT RETRN YOR FORM TO THE ABOVE ADDRESS. 1. REPORT DATE (DD-MM-YYYY) 3. DATES COVERED (From - To) 2. REPORT TYPE Final Performance Report 28/02/2010 4. TITLE AND SBTITLE TRACE EFFECT ANALYSIS FOR SOFTWARE SECRITY 06/01/06-05/31/09 5a. CONTRACT NMBER 5b. GRANT NMBER FA9550-06-1-0313 5c. PROGRAM ELEMENT NMBER 6. ATHOR(S) Christian Skalka 5d. PROJECT NMBER 5e. TASK NMBER 5f. WORK NIT NMBER 7. PERFORMING ORGANIZATION NAME(S) AND ADDRESS(ES) 8. PERFORMING ORGANIZATION REPORT NMBER The niversity of Vermont Burlington, VT 05405 9. SPONSORING / MONITORING AGENCY NAME(S) AND ADDRESS(ES) 10. SPONSOR/MONITOR S ACRONYM(S) AFOSR/RSL AFOSR/RSL Suite 325 875 N. Randolph St. 11. SPONSOR/MONITOR S REPORT Arlington, VA 22203 NMBER(S) AFRL-SR-AR-TR-10-0100 12. DISTRIBTION / AVAILABILITY STATEMENT Distribution Statement A (Public Release). 13. SPPLEMENTARY NOTES 14. ABSTRACT We developed combined run-time and compile-time analyses for enforcing trace based safety properties in higher order and Object Oriented programs, called trace effect analysis. Traces are the ordered sequence of events generated by programs. A wide variety of interesting language safety mechanisms can be expressed as trace properties, such as access control, resource usage protocols, and context sensitive flow analysis. Consequently, our analyses provide a uniform framework for automatically enforcing a large class of safety properties, which can be specialized for particular applications. Formal type theory underlies most of these analyses. We have also developed new program logics for defining access control policies. Based on temporal logics, they allow for the specification and verifiable enforcement of sophisticated security policies, and are especially useful in distributed contexts. 15. SBJECT TERMS 16. SECRITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT a. REPORT b. ABSTRACT c. THIS PAGE 18. NMBER OF PAGES 19a. NAME OF RESPONSIBLE PERSON Christian Skalka 3 19b. TELEPHONE NMBER (include area code) (802)656-1920 Standard Form 298 (Rev. 8-98) Prescribed by ANSI Std. Z39.18

Status of Effort This research project has been completed, and was productive and successful. We have published work establishing a rigorous theoretical foundation for our static analysis enforcing temporal properties of programs. We have extended our basic analysis to richer language models, incorporating object oriented features such as object hierarchies and dynamic dispatch. We have also performed research on authorization logics, which allow definition of highly expressive security policies. Aside from its inherent interest, this work has also led to a new research project in software security for embedded systems that is now funded under an AFOSR YIP award. Accomplishments Our research has made four basic contributions. First, we have shown that temporal program logics can be integrated with type analysis to enforce temporal program properties at compile time. Second, we have shown that our analyses are scalable to object oriented models. Third, we have developed new foundations for increasing practical applications of trust management systems. All of these results enhance the foundations of software security, especially software for execution in distributed environments. They lead also to our fourth contribution, which is an underpinning of new research in programming languagebased security for embedded systems via type safe staged programming. Papers reporting work on this project have been published in high-profile, highly respected venues such as the Journal of Functional Programming and ACM Computing Surveys. Personnel Supported This grant provided Summer support for the PI during 2006, 2007, and 2008. It supported a PhD student during the 2007/2008 school year, and a postdoctoral researcher from November 1, 2007 to May 1, 2009. The grant also supported travel to conferences by the PI and funded personnel was also supported Publications During the grant period the PI has (co-)authored a number of papers relevant to supported research. Following are highlights. [1] Yu David Liu, Christian Skalka, and Scott Smith. Type-Specialized Staged Programming with Process Separation. In Workshop on Generic Programming (WGP09), Edinburgh, Scotland, 2009. [2] Christian Skalka. Types and trace effects for object orientation. Journal of Higher Order and Symbolic Computation, 21(3):239-282, 2008. [3] Peter Chapin, Christian Skalka, and X. Sean Wang. Authorization in Trust management: Features and foundations. ACM Computing Surveys 40(3):1 48, 2008. [4] Christian Skalka, Scott Smith, and David Van Horn. Types and trace effects of higher order programs. Journal of Functional Programming 18(2):179-249, 2008. [5] Christian Skalka, X. Sean Wang, and Peter Chapin. Risk management for distributed authorization. Journal of Computer Security, 15(4):447-489, 2007. [6] Paritosh Shroff, Christian Skalka, and Scott Smith. The Nuggetizer: Abstracting Away Higher Orderness for Program Verification. Proceedings of the Asian Programming Languages Symposium, November 2007. [7] Christian Skalka. Type safe dynamic linking for JVM access control. Proceedings of the ACM Symposium on Principles and Practice of Declarative Programming, 2007. 1

[8] Christian Skalka and X. Sean Wang. Trust but Verify: Authorization for Web Services. Journal of Computer Systems Science and Engineering, 21(5), 2006. [9] Jeff Polakow and Christian Skalka. Specifying distributed trust management in LolliMon. Proceedings of the ACM Workshop on Programming Languages and Analysis for Security, 2006. Interactions: Presentations During the grant period the PIs research has been presented at the following venues. [1] Edinburgh niversity, Symposium on Data Provenance in Software, March 2009. [2] ACM Workshop on Generic Programming, September 2009 [3] Asian Programming Languages Symposium, November 2007. [4] McGill niversity Computer Science Seminar Series, June 2007. [5] Harvard niversity Computer Science Seminar Series, May 2007. [6] ACM Workshop on Programming Languages and Analysis for Security, June 2006. 2

2024 © hobbydocbox.com Privacy Policy | Terms of Service | Feedback