-
Bringing freedom in variable choice when searching counter-examples in floating point programs
Authors:
Heytem Zitoun,
Claude Michel,
Laurent Michel,
Michel Rueher
Abstract:
Program verification techniques typically focus on finding counter-examples that violate properties of a program. Constraint programming offers a convenient way to verify programs by modeling their state transformations and specifying searches that seek counter-examples. Floating-point computations present additional challenges for verification given the semantic subtleties of floating point arith…
▽ More
Program verification techniques typically focus on finding counter-examples that violate properties of a program. Constraint programming offers a convenient way to verify programs by modeling their state transformations and specifying searches that seek counter-examples. Floating-point computations present additional challenges for verification given the semantic subtleties of floating point arithmetic. % This paper focuses on search strategies for CSPs using floating point numbers constraint systems and dedicated to program verification. It introduces a new search heuristic based on the global number of occurrences that outperforms state-of-the-art strategies. More importantly, it demonstrates that a new technique that only branches on input variables of the verified program improve performance. It composes with a diversification technique that prevents the selection of the same variable within a fixed horizon further improving performances and reduces disparities between various variable choice heuristics. The result is a robust methodology that can tailor the search strategy according to the sought properties of the counter example.
△ Less
Submitted 27 February, 2020;
originally announced February 2020.
-
An efficient constraint based framework forhandling floating point SMT problems
Authors:
Heytem Zitoun,
Claude Michel,
Laurent Michel,
Michel Rueher
Abstract:
This paper introduces the 2019 version of \us{}, a novel Constraint Programming framework for floating point verification problems expressed with the SMT language of SMTLIB. SMT solvers decompose their task by delegating to specific theories (e.g., floating point, bit vectors, arrays, ...) the task to reason about combinatorial or otherwise complex constraints for which the SAT encoding would be c…
▽ More
This paper introduces the 2019 version of \us{}, a novel Constraint Programming framework for floating point verification problems expressed with the SMT language of SMTLIB. SMT solvers decompose their task by delegating to specific theories (e.g., floating point, bit vectors, arrays, ...) the task to reason about combinatorial or otherwise complex constraints for which the SAT encoding would be cumbersome or ineffective. This decomposition and encoding processes lead to the obfuscation of the high-level constraints and a loss of information on the structure of the combinatorial model. In \us{}, constraints over the floats are first class objects, and the purpose is to expose and exploit structures of floating point domains to enhance the search process. A symbolic phase rewrites each SMTLIB instance to elementary constraints, and eliminates auxiliary variables whose presence is counterproductive. A diversification technique within the search steers it away from costly enumerations in unproductive areas of the search space. The empirical evaluation demonstrates that the 2019 version of \us{} is competitive on computationally challenging floating point benchmarks that induce significant search efforts even for other CP solvers. It highlights that the ability to harness both inference and search is critical. Indeed, it yields a factor 3 improvement over Colibri and is up to 10 times faster than SMT solvers. The evaluation was conducted over 214 benchmarks (The Griggio suite) which is a standard within SMTLIB.
△ Less
Submitted 27 February, 2020;
originally announced February 2020.
-
FASHION: Functional and Attack graph Secured HybrId Optimization of virtualized Networks
Authors:
Devon Callahan,
Timothy Curry,
Hazel Davidson,
Heytem Zitoun,
Benjamin Fuller,
Laurent Michel
Abstract:
Maintaining a resilient computer network is a delicate task with conflicting priorities. Flows should be served while controlling risk due to attackers. Upon publication of a vulnerability, administrators scramble to manually mitigate risk while waiting for a patch.
We introduce FASHION: a linear optimizer that balances routing flows with the security risk posed by these flows. FASHION formalize…
▽ More
Maintaining a resilient computer network is a delicate task with conflicting priorities. Flows should be served while controlling risk due to attackers. Upon publication of a vulnerability, administrators scramble to manually mitigate risk while waiting for a patch.
We introduce FASHION: a linear optimizer that balances routing flows with the security risk posed by these flows. FASHION formalizes routing as a multi-commodity flow problem with side constraints. FASHION formulates security using two approximations of risk in a probabilistic attack graph (Frigault et al., Network Security Metrics 2017). FASHION's output is a set of software-defined networking rules consumable by Frenetic (Foster et al., ICFP 2011).
We introduce a topology generation tool that creates data center network instances including flows and vulnerabilities. FASHION is executed on instances of up to 600 devices, thousands of flows, and million edge attack graphs. Solve time averages 30 minutes on the largest instances (seconds on the smallest instances). To ensure the security objective is accurate, the output solution is assessed using risk as defined by Frigault et al.
FASHION allows enterprises to reconfigure their network in response to changes in functionality or security requirements.
△ Less
Submitted 8 August, 2022; v1 submitted 17 October, 2019;
originally announced October 2019.