Abstract interpretation-based approaches to Security - A Survey on Abstract Non-Interference and its Challenging Applications

interpretation: Domains and surroundings. Abstract interpretation is a general theory for specifying and designing approximate semantics of program languages [10]. Approximation can be equivalently formulated either in terms of Galois connections or closure operators [11]. An upper closure operator ρ : C → C on a poset C (uco(C ) for short), representing concrete objects, is monotone, idempotent, and extensive: ∀x ∈C . x ≤C ρ(x ). The upper closure operator is the function that maps the concrete values to their abstract properties, namely with the best possible approximation of the concrete value in the abstract domain. For example, Sign :℘(Z)→℘(Z), on the powerset of integers, associates each set of integers with its sign: Sign(∅) =∅ def = “none”, Sign(S ) = {n | n > 0} def =+ if ∀n ∈ S .n > 0, Sign(0) = {0} def = 0, Sign(S ) = {n | n < 0} def =− if ∀n ∈ S . n < 0, Sign(S ) = {n | n ≥ 0} def = 0+ if ∀n ∈ S . x ≥ 0, Sign(S ) = {n | n ≤ 0} def = 0− if ∀n ∈ S . n ≤ 0 and Sign(S ) = Z def = “I don’t know” otherwise. Analogously, the operator Par : ℘(Z)→℘(Z) associates each set of integers with its par-