A model of program execution for security purposes

Assurance of software quality and security of computer systems have become dominant concerns in our networking age, to which models of program execution are important. A good model of program execution would allow program execution to be reliably and efficiently identified and verified online. On one hand, online program execution identification and verification help increase assurance of trustworthy software with respect to specific concerns in software quality and vulnerability. On the other hand, they are also helpful in detecting risks in untrustworthy software. We in this paper present a formal specification of program execution events for security purposes, and a model of program execution based upon the specification. This paper discusses the program execution model, specifically its background, the formal specification of program execution events with an underlying concept of program system call footprints, a formal description of the program execution model, two applications of the model in program execution identification and verification, and our experimental results of the model.