A type flaw attack on a security protocol is an attack where an honest principal is cheated on interpreting a field in a message as the one with a type other than the intended one. In this paper, we shall present an extension of theLySa calculus with tags attached to each field, indicating the intended types. We developed a control flow analysis for analysing the extended LySa, which over-appro...

The effective usages of computational resources are a primary concern of up-to-date distributed applications. In this paper, we present a methodology to reason about resource usages (acquisition, release, revision, ...), and therefore the proposed approach enables to predict bad usages of resources. Keeping in mind the interplay between local and global information occurring in the application-...

The security of a network protocol crucially relies on the scenario in which the protocol is deployed. This paper describes syntactic constructs for modelling network scenarios and presents an automated analysis tool, which can guarantee that security properties hold in all of the (infinitely many) instances of a scenario. The tool is based on control flow analysis of the process calculus LySa ...

Control-flow analyses statically determine the control-flow of programs. This is a nontrivial problem for higher-order programming languages. This work attempts to leverage the power of SAT solvers to answer questions regarding control-flow. A brief overview of a traditional control-flow analysis is presented. Then an encoding is given which has the property that any satisfying assignment will ...

The management of the operations acting over distributed and virtual resources plays an important role for achieving the success of modern distributed applications. In this paper, we advocate a notion of resources as entities with their own local policies and containing their global interactive properties. We introduce a variant of π-calculus with primitives to declare, acquire and release reso...

We present a survey of the work on control-flow analysis carried on by the Venice Team during the Mefisto project. We study security issues, in particular information leakage detection, in the context of the Mobile Ambient calculus. We describe BANANA, a Java-based tool for ambient nesting analysis, by focussing on analysis accuracy and algorithmic optimizations.

We present a framework for specification and security analysis of communication protocols for mobile wireless networks. This setting introduces new challenges which are not being addressed by classical protocol analysis techniques. The main complication stems from the fact that the actions of intermediate nodes and their connectivity can no longer be abstracted into a single unstructured advers...

We report on a case study on control-flow analysis of business process models. We checked 735 industrial business process models from financial services, telecommunications and other domains. We investigated these models for soundness (absence of deadlock and lack of synchronization) using three different approaches: the business process verification tool Woflan, the Petri net model checker LoL...

We report on a case study on control-flow analysis of business process models. We checked 735 industrial business process models from financial services, telecommunications, and other domains. We investigated these models for soundness (absence of deadlock and lack of synchronization) using three different approaches: the business process verification tool Woflan, the Petri net model checker Lo...

We introduce a Control Flow Analysis for Brane Calculi. This verification technique allows properties regarding the behaviour of biological systems to be checked. This is an approximate technique that focusses on the static specification of a system, rather than on its dynamics, striving for effectiveness. Examples illustrate the approach.