Gray-box runtime enforcement of hyperproperties

Hsu, Tzu Han; Oliveira Da Costa, Ana A; Wintenberg, Andrew; Bartocci, Ezio; Bonakdarpour, Borzoo

Gray-box runtime enforcement of hyperproperties

Hsu TH, Oliveira da Costa AA, Wintenberg A, Bartocci E, Bonakdarpour B. 2025. Gray-box runtime enforcement of hyperproperties. Acta Informatica. 62(3), 30.

Download

2025_ActaInformatica_Hsu.pdf 6.51 MB [Published Version]

DOI

10.1007/s00236-025-00502-1

Journal Article | Published | English

Scopus indexed

Author

Hsu, Tzu Han; Oliveira da Costa, Ana A^ISTA; Wintenberg, Andrew; Bartocci, Ezio; Bonakdarpour, Borzoo

Corresponding author has ISTA affiliation

Department

Henzinger_Thomas Group

Grant

Interface Theory for Security and Privacy

Abstract

Enforcement of information-flow policies has been extensively studied by language-based approaches over the past few decades. In this paper, we propose an alternative, novel, general, and effective approach using enforcement of hyperproperties– a powerful formalism for expressing and reasoning about a wide range of information-flow security policies. We study black- vs. gray- vs. white-box enforcement of hyperproperties expressed by nondeterministic finite-word hyperautomata (NFH), where the enforcer has null, some, or complete information about the implementation of the system under scrutiny. Given an NFH, in order to generate a runtime enforcer, we reduce the problem to controller synthesis for hyperproperties and subsequently to the satisfiability problem for quantified Boolean formulas (QBFs). The resulting enforcers are transferable with low-overhead. We conduct a rich set of case studies, including information-flow control for JavaScript code, as well as synthesizing obfuscators for control plants.

Publishing Year

2025

Date Published

2025-09-01

Journal Title

Acta Informatica

Publisher

Springer Nature

Acknowledgement

This project was funded in part by the Austrian Science Fund (FWF) SFB project SpyCoDe F8502, Vienna Science and Technology Fund (WWTF) [10.47379/ICT19018] (ProbInG) and WWTF project ICT22-023 (TAIGER), National Science Foundation (NSF) CPS Award 1837680, NSF award ECCS-2144416 and NSF SaTC Award 2245114. Open access funding provided by Institute of Science and Technology (IST Austria).

Volume

Issue

Article Number

ISSN

0001-5903

eISSN

1432-0525

IST-REx-ID

20186

Cite this

Hsu TH, Oliveira da Costa AA, Wintenberg A, Bartocci E, Bonakdarpour B. Gray-box runtime enforcement of hyperproperties. Acta Informatica. 2025;62(3). doi:10.1007/s00236-025-00502-1

Hsu, T. H., Oliveira da Costa, A. A., Wintenberg, A., Bartocci, E., & Bonakdarpour, B. (2025). Gray-box runtime enforcement of hyperproperties. Acta Informatica. Springer Nature. https://doi.org/10.1007/s00236-025-00502-1

Hsu, Tzu Han, Ana A Oliveira da Costa, Andrew Wintenberg, Ezio Bartocci, and Borzoo Bonakdarpour. “Gray-Box Runtime Enforcement of Hyperproperties.” Acta Informatica. Springer Nature, 2025. https://doi.org/10.1007/s00236-025-00502-1.

T. H. Hsu, A. A. Oliveira da Costa, A. Wintenberg, E. Bartocci, and B. Bonakdarpour, “Gray-box runtime enforcement of hyperproperties,” Acta Informatica, vol. 62, no. 3. Springer Nature, 2025.

Hsu TH, Oliveira da Costa AA, Wintenberg A, Bartocci E, Bonakdarpour B. 2025. Gray-box runtime enforcement of hyperproperties. Acta Informatica. 62(3), 30.

Hsu, Tzu Han, et al. “Gray-Box Runtime Enforcement of Hyperproperties.” Acta Informatica, vol. 62, no. 3, 30, Springer Nature, 2025, doi:10.1007/s00236-025-00502-1.

All files available under the following license(s):

Creative Commons Attribution 4.0 International Public License (CC-BY 4.0):