Computability: Exploring Theoretical Limits of Computation

Slide Note
Embed
Share

Delve into computability theory, focusing on what is computable and the limits of computation. Explore concepts like Rice's Theorem, the Halting Problem, and classes of expressiveness in computability theory, such as combinational logic, finite-state machines, pushdown automata, and Turing machines.

orpheus
orpheus Follow

Uploaded on Apr 16, 2024 | 5 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. EXERCISE #2 OVERVIEW REVIEW Write your name and answer the following on a piece of paper What is Rice s Theorem? How does it interact with the halting problem? 1

  2. COMPUTABILITY EECS 677: Software Security Evaluation Drew Davidson

  3. ADMINISTRIVIA AND ANNOUNCEMENTS

  4. 4 THE HALTING PROBLEM GIVEN AN ARBITRARY COMPUTER PROGRAM AND AN INPUT, DETERMINE WHETHER THE PROGRAM WILL FINISH RUNNING, OR CONTINUE TO RUN FOREVER

  5. TODAYS ROADMAP Decidability The Halting Problem Type I/Type II Errors Soundness / Completeness

  6. 6 THE LIMITS OF COMPUTATION DECIDABILITY Computers! What can t they do?! As we begin our exploration of security evaluation, we care about this question for two reasons: We need to know the capabilities of our analysis target We need to know the capabilities of our analysis engine

  7. 7 THEORETICAL LIMITS OF COMPUTATION DECIDABILITY Computability theory The study of what is computable Focused on abstractions for the sake of generalizability Considers theoretical hardware, for example

  8. 8 COMPUTATIONAL POWER DECIDABILITY What is a program? A set of executable instructions

  9. 9 COMPUTATIONAL POWER DECIDABILITY What is a program? A set of executable instructions There are many formats for programs i.e. programming languages It would be nice to generalize what these programs can compute (without getting bogged down in syntax)

  10. 10 ABSTRACTING COMPUTATION DECIDABILITY Computability theory considers classes of expressiveness Combinational logic Finite-state machines Pushdown automata Turing machines

  11. 11 ABSTRACTING COMPUTATION DECIDABILITY Computability theory considers classes of expressiveness Combinational logic Finite-state machines Pushdown automata Turing machines

  12. 12 ABSTRACTING COMPUTATION DECIDABILITY Computability theory considers classes of expressiveness Combinational logic Finite-state machines Pushdown automata Turing machines

  13. 13 ABSTRACTING COMPUTATION DECIDABILITY Computability theory considers classes of expressiveness Combinational logic Finite-state machines Pushdown automata Turing machines

  14. 14 CHURCH-TURING THESIS DECIDABILITY Roughly: a function on the natural numbers can be calculated if and only if it is computable by a Turing machine Practical Upshot: Turing machines are powerful! Turing Machine

  15. 15 VIBE CHECK DECIDABILITY Does everyone remember why we are doing this? We want to determine the power of our analysis target We want to determine the power of our analysis engine Good news! Both are bounded by Turing computability Next up: abstracting analysis itself

  16. 16 DECISION PROCEDURES DECIDABILITY A little vocabulary: A decision problem is a computational question that can be solved with either a yes or a no. Frequently, we consider decision problems as detection of a property in a program A decision procedure is a method for solving a decision problem that always yields the correct answer If there is no decision procedure for a given decision problem, that decision problem is called undecidable

  17. 17 PROGRAM ANALYSIS AS DECISION PROCEDURE DECIDABILITY Since a program is just a list of instructions, it is valid input to a decision procedure Analysis Target (arbitrary program) Analysis Engine (property detector program) Yes No (property present) (property is not present)

  18. 18 STRONG GUARANTEES DECIDABILITY A decision procedure is a high bar Analysis Target (arbitrary program) Guarantee that: The analysis engine accepts every program The analysis engine always returns an answer The answer returned is always correct Analysis Engine (property detector program) Rice s Theorem Yes No (property present) (property is not present)

  19. TODAYS ROADMAP Decidability The Halting Problem Type I/Type II Errors Soundness / Completeness

  20. 20 STATING THE PROBLEM THE HALTING PROBLEM Given a description of a Turing machine and its initial input, determine whether the program, when executed on this input, ever halts (completes). The alternative is that it runs forever without halting

  21. 21 A HALTING DETECTOR THE HALTING PROBLEM Analysis Target + Input (arbitrary program) Given a description of a Turing machine and its initial input, determine whether the program, when executed on this input, ever halts (completes). The alternative is that it runs forever without halting Halting Detector Is there a decision procedure for the halting problem? - We ll sketch the proof outline that there is NOT - Relies on a proof by contradiction Yes No (target halts) (target spins)

  22. 22 PROOF BY CONTRADICTION THE HALTING PROBLEM Reductio ad absurdum Assuming the premise has obviously incorrect consequences Here: assume there is a halting detector Assumption Black_magic Black_magic Halting Detector black_magic(){ if (halts(black_magic){ while(true){} //Spin } //Halt } Halting Detector Yes No (target halts) (target spins) black_magic halts Black_magic spins spin halt halts(ANY ARBITRARY PROGRAM)

  23. 23 WHO CARES? THE HALTING PROBLEM No halting decision procedure means no reachability decision procedure 1. int main(){ 2. if (my_function()){ 3. int * a = nullptr; 4. *a = 1; 5. } 6. } This program crashes if and only if it reaches line 4, which depends on the result of a function call being true black_magic()

  24. 24 RICE S THEOREM THE HALTING PROBLEM No halting decision procedure means no reachability decision procedure Exhibits the behavior you care about 1. int main(){ 2. if (my_function()){ 3. int * a = nullptr; 4. *a = 1; 5. } 6. } This program crashes if and only if it reaches line 4, which depends on the result of a function call being true black_magic() behavior you care about

  25. 25 RICE S THEOREM THE HALTING PROBLEM All non-trivial semantic properties of programs are undecidable

  26. 26 LIMITATIONS OF RICE S THEOREM THE HALTING PROBLEM Rice s Theorem is less catastrophic than you might expect for security: A decision procedure is a pretty high bar A Turing machine is actually not a perfect approximation of the computers we use! Despite these limitations, it is widely accepted that program analysis is always approximate We can t be right all of the time We can choose what types of errors we make

  27. TODAYS ROADMAP Decidability The Halting Problem Categorizing Program Analyses Soundness / Completeness

  28. 28 TYPES OF ANALYSIS CATEGORIZING PROGRAM ANALYSES In order to determine the properties of a given program analysis, let s frame it as a detector Analysis Target (arbitrary program) Note: we can detect bad behavior or good behavior Analysis Engine (property detector program) Yes No (property present) (property is not present)

  29. 29 CLASSIFYING ERRORS CATEGORIZING PROGRAM ANALYSES False Analysis is wrong True Analysis is correct Analysis Target (arbitrary program) Has report Has report Has bug No bug Positive report bug Type I Error Correct Analysis Engine (bug detector) No report No bug No report Has bug Negative No bug report Type II Error No Correct Yes (property is not present) (buggy)

  30. TODAYS ROADMAP Decidability The Halting Problem Categorizing Program Analyses Soundness / Completeness

  31. 31 GUARANTEES OF IMPERFECT ANALYSES SOUNDNESS / COMPLETENESS Consistency / Reliability super important for users We d like to limit the kinds of errors we report We can choose which type of bug report error to avoid Soundness: No false positives Completeness: No false negatives

  32. 32 VISUAL ANALOGY SOUNDNESS / COMPLETENESS Reported bugs Imagine the universe of all programs is contained in a circle You can draw a circle around the programs you report as buggy The actual buggy programs occupy a jagged region All Programs Buggy programs

  33. 33 VISUAL ANALOGY SOUNDNESS / COMPLETENESS Reported bugs Reported bugs All Programs All Programs False Positive Buggy programs Buggy programs False Negative Sound bug detection All correct programs pass through (No false positive problem) Complete bug detection All buggy programs get flagged (No false negative problem) Some buggy programs pass through (has false negative problem) Some correct programs get flagged (has false positive problem)

  34. 34 TRIVIAL SOUNDNESS CATEGORIZING PROGRAM ANALYSES Reported bugs All Programs Analysis Target (arbitrary program) Buggy programs Analysis Engine (bug detector) False Negative No (property is not present) Sound bug detection All correct programs pass through (No false positive problem) Some buggy programs pass through (has false negative problem)

  35. 35 TRIVIAL COMPLETENESS CATEGORIZING PROGRAM ANALYSES Reported bugs All Programs Analysis Target (arbitrary program) False Positive Buggy programs Analysis Engine (bug detector) Yes (buggy) Complete bug detection All buggy programs get flagged (No false negative problem) Some correct programs get flagged (has false positive problem)

  36. 36 BEYOND ALL-OR-NOTHING SOUNDNESS / COMPLETENESS As you can imagine, soundness and completeness are not the full story Guarantees are nice, but we want legitimately useful analyses! Many practical analyses are neither sound nor complete

  37. 37 STATIC VS DYNAMIC ANALYSIS SOUNDNESS / COMPLETENESS One distinction in analysis is how the analysis treats the target Static analysis Operates without running the program Dynamic analysis - Operates with running the program

  38. 38 ANALYSIS METHOD VS ERRORS SOUNDNESS / COMPLETENESS It s natural to consider the types of compromises of each analysis method Static analysis Often builds a model of the program, makes inferences on that model Tends to make completeness easier Scalability concerns for large programs Dynamic analysis Often performs the analysis by straight up running the program, observing behavior Tends to make soundness easier Coverage problems

  39. 39 ABOUT COVERAGE SOUNDNESS / COMPLETENESS int f(bool b) { Obj * o = null; int v = 2; if (b) { o = new Obj (); v = rand_int(); } if (v == 2){ o->setInvalid() } return o->property(); } Line coverage Branch coverage Path coverage

  40. LECTURE END Summary: - Decidability - Computational Theory - Categorizing analysis

  41. 41

  42. 42

  43. 43

Related


Understanding Combinators and Computability: Unveiling the Foundations

Understanding Combinators and Computability: Unveiling the Foundations

adan680
Fides: A System for Verifiable Computation Using Smart Contracts

Fides: A System for Verifiable Computation Using Smart Contracts

isen_17
Understanding Church-Turing Thesis and Computability with Turing Machines

Understanding Church-Turing Thesis and Computability with Turing Machines

lpaqu
Jeff Edmonds - CSE4111/5111 Computability and Complexity Course Insights

Jeff Edmonds - CSE4111/5111 Computability and Complexity Course Insights

kono_le
Theory of Computation Introduction: Dr. Abdulhussein M. Abdullah

Theory of Computation Introduction: Dr. Abdulhussein M. Abdullah

fletche
Understanding Precise Definitions of Limits in Analysis

Understanding Precise Definitions of Limits in Analysis

lyke_ari
Secure Computation Techniques in RAM Models with Efficient Automation

Secure Computation Techniques in RAM Models with Efficient Automation

terence
Covert Computation: Ensuring Undetectable Engagement

Covert Computation: Ensuring Undetectable Engagement

zazueta_n
Understanding Confidence Limits in Statistical Analysis

Understanding Confidence Limits in Statistical Analysis

merideth_k
Advancements in Active Secure Multiparty Computation (MPC)

Advancements in Active Secure Multiparty Computation (MPC)

dulcie
Actively Secure Arithmetic Computation and VOLE Study

Actively Secure Arithmetic Computation and VOLE Study

cayal
Exploring Secure Computation in the Age of Information

Exploring Secure Computation in the Age of Information

kha_va
Secure Computation Challenges and Solutions in Data Mining

Secure Computation Challenges and Solutions in Data Mining

jalaiahr
Insights into Secure Computation with Minimal Interaction

Insights into Secure Computation with Minimal Interaction

smars
Understanding Theoretical and Conceptual Frameworks in Research

Understanding Theoretical and Conceptual Frameworks in Research

nela
Understanding Revenue Limits and Calculation Process in School Financial Management

Understanding Revenue Limits and Calculation Process in School Financial Management

saha_88
Enhanced Security in Multiparty Computation

Enhanced Security in Multiparty Computation

rocky
Secure Multiparty Computation for Department of Education Data Sharing

Secure Multiparty Computation for Department of Education Data Sharing

inayah
COMET: Code Offload by Migrating Execution - OSDI'12 Summary

COMET: Code Offload by Migrating Execution - OSDI'12 Summary

kawa_lin
Enhancing Multi-Party Computation Efficiency Through ORAM Techniques

Enhancing Multi-Party Computation Efficiency Through ORAM Techniques

jeronimo_a
Secure Two-Party Computation and Basic Secret-Sharing Concepts

Secure Two-Party Computation and Basic Secret-Sharing Concepts

pjiv
Linear Communication in Secure Multiparty Computation for Efficient and Fast Processing

Linear Communication in Secure Multiparty Computation for Efficient and Fast Processing

emer_2
Overview of Turing Machines: Introduction, Tape, and Computation

Overview of Turing Machines: Introduction, Tape, and Computation

math_397
Computation for Real Estate Sector in Bangalore Branch of ICAI

Computation for Real Estate Sector in Bangalore Branch of ICAI

dresd

More Related Content