Dice Question Streamline Icon: https://streamlinehq.com

Quantifying the loss of security guarantee in software reasoning systems

Determine how to quantify the loss of security guarantee introduced by undecidability, over- or under-approximation, and heuristic choices in software security analyses, so that the impact of these fundamental limits on the trustworthiness of analysis results can be assessed for deployed systems.

Information Square Streamline Icon: https://streamlinehq.com

Background

In discussing the fundamental limits of reasoning about software security, the paper surveys theoretical barriers (e.g., Gödel’s incompleteness, Rice’s theorem) and practical trade-offs (over- and under-approximation) that preclude universal guarantees. Even when analyses are sound, some properties cannot be demonstrated for some programs, leaving a gap between what can be proven and what is needed for assurance.

The authors explicitly note that, beyond these theoretical observations, there is currently no way to quantify the resulting loss of guarantee, highlighting a concrete measurement gap that impedes trustworthy assessment of analysis outcomes.

References

Worse, we currently do not even know how to quantify the loss of guarantee .

Fundamental Challenges in Cybersecurity and a Philosophy of Vulnerability-Guided Hardening (2402.01944 - Böhme, 2 Feb 2024) in Section 2.3.4 Fundamental Limits