SecurEval
Improving Digital Systems Security Evaluation
Given a boolean formula , the Max#SAT problem [10, 29] asks for finding a partial model on the set of variables X, maximizing its number of projected models over the set of variables Y. We investigate a strict generalization of Max#SAT allowing dependencies for variables in X, effectively turning it into a synthesis problem. We show that this new problem, called DQMax#SAT, subsumes both the DQBF [23] and DSSAT [19] problems. We provide a general resolution method, based on a reduction to Max#SAT, together with two improvements for dealing with its inherent complexity. We further discuss a concrete application of DQMax#SAT for symbolic synthesis of adaptive attackers in the field of program security. Finally, we report preliminary results obtained on the resolution of benchmark problems using a prototype DQMax#SAT solver implementation.