Abstract:
We propose a type system to enforce the security property of noninterference in a core reactive language, obtained by extending the imperative language of Volpano, Smith and Irvine with reactive primitives manipulating broadcast signals and with a form of ``scheduled'' parallelism. Due to the particular nature of reactive computations, the definition of noninterference has to be adapted. We give a formulation of noninterference based on bisimulation. Our type system is inspired by that introduced by Boudol and Castellani, and independently by Smith, to cope with timing leaks in a language for parallel programs with scheduling. We establish the soundness of this type system with respect to our notion of noninterference.

[.pdf]