## Section: New Results

### Model checking

Participants : Romain Beauxis, Catuscia Palamidessi.

Model checking is the main tool that we aim at developing for the verification of security protocols.

#### Model checking the probabilistic -calculus

In [20] , in collaboration with the PRISM team at Oxford, we have established the basis for an implementation of model checking for the probabilistic -calculus. Building upon the (non-probabilistic) -calculus model checker MMC [52] , we have developed an automated procedure for constructing a Markov decision process representing a probabilistic -calculus process. This representation can then be verified using existing probabilistic model checkers such as PRISM. Secondly, we have demonstrated how for a large class of systems an efficient, compositional approach can be applied, which uses our extension of MMC on each parallel component of the system and then translates the results into a higher-level model description for the PRISM tool.

#### Model checking techniques for computing the information leakage

In [21] we have addressed the problem of computing the information leakage of a system in an efficient way. We have proposed two methods: one based on reducing the problem to reachability, and the other based on techniques from quantitative counterexample generation. The second approach can be used either for exact or approximate computation, and provides feedback for debugging. These methods can be applied also in the case in which the input distribution is unknown. We then have considered the interactive case and we have pointed out that the definition of associated channel proposed in literature is not sound. However, we have shown that the leakage can still be defined consistently, and that our methods extend smoothly to this case.