Computing the infimal superlanguage for generalized observability

In this paper, we derive formulas for computing the infimal observable superlanguage and show their applications in studying intransitive non-interference (INI), a fundamental property used in characterizing the security of computer-based systems and network protocols. The definition of observability is generalized since the original one, although suitable for supervisory control, is not general enough for the study of INI and other security applications. We derive formulas for computing the infimal observable superlanguage, based on this more general definition. We also investigate the implementation of these formulas (i.e., actually computing the automata generating infimal observable superlanguages). At the heart of this implementation, is the computation of a special mapping used by the formulas. It is computed through the construction of an automaton generating the mapped language from the automaton generating the original language. Based on these formulas and their implementations, we address the problem of modifying a system to satisfy the property of INI (i.e., for the purpose of actually securing an insecure system). Our modification is based on computing the infimal iP-observable superlanguage, of a given language, since the property of INI is captured by iP-observability.