Thu 23 Nov 2023 16:00 - 16:20 at My (MDU Campus) - Security and Safety Chair(s): Wojciech Mostowski

Smart contracts can manage assets worth millions of Euro but are often not formally modeled and, as a consequence, may contain vulnerabilities. This paper explores the application of Dynamic Condition Response (DCR) graphs, initially developed for modeling business processes, to model and analyze smart contracts’ embedded processes. Using DCR graphs, we demonstrate high-level properties in the contracts, such as event partial ordering and role-based access control via empirical analysis of several high-profile successful exploits on smart contracts. The result of our analysis offers valuable insights and underscores the potential of DCR graphs in preventing the vulnerabilities causing the breaches.

Thu 23 Nov

Displayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change

16:00 - 17:20
Security and SafetyNWPT 2023 at My (MDU Campus)
Chair(s): Wojciech Mostowski Halmstad University
16:00
20m
Talk
Exposing Flaws by Modeling Vulnerable-by-Design Smart Contracts
NWPT 2023
Mojtaba Eshghie KTH Royal Institute of Technology, Cyrille Artho KTH Royal Institute of Technology, Sweden, Wolfgang Ahrendt Chalmers University of Technology, Thomas T. Hildebrandt University of Copenhagen, Gerardo Schneider University of Gothenburg
Pre-print
16:20
20m
Talk
Time-Sensitive Control Closure: A Key Component for Secure Information Flow
NWPT 2023
Abu Naser Masud Malardalen University, Björn Lisper Malardalen University
Pre-print
16:40
20m
Talk
Buzzy: An eBPF Fuzzer
NWPT 2023
Mikkel Tolstrup Jensen Aalborg University, Tobias Bruun Sandberg Hansen Aalborg University, Danny Bøgsted Poulsen Aalborg University, René Rydhof Hansen Aalborg University, Denmark
Pre-print
17:00
20m
Talk
Enhancing CRYSTAL: Preventive Recovery in Brief
NWPT 2023
Fereidoun Moradi Mälardalen University, Zahra Moezkarimi Mälardalen University, Marjan Sirjani Malardalen University
Pre-print