Korg is named after the KORG MicroKorg synthesizer, which has a dedicated attack knob (Knob 3). (Source: KORG MicroKorg Owner's Manual, page 9). Image below courtesty of KORG.
- TOC {:toc}
Korg is a tool for attacker synthesis. Specifically, given:
- a system model
P, called the "target process"; - a model
Qcalled the "vulnerable process"- with interface
IO;
- with interface
- and a property
phi,- where
P || Q |= phi,
- where
Korg will try to generate a new process A called an attacker that has the interface IO and violates phi when composed with P.
Intuitively, Korg assumes the adversary can "hack" a process Q in an environment P, and attempts to prove that in so doing, an adversary might induce P to violate phi. The IO is used to stop the adversary from performing actions that Q could never perform in the first place.
See the install docs.
See the usage docs.
Read the #comments in the Makefile. TL;DR:
- To run
experiment1without recovery, domake experiment1. - To run
experiment2orexperiment3, change--phi=demo/TCP/phi1.pmlto--phi=demo/TCP/phi2.pmlor--phi=demo/TCP/phi3.pmlin theexperiment1target. Then domake experiment1. - To run
experiment1with recovery, change--with_recovery=Falseto--with_recovery=Truein theexperiment1target, then domake experiment1. - To reproduce our results, do
make avgExperiment. - To run unit tests for main body of
Korglogic, domake testKorg. - To run unit tests for
Characterize.py, domake testChar. - To run unit tests for
Construct.py, domake testCons. - To run all the unit tests, do
make test. - To clean up after running one of the targets, do
make clean.
See the Usage docs, or, adapt the commands in the Makefile to your needs.
Use Cygwin, or, a virtual machine, or, the Linux Subsystem.
- Please use the Issue Tracker to report any issues. We have not yet tested on Windows.
See interpreting outputs.
See troubleshooting.
Simply build the Dockerfile. It automatically reproduces all results from the paper, and checks these results against a saved copy.