ISSN 0361-7688, Programming and Computer Software, 2018, Vol. 44, No. 3, pp. 190–199. © Pleiades Publishing, Ltd., 2018.
Original Russian Text © A.V. Kozachok, E.V. Kochetkov, 2018, published in Trudy Instituta Sistemnogo Programmirovaniya, 2017, Vol. 1, No. 2.
Prototype of a Verified Program
Code Execution System
A. V. Kozachok
* and E. V. Kochetkov
Academy of Federal Guard Service,
ul. Priborostroitel’naya 35, Orel, 302034 Russia
Received January 20, 2018
Abstract—This paper describes technical implementation of a verified program code execution system.
The functional purpose of the system is to investigate arbitrary executable files of an operating system in the
absence of source codes in order to control program code execution within specified functional requirements.
The prerequisites for development of such a system are outlined and a user’s operating procedure with two
typical usage scenarios is described. General description of the architecture of the system and software used
for its implementation, including the mechanism of interaction among system elements, is presented.
A model example of implementing the system is considered. A flexible set of functional constraints based on
a temporal attribute of process action is described. In conclusions, a brief comparison with the closest analogs
Social progress entails a widespread introduction of
information technologies into all spheres of public
administration and life support infrastructure of soci-
ety, including automatic process control systems
(APCSs) used by critical information infrastructure
(CII) entities. Protecting those entities is one of the
strategic national goals in the sphere of information
This goal cannot be achieved without considering
information security challenges associated with occur-
rence of previously unknown threats. Cyber attacks on
network infrastructure elements of CII entities, which
can undermine normal operation of APCSs, are
among these threats.
Information security problems for governmental
entities are largely investigated as they concern,
directly or indirectly, protection of classified informa-
tion. In recent years, close attention has been drawn to
information security of CII entities, including infor-
mation systems, computer networks, and APCSs in
defense, oil and gas, nuclear, and other industries, due
to a number of incidents associated with violation of
normal operation of such entities . Present-day
cyber attacks on CII entities, the so-called advanced
persistent threats (APTs) , are characterized by
their complexity, continuity, and purposefulness.
An APT attack includes preparatory activities aimed at
complex estimation of CII information security,
including identification of hardware and software
means used for information protection, communica-
tion routes, order of information processing and stor-
age, and organizational measures to protect sensitive
information against unauthorized access. This allows
actors behind APTs to find vulnerabilities in security
systems and exploit them to infiltrate CII network
Obviously, to undermine critical processes in CII enti-
ties, with or without involvement of an insider, attackers
employ malware and social engineering techniques .
Antivirus software is the main tool, among other
defense mechanisms, to protect against APT in CII
networks. According to experimental estimates of
modern antivirus software, the probability of type I
and type II errors in malware detection mechanisms is
approximately And yet, a significant num-
ber of malware exemplars remain undetected .
In our opinion, the most promising method is to
develop mechanisms based on a “prohibiting” strategy
of privilege and executable files separation  because
it can significantly increase confidence in the content
arriving from the external environment.
2. PREVIOUS WORKS
To solve this problem, we suggest an implementa-
tion of a verified program code execution system
(VPCES) based on the model checking method,