Your search keyword '"automated verification"' showing total 240 results

1. Verifying Cake-Cutting, Faster

Author

Bertram, Noah, Lai, Tean, Hsu, Justin, Goos, Gerhard, Series Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Gurfinkel, Arie, editor, and Ganesh, Vijay, editor

Published

2024

2. Blockchain-Enabled IoV Framework for Establishing Automated Communication Using Smart Contract

Author

Chakraborty, Rakhi, Dasgupta, Kousik, Das, Debashis, Banerjee, Sourav, Ghosh, Uttam, Filipe, Joaquim, Editorial Board Member, Ghosh, Ashish, Editorial Board Member, Prates, Raquel Oliveira, Editorial Board Member, Zhou, Lizhu, Editorial Board Member, Dasgupta, Kousik, editor, Mukhopadhyay, Somnath, editor, Mandal, Jyotsna K., editor, and Dutta, Paramartha, editor

Published

2024

3. Towards Building Verifiable CPS using Lingua Franca.

Author

SHAOKAI LIN, MANERKAR, YATIN A., LOHSTROH, MARTEN, POLGREEN, ELIZABETH, SHENG-JUNG YU, JERAD, CHADLIA, LEE, EDWARD A., and SESHIA, SANJIT A.

Subjects

CYBER physical systems, SOFTWARE verification, SEMANTICS

Abstract

Formal verification of cyber-physical systems (CPS) is challenging because it has to consider real-time and concurrency aspects that are often absent in ordinary software. Moreover, the software in CPS is often complex and low-level, making it hard to assure that a formal model of the system used for verification is a faithful representation of the actual implementation, which can undermine the value of a verification result. To address this problem, we propose a methodology for building verifiable CPS based on the principle that a formal model of the software can be derived automatically from its implementation. Our approach requires that the system implementation is specified in Lingua Franca (LF), a polyglot coordination language tailored for real-time, concurrent CPS, which we made amenable to the specification of safety properties via annotations in the code. The program structure and the deterministic semantics of LF enable automatic construction of formal axiomatic models directly from LF programs. The generated models are automatically checked using Bounded Model Checking (BMC) by the verification engine Uclid5 using the Z3 SMT solver. The proposed technique enables checking a well-defined fragment of Safety Metric Temporal Logic (Safety MTL) formulas. To ensure the completeness of BMC, we present a method to derive an upper bound on the completeness threshold of an axiomatic model based on the semantics of LF. We implement our approach in the LF Verifier and evaluate it using a benchmark suite with 22 programs sampled from real-life applications and benchmarks for Erlang, Lustre, actor-oriented languages, and RTOSes. The LF Verifier correctly checks 21 out of 22 programs automatically. [ABSTRACT FROM AUTHOR]

Published

2023

4. A Relational Program Logic with Data Abstraction and Dynamic Framing.

Author

BANERJEE, ANINDYA, NAGASAMUDRAM, RAMANA, NAUMANN, DAVID, and NIKOUEI, MOHAMMAD

Abstract

In a paper published in 1972, Hoare articulated the fundamental notions of hiding invariants and simulations. Hiding: invariants on encapsulated data representations need not be mentioned in specifications that comprise the API of a module. Simulation: correctness of a new data representation and implementation can be established by proving simulation between the old and new implementations using a coupling relation defined on the encapsulated state. These results were formalized semantically and for a simple model of state, though the paper claimed this could be extended to encompass dynamically allocated objects. In recent years, progress has been made toward formalizing the claim, for simulation, though mainly in semantic developments. In this article, hiding and simulation are combined with the idea in Hoare’s 1969 paper: a logic of programs. For an object-based language with dynamic allocation, we introduce a relational Hoare logic with stateful frame conditions that formalizes encapsulation, hiding of invariants, and couplings that relate two implementations. Relations and other assertions are expressed in first-order logic. Specifications can express a wide range of relational properties such as conditional equivalence and noninterference with declassification. The proof rules facilitate relational reasoning by means of convenient alignments and are shown sound with respect to a conventional operational semantics. A derived proof rule for equivalence of linked programs directly embodies representation independence. Applicability to representative examples is demonstrated using an SMT-based implementation [ABSTRACT FROM AUTHOR]

Published

2022

5. Deciding a Fragment of -Privacy

Author

Fernet, Laouen, Mödersheim, Sebastian, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Roman, Rodrigo, editor, and Zhou, Jianying, editor

Published

2021

6. Secure Key Management Policies in Strand Spaces

Author

Focardi, Riccardo, Luccio, Flaminia L., Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Dougherty, Daniel, editor, Meseguer, José, editor, Mödersheim, Sebastian Alexander, editor, and Rowe, Paul, editor

Published

2021

7. Gobra: Modular Specification and Verification of Go Programs

Author

Wolf, Felix A., Arquint, Linard, Clochard, Martin, Oortwijn, Wytse, Pereira, João C., Müller, Peter, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Silva, Alexandra, editor, and Leino, K. Rustan M., editor

Published

2021

8. Quantitative Access Control Policy Analysis and Repair Using Model Counting

Author

Eiers, William

Subjects

Computer science, Automata, Automated Verification, Model Counting, Policy Analysis, Quantitative Analysis, Software Engineering

Abstract

Due to ubiquitous use of software services, protecting the confidentiality of private information stored in compute clouds is becoming an increasingly critical problem. Although access control specification languages and libraries provide mechanisms for protecting confidentiality of information, without verification and validation techniques that can assist users in writing policies, complex policy specifications are likely to have errors that can lead to unintended and unauthorized access to data, possibly with disastrous consequences. Current state-of-the art approaches focus on either assertion checking which requires manual specification of assertions (which may not be available or difficult to write) or compare existing policies and report binary results (such as policy 1 is more permissive than policy 2). These techniques however cannot perform quantitative analysis on policies (how much more permissive is policy 1 than policy 2?). It is crucial to develop automated approaches for quantitatively assessing properties of access control policies.Model counting is an emerging area with applications in quantitative analysis. A model counting constraint solver computes the number of solutions for a given constraint within a given bound. Recently, model counting constraint solvers have also been applied to automating quantitative software verification, analysis and security tasks. The goal in quantitative program analysis is not to just give a ``yes'' or ``no'' answer, but to also quantify the result. For example, rather than answering if there is information leakage in a program with a ``yes'' or ``no'' answer, quantitative analysis techniques can compute the amount of information leaked. In this dissertation, we first discuss state-of-the-art techniques for model counting using automata-theoretic techniques and its applications in quantitative program analysis. We then introduce the revamped model counting constraint solver ABC2. Next, we discuss how model counting techniques can be combined with traditional policy analysis approaches to perform quantitative analysis of access control policies, culminating in the open-source policy analysis tool Quacky. At the end, we introduce a quantitative symbolic analysis approach for automated policy repair for fixing overly permissive policies.

Published

2023

9. Framework to Verify Distributed IoT Solutions for Traffic Analysis in ATN Stations

Author

Czejdo, Bogdan, Daszczuk, Wiktor B., Kacprzyk, Janusz, Series Editor, Pal, Nikhil R., Advisory Editor, Bello Perez, Rafael, Advisory Editor, Corchado, Emilio S., Advisory Editor, Hagras, Hani, Advisory Editor, Kóczy, László T., Advisory Editor, Kreinovich, Vladik, Advisory Editor, Lin, Chin-Teng, Advisory Editor, Lu, Jie, Advisory Editor, Melin, Patricia, Advisory Editor, Nedjah, Nadia, Advisory Editor, Nguyen, Ngoc Thanh, Advisory Editor, Wang, Jun, Advisory Editor, Zamojski, Wojciech, editor, Mazurkiewicz, Jacek, editor, Sugier, Jarosław, editor, and Walkowiak, Tomasz, editor

Published

2020

10. Random Probing Security: Verification, Composition, Expansion and New Constructions

Author

Belaïd, Sonia, Coron, Jean-Sébastien, Prouff, Emmanuel, Rivain, Matthieu, Taleb, Abdul Rahman, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Micciancio, Daniele, editor, and Ristenpart, Thomas, editor

Published

2020

11. Tornado: Automatic Generation of Probing-Secure Masked Bitsliced Implementations

Author

Belaïd, Sonia, Dagand, Pierre-Évariste, Mercadier, Darius, Rivain, Matthieu, Wintersdorff, Raphaël, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Canteaut, Anne, editor, and Ishai, Yuval, editor

Published

2020

12. Concise outlines for a complex logic: a proof outline checker for TaDA.

Author

Wolf, Felix A., Schwerhoff, Malte, and Müller, Peter

Subjects

LOGIC, SOFTWARE verification, CHECKERS

Abstract

Modern separation logics allow one to prove rich properties of intricate code, e.g., functional correctness and linearizability of non-blocking concurrent code. However, this expressiveness leads to a complexity that makes these logics difficult to apply. Manual proofs or proofs in interactive theorem provers consist of a large number of steps, often with subtle side conditions. On the other hand, automation with dedicated verifiers typically requires sophisticated proof search algorithms that are specific to the given program logic, resulting in limited tool support that makes it difficult to experiment with program logics, e.g., when learning, improving, or comparing them. Proof outline checkers fill this gap. Their input is a program annotated with the most essential proof steps, just like the proof outlines typically presented in papers. The tool then checks automatically that this outline represents a valid proof in the program logic. In this paper, we systematically develop a proof outline checker for the TaDA logic, which reduces the checking to a simpler verification problem, for which automated tools exist. Our approach leads to proof outline checkers that provide substantially more automation than interactive provers, but are much simpler to develop than custom automatic verifiers. [ABSTRACT FROM AUTHOR]

Published

2022

13. Dependable learning-enabled multiagent systems.

Author

Huang, Xiaowei, Peng, Bei, Zhao, Xingyu, Albrecht, Stefano V., and Woolridge, Michael

Subjects

*MULTIAGENT systems, *SUPERVISED learning, *REINFORCEMENT learning, *RELIABILITY in engineering, *EPISTEMIC logic, *MACHINE learning

Abstract

We are concerned with the construction, formal verification, and safety assurance of dependable multiagent systems. For the case where the system (agents and their environment) can be explicitly modelled, we develop formal verification methods over several logic languages, such as temporal epistemic logic and strategy logic, to reason about the knowledge and strategy of the agents. For the case where the system cannot be explicitly modelled, we study multiagent deep reinforcement learning, aiming to develop efficient and scalable learning methods for cooperative multiagent tasks. In addition to these, we develop (both formal and simulation-based) verification methods for the neural network based perception agent that is trained with supervised learning, considering its safety and robustness against attacks from an adversarial agent, and other approaches (such as explainable AI, reliability assessment, and safety argument) for the analysis and assurance of the learning components. Our ultimate objective is to combine formal methods, machine learning, and reliability engineering to not only develop dependable learning-enabled multiagent systems but also provide rigorous methods for the verification and assurance of such systems. [ABSTRACT FROM AUTHOR]

Published

2022

14. Mean-Payoff Games with ω-Regular Specifications.

Author

Gutierrez, Julian, Steeples, Thomas, and Wooldridge, Michael

Abstract

Multi-player mean-payoff games are a natural formalism for modelling the behaviour of concurrent and multi-agent systems with self-interested players. Players in such a game traverse a graph, while attempting to maximise a (mean-)payoff function that depends on the play generated. As with all games, the equilibria that could arise may have undesirable properties. However, as system designers, we typically wish to ensure that equilibria in such systems correspond to desirable system behaviours, for example, satisfying certain safety or liveness properties. One natural way to do this would be to specify such desirable properties using temporal logic. Unfortunately, the use of temporal logic specifications causes game theoretic verification problems to have very high computational complexity. To address this issue, we consider ω-regular specifications. These offer a concise and intuitive way of specifying system behaviours with a comparatively low computational overhead. The main results of this work are characterisation and complexity bounds for the problem of determining if there are equilibria that satisfy a given ω-regular specification in a multi-player mean-payoff game in a number of computationally relevant game-theoretic settings. [ABSTRACT FROM AUTHOR]

Published

2022

15. Adventures in the Analysis of Access Control Policies

Author

Truong, Anh, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Dang, Tran Khanh, editor, Küng, Josef, editor, Takizawa, Makoto, editor, and Bui, Son Ha, editor

Published

2019

16. maskVerif: Automated Verification of Higher-Order Masking in Presence of Physical Defaults

Author

Barthe, Gilles, Belaïd, Sonia, Cassiers, Gaëtan, Fouque, Pierre-Alain, Grégoire, Benjamin, Standaert, Francois-Xavier, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Sako, Kazue, editor, Schneider, Steve, editor, and Ryan, Peter Y. A., editor

Published

2019

17. An Automatically Verified Prototype of the Tokeneer ID Station Specification.

Author

Cristiá, Maximiliano and Rossi, Gianfranco

Subjects

PROGRAMMING languages, FORMAL methods (Computer science), RAPID prototyping, CONSTRAINT programming

Abstract

The Tokeneer project was an initiative set forth by the National Security Agency (NSA, USA) to be used as a demonstration that developing highly secure systems can be made by applying rigorous methods in a cost-effective manner. Altran UK was selected by NSA to carry out the development of the Tokeneer ID Station. The company wrote a Z specification later implemented in the SPARK Ada programming language, which was verified using the SPARK Examiner toolset. In this paper, we show that the Z specification can be readily and naturally encoded in the { l o g } set constraint language, thereby generating a functional prototype. Furthermore, we show that { l o g } 's automated proving capabilities can discharge all the proof obligations concerning state invariants as well as important security properties. As a consequence, the prototype can be regarded as correct with respect to the verified properties. This provides empirical evidence that Z users can use { l o g } to generate correct prototypes from their Z specifications. In turn, these prototypes enable or simplify some verification activities discussed in the paper. [ABSTRACT FROM AUTHOR]

Published

2021

18. Automated Verification of Building Components Using BIM Models and Point Clouds

Author

Honti Richard, Erdélyi Ján, Bariczová Gabriela, Funtík Tomáš, and Mayer Pavol

Subjects

verification of buildings, point clouds, bim, automated verification, ifc, Engineering (General). Civil engineering (General), TA1-2040

Abstract

One of the most important parts of construction work is the verification of the geometry of the parts of structures and buildings constructed. Today this procedure is often semi- or fully automated. The paper introduces an approach for the automated verification of parts of buildings, by comparing the design of a building (as-planned model), derived from a Building Information Model (BIM) in an Industry Foundation Classes (IFC) exchange format to a terrestrial laser scanning (TLS) point cloud (as-built model). The approach proposed has three main steps. The process begins with the acquisition of information from the as-planned model in the IFC exchange format; the second step is the automated (wall) plane segmentation from the point cloud. In the last step, the two models mentioned are compared to determine the deviations from the design, and the as-built wall flatness quantification is also executed. The potential of the proposed algorithm is shown in a case-study.

Published

2020

19. RustHorn: CHC-based Verification for Rust Programs.

Author

YUSUKE MATSUSHITA, TAKESHI TSUKADA, and NAOKI KOBAYASHI

Subjects

*MEMORY, *PROTOTYPES

Abstract

Reduction to satisfiability of constrained Horn clauses (CHCs) is a widely studied approach to automated program verification. Current CHC-based methods, however, do not work very well for pointer-manipulating programs, especially those with dynamic memory allocation. This article presents a novel reduction of pointer-manipulating Rust programs into CHCs, which clears away pointers and memory states by leveraging Rust's guarantees on permission. We formalize our reduction for a simplified core of Rust and prove its soundness and completeness. We have implemented a prototype verifier for a subset of Rust and confirmed the effectiveness of our method. [ABSTRACT FROM AUTHOR]

Published

2021

20. Rational verification: game-theoretic verification of multi-agent systems.

Author

Abate, Alessandro, Gutierrez, Julian, Hammond, Lewis, Harrenstein, Paul, Kwiatkowska, Marta, Najib, Muhammad, Perelli, Giuseppe, Steeples, Thomas, and Wooldridge, Michael

Subjects

COMPUTER science, MULTIAGENT systems, ARTIFICIAL intelligence

Abstract

We provide a survey of the state of the art of rational verification: the problem of checking whether a given temporal logic formula ϕ is satisfied in some or all game-theoretic equilibria of a multi-agent system – that is, whether the system will exhibit the behavior ϕ represents under the assumption that agents within the system act rationally in pursuit of their preferences. After motivating and introducing the overall framework of rational verification, we discuss key results obtained in the past few years as well as relevant related work in logic, AI, and computer science. [ABSTRACT FROM AUTHOR]

Published

2021

21. Towards efficient verification of population protocols.

Author

Blondin, Michael, Esparza, Javier, Jaax, Stefan, and Meyer, Philipp J.

Subjects

ALGORITHMS, PETRI nets, DECISION making

Abstract

Population protocols are a well established model of computation by anonymous, identical finite-state agents. A protocol is well-specified if from every initial configuration, all fair executions of the protocol reach a common consensus. The central verification question for population protocols is the well-specification problem: deciding if a given protocol is well-specified. Esparza et al. have recently shown that this problem is decidable, but with very high complexity: it is at least as hard as the Petri net reachability problem, which is TOWER-hard, and for which only algorithms of non-primitive recursive complexity are currently known. In this paper we introduce the class WS 3 of well-specified strongly-silent protocols and we prove that it is suitable for automatic verification. More precisely, we show that WS 3 has the same computational power as general well-specified protocols, and captures standard protocols from the literature. Moreover, we show that the membership and correctness problems for WS 3 reduce to solving boolean combinations of linear constraints over N . This allowed us to develop the first software able to automatically prove correctness for all of the infinitely many possible inputs. [ABSTRACT FROM AUTHOR]

Published

2021

22. Formal Verification of a Vehicle-to-Vehicle (V2V) Messaging System

Author

Tullsen, Mark, Pike, Lee, Collins, Nathan, Tomb, Aaron, Hutchison, David, Series Editor, Kanade, Takeo, Series Editor, Kittler, Josef, Series Editor, Kleinberg, Jon M., Series Editor, Mattern, Friedemann, Series Editor, Mitchell, John C., Series Editor, Naor, Moni, Series Editor, Pandu Rangan, C., Series Editor, Steffen, Bernhard, Series Editor, Terzopoulos, Demetri, Series Editor, Tygar, Doug, Series Editor, Weikum, Gerhard, Series Editor, Chockler, Hana, editor, and Weissenbacher, Georg, editor

Published

2018

23. On Automated Detection of Multi-Protocol Attacks Using AVISPA

Author

Garg, Varun, Mathuria, Anish, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Shyamasundar, Rudrapatna K., editor, Singh, Virendra, editor, and Vaidya, Jaideep, editor

Published

2017

24. Formal Design Flows for Embedded IoT Hardware

Author

Dossis, Michael, Keramidas, Georgios, editor, Voros, Nikolaos, editor, and Hübner, Michael, editor

Published

2017

25. Techniques and tools for the verification of concurrent systems

Author

Palikareva, Hristina, Roscoe, A. W., and Ouaknine, Joel

Subjects

004.35, Theory and automated verification, Communicating Sequential Processing (CSP), Program development and tools, Mathematical logic and foundations, automated verification, model checking, concurrency, process algebra, symbolic techniques, static analysis, livelock, abstraction, tools

Abstract

Model checking is an automatic formal verification technique for establishing correctness of systems. It has been widely used in industry for analysing and verifying complex safety-critical systems in application domains such as avionics, medicine and computer security, where manual testing is infeasible and even minor errors could have dire consequences. In our increasingly parallelised world, concurrency has become pivotal and seamlessly woven within programming paradigms, however, extremely challenging when it comes to modelling and establishing correctness of intended behaviour. Tools for model checking concurrent systems face severe limitations due to scalability problems arising from the need to examine all possible interleavings (schedules) of executions of parallel components. Moreover, concurrency poses additional challenges to model checking, giving rise to phenomena such as nondeterminism, deadlock, livelock, etc. In this thesis we focus on adapting and developing novel model-checking techniques for concurrent systems in the setting of the process algebra CSP and its primary model checker FDR. CSP allows for a compact modelling and precise analysis of event-based concurrency, grounded on synchronous message passing as a fundamental mechanism of inter-component communication. In particular, we investigate techniques based on symbolic model checking, static analysis and abstraction, all of them exploiting the compositionality inherent in CSP and targeting to increase the scale of systems that can be tractably analysed. Firstly, we investigate symbolic model-checking techniques based on Boolean satisfiability (SAT), which we adapt for the traces model of CSP. We tailor bounded model checking (BMC), that can be used for bug detection, and temporal k-induction, which aims at establishing inductiveness of properties and is capable of both bug finding and establishing the correctness of systems. Secondly, we propose a static analysis framework for establishing livelock freedom of CSP processes, with lessons for other concurrent formalisms. As opposed to traditional exhaustive state-space exploration, our framework employs a system of rules on the syntax of a process to calculate a sound approximation of its fair/co-fair sets of events. The rules either safely classify a process as livelock-free or report inconclusiveness, thereby trading accuracy for speed. Finally, we develop a series of abstraction/refinement schemes for the traces, stable-failures and failures-divergences models of CSP and embed them into a fully automated and compositional CEGAR framework. For each of those techniques we present an implementation and an experimental evaluation on a set of CSP benchmarks.

Published

2012

26. Mean-Payoff Games with ω-Regular Specifications

Author

Julian Gutierrez, Thomas Steeples, and Michael Wooldridge

Subjects

multi-player games, mean-payoff games, automated verification, temporal logic, game theory, equilibria, Technology, Social Sciences

Abstract

Multi-player mean-payoff games are a natural formalism for modelling the behaviour of concurrent and multi-agent systems with self-interested players. Players in such a game traverse a graph, while attempting to maximise a (mean-)payoff function that depends on the play generated. As with all games, the equilibria that could arise may have undesirable properties. However, as system designers, we typically wish to ensure that equilibria in such systems correspond to desirable system behaviours, for example, satisfying certain safety or liveness properties. One natural way to do this would be to specify such desirable properties using temporal logic. Unfortunately, the use of temporal logic specifications causes game theoretic verification problems to have very high computational complexity. To address this issue, we consider ω-regular specifications. These offer a concise and intuitive way of specifying system behaviours with a comparatively low computational overhead. The main results of this work are characterisation and complexity bounds for the problem of determining if there are equilibria that satisfy a given ω-regular specification in a multi-player mean-payoff game in a number of computationally relevant game-theoretic settings.

Published

2022

27. Small model theorems for data independent systems in Alloy

Author

Momtahan, Lee and Roscoe, Bill

Subjects

005.3, Computer science (mathematics), Automated verification, data independence, Alloy

Abstract

A system is data independent in a type T if the only operations allowed on variables of type T are input, output, assignment and equality testing. This property can be exploited to give procedures for the automatic verification of such systems independently of the instance of the type T. Alloy is an extension of first-order logic for modelling software systems. Alloy has a fully automatic analyzer which attempts to refute Alloy formulas by searching for counterexamples within a finite scope. However, failure to find a counterexample does not prove the formula correct. A small model theorem is a theorem which shows that if a formula has a model then it has a model within some finite scope. The contribution of this thesis is to give a small model theorem which applies when modelling data-independent systems in Alloy. The theorem allows one to detect automatically whether an Alloy formula is data independent in some type T and then calculate a threshold scope for T, thereby completing the analysis of the automatic analyzer with respect to the type T. We derive the small model theorem using a model-theoretic approach. We build on the standard semantics of the Alloy language and introduce a more abstract interpretation of formulas, by way of a Galois insertion. This more abstract interpretation gives the same truth value as the original interpretation for many formulas. Indeed we show that this property holds for any formula built with a limited set of language constructors which we call data-independent constructors. The more abstract interpretation is designed so that it often lies within a finite scope and we can calculate whether this is the case and exactly how big the finite scope need be from the types of the free variables in the formula. In this way we can show that if a formula has any instance or counterexample at all then it has one within a threshold scope, the size of which we can calculate.

Published

2007

28. A game-based approximate verification of deep neural networks with provable guarantees.

Author

Wu, Min, Wicker, Matthew, Ruan, Wenjie, Huang, Xiaowei, and Kwiatkowska, Marta

Subjects

*MONTE Carlo method, *TRAFFIC signs & signals, *SEARCH algorithms, *DRIVERLESS cars, *SURETYSHIP & guaranty

Abstract

Despite the improved accuracy of deep neural networks, the discovery of adversarial examples has raised serious safety concerns. In this paper, we study two variants of pointwise robustness, the maximum safe radius problem, which for a given input sample computes the minimum distance to an adversarial example, and the feature robustness problem, which aims to quantify the robustness of individual features to adversarial perturbations. We demonstrate that, under the assumption of Lipschitz continuity, both problems can be approximated using finite optimisation by discretising the input space, and the approximation has provable guarantees, i.e., the error is bounded. We then show that the resulting optimisation problems can be reduced to the solution of two-player turn-based games, where the first player selects features and the second perturbs the image within the feature. While the second player aims to minimise the distance to an adversarial example, depending on the optimisation objective the first player can be cooperative or competitive. We employ an anytime approach to solve the games, in the sense of approximating the value of a game by monotonically improving its upper and lower bounds. The Monte Carlo tree search algorithm is applied to compute upper bounds for both games, and the Admissible A⁎ and the Alpha-Beta Pruning algorithms are, respectively, used to compute lower bounds for the maximum safety radius and feature robustness games. When working on the upper bound of the maximum safe radius problem, our tool demonstrates competitive performance against existing adversarial example crafting algorithms. Furthermore, we show how our framework can be deployed to evaluate pointwise robustness of neural networks in safety-critical applications such as traffic sign recognition in self-driving cars. [ABSTRACT FROM AUTHOR]

Published

2020

29. AUTOMATION AND GAMIFICATION OF COMPUTER SCIENCE STUDY.

Author

ZSIGMOND, IMRE

Subjects

GAMIFICATION, COLLEGE teachers, AUTOMATION, SCIENCE teachers, COMPUTER science

Abstract

A large part of the job of a university teacher in computer science is to verify student exercises. The task of verifying correctness, coding style, conventions, and grading is laborious and if done correctly leaves little time for questions. Automating aspects of this work helps all parties involved by freeing time up for questions. The solution detailed in the paper automates a number of these tasks and provides near instant feedback for the students, together with a platform to gamify student learning. [ABSTRACT FROM AUTHOR]

Published

2019

30. Quicksort Revisited : Verifying Alternative Versions of Quicksort

Author

Certezeanu, Razvan, Drossopoulou, Sophia, Egelund-Muller, Benjamin, Leino, K. Rustan M., Sivarajan, Sinduran, Wheelhouse, Mark, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Ábrahám, Erika, editor, Bonsangue, Marcello, editor, and Johnsen, Einar Broch, editor

Published

2016

31. A Robust Framework for Securing Composed Web Services

Author

Ben Said, Najah, Abdellatif, Takoua, Bensalem, Saddek, Bozga, Marius, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Braga, Christiano, editor, and Ölveczky, Peter Csaba, editor

Published

2016

32. Analyzing and Fixing the QACCE Security of QUIC

Author

Sakurada, Hideki, Yoneyama, Kazuki, Hanatani, Yoshikazu, Yoshida, Maki, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Chen, Lidong, editor, McGrew, David, editor, and Mitchell, Chris, editor

Published

2016

33. Improving the Synthesis of Annotations for Partially Automated Deductive Verification

Author

Manjikian, Hovig and Manjikian, Hovig

Abstract

This work investigates possible improvements to an existing annotation inference tool. The tool is part of a toolchain that aims to automate the process of software verification using formal methods. The purpose of the annotations is to facilitate the use of deductive verification, which is the formal method used in this project for proving that a given program meets its specifications. In the project, two categories of annotations are established. The first category is the category of functional annotations. These annotations describe the behavior of a function or a module. The other category is what we call auxiliary annotations. These annotations describe properties that are necessary for proving the correctness of the functional annotations. The tool that this work tries to improve is dedicated to inferring the auxiliary annotations. To our knowledge, this is the first tool of its kind to automatically infer auxiliary annotations for a complete module given the module’s source code and its interface specifications. The work contributed in four areas: inferring annotations from the interface specifications of a module and propagating these annotations to all the helper functions used in the module; inferring annotations for floating-point constructs; inferring annotations for pointer constructs; and finally, inferring annotations for array constructs. The improved tool was tested on production embedded code used in the heavy automotive industry. The results demonstrated a considerable improvement and were in line with earlier findings. The work confirms the feasibility and usability of auxiliary annotation inference in this scope., Detta arbete undersöker möjliga förbättringar av ett befintligt verktyg för härledning av annoteringar (annotations). Verktyget är en komponent i en verktygskedja som syftar till att automatisera processen för mjukvaruverifiering med formella metoder. Syftet med annoteringarna är att underlätta användningen av deduktiv verifiering, vilket är den formella metod som används i detta projekt för att bevisa att ett givet program uppfyller dess specifikationer. I projektet fastställs två kategorier av annoteringar. Den första kategorin är kategorin funktionella annoteringar. Dessa annoteringar beskriver beteendet hos en funktion eller en modul. Den andra kategorin är vad vi kallar hjälp annoteringar (auxiliary annotations). Dessa annoteringar beskriver egenskaper som är nödvändiga för att bevisa korrektheten av de funktionella annoteringarna. Verktyget som detta arbete försöker förbättra är dedikerat till att härleda hjälp annoteringar. Arbetet bidrog inom fyra områden: att härleda annoteringar från gränssnittsspecifikationerna (interface specifications) för en modul och sprida dessa annoteringar till alla hjälpfunktioner som används i modulen; härleda annoteringar för flyttalskonstruktioner (floating-point constructs); härleda annoteringar för pekarkonstruktioner; och slutligen, härleda annoteringar för arraykonstruktioner. Det förbättrade verktyget testades på produktionsinbyggdad kod som används inom fordonsindustrin. Resultaten visade en avsevärd förbättring och var i linje med tidigare resultat. Arbetet bekräftar genomförbarheten och användbarheten av hjälpannoteringshärledning i projektets omfattning.

Published

2023

34. LoRe: A Programming Model for Verifiably Safe Local-First Software (Artifact)

Author

Julian Haas and Ragnar Mogk and Elena Yanakieva and Annette Bieniusa and Mira Mezini, Haas, Julian, Mogk, Ragnar, Yanakieva, Elena, Bieniusa, Annette, Mezini, Mira, Julian Haas and Ragnar Mogk and Elena Yanakieva and Annette Bieniusa and Mira Mezini, Haas, Julian, Mogk, Ragnar, Yanakieva, Elena, Bieniusa, Annette, and Mezini, Mira

Abstract

Local-first software manages and processes private data locally while still enabling collaboration between multiple parties connected via partially unreliable networks. Such software typically involves interactions with users and the execution environment (the outside world). The unpredictability of such interactions paired with their decentralized nature make reasoning about the correctness of local-first software a challenging endeavor. Yet, existing solutions to develop local-first software do not provide support for automated safety guarantees and instead expect developers to reason about concurrent interactions in an environment with unreliable network conditions. We propose LoRe, a programming model and compiler that automatically verifies developer-supplied safety properties for local-first applications. LoRe combines the declarative data flow of reactive programming with static analysis and verification techniques to precisely determine concurrent interactions that violate safety invariants and to selectively employ strong consistency through coordination where required. We propose a formalized proof principle and demonstrate how to automate the process in a prototype implementation that outputs verified executable code. Our evaluation shows that LoRe simplifies the development of safe local-first software when compared to state-of-the-art approaches and that verification times are acceptable.

Published

2023

35. LoRe: A Programming Model for Verifiably Safe Local-First Software (Extended Abstract)

Author

Julian Haas and Ragnar Mogk and Elena Yanakieva and Annette Bieniusa and Mira Mezini, Haas, Julian, Mogk, Ragnar, Yanakieva, Elena, Bieniusa, Annette, Mezini, Mira, Julian Haas and Ragnar Mogk and Elena Yanakieva and Annette Bieniusa and Mira Mezini, Haas, Julian, Mogk, Ragnar, Yanakieva, Elena, Bieniusa, Annette, and Mezini, Mira

Abstract

Local-first software manages and processes private data locally while still enabling collaboration between multiple parties connected via partially unreliable networks. Such software typically involves interactions with users and the execution environment (the outside world). The unpredictability of such interactions paired with their decentralized nature make reasoning about the correctness of local-first software a challenging endeavor. Yet, existing solutions to develop local-first software do not provide support for automated safety guarantees and instead expect developers to reason about concurrent interactions in an environment with unreliable network conditions. We propose LoRe, a programming model and compiler that automatically verifies developer-supplied safety properties for local-first applications. LoRe combines the declarative data flow of reactive programming with static analysis and verification techniques to precisely determine concurrent interactions that violate safety invariants and to selectively employ strong consistency through coordination where required. We propose a formalized proof principle and demonstrate how to automate the process in a prototype implementation that outputs verified executable code. Our evaluation shows that LoRe simplifies the development of safe local-first software when compared to state-of-the-art approaches and that verification times are acceptable.

Published

2023

36. Model-Driven Information Flow Security for Component-Based Systems

Author

Ben Said, Najah, Abdellatif, Takoua, Bensalem, Saddek, Bozga, Marius, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Nierstrasz, Oscar, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Sudan, Madhu, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Vardi, Moshe Y., Series editor, Weikum, Gerhard, Series editor, Bensalem, Saddek, editor, Lakhneck, Yassine, editor, and Legay, Axel, editor

Published

2014

37. Inductive verification of data model invariants in web applications using first-order logic.

Author

Bocić, Ivan, Bultan, Tevfik, and Rosner, Nicolás

Subjects

SET theory, LOGIC, INVARIANTS (Mathematics), DATA analysis, NUMERICAL analysis

Abstract

Modern software applications store their data in remote cloud servers. Users interact with these applications using web browsers or thin clients running on mobile devices. A key concern for these applications is the correctness of the actions that update the data store, which are triggered by user requests. Considering that modern applications store and manage data for millions (even billions) of users, misuse or loss of user data can have catastrophic consequences. In this paper, we focus on automated discovery of data store bugs in applications that use development frameworks that are RESTful, enforce the Model–View–Controller architecture, and use Object Relational Mapping libraries to manipulate data. We present a formal data model for data stores and data store manipulation in such applications. We have developed a framework for verification of data models via translation to First Order Logic (FOL), followed by automated theorem proving. Due to the undecidability of FOL, this automated approach does not always produce a conclusive answer. We investigate the use of many-sorted logic in data model verification in order to improve the effectiveness of this approach. Many-sorted logic allows us to specify type information explicitly, thus lightening the burden of reasoning about type information during theorem proving. Our experimental results demonstrate that our verification approach is scalable to real-world web applications and is able to detect bugs in them. [ABSTRACT FROM AUTHOR]

Published

2019

38. Checking business process evolution.

Author

Krishna, Ajay, Poizat, Pascal, and Salaün, Gwen

Subjects

*SOFTWARE refactoring, *BUSINESS process outsourcing, *WEB-based user interfaces, *WORKFLOW management, *BUSINESS models

Abstract

Abstract Business processes support the design and implementation of software as workflows of local and inter-organisation activities. Tools provide the business process designer with modelling and execution facilities, but they barely provide formal analysis techniques. When one makes a process evolve, for example by refactoring it or by adding new features in it, it is important to be able to check whether, and how, this process has changed, and possibly correct evolution flaws. To reach this objective, we first present a model transformation from the BPMN standard notation to the LNT process algebra and LTS formal models. We then propose a set of relations for comparing business processes at the formal model level. With reference to related work, we propose a richer set of comparison primitives supporting renaming, refinement, property and context-awareness. We also support BPMN processes containing unbalanced structures among gateways. In order to make the checking of evolution convenient for business process designers, we have implemented tool support for our approach as a web application. Highlights • A model transformation from BPMN to LTS that deals with unbalanced workflows. • Evolution relations for business processes based on formal behavioural relations. • An abstract intermediate meta model and format for business processes, PIF. • Our VBPMN tool that implements model transformation and evolution checking. [ABSTRACT FROM AUTHOR]

Published

2019

39. LoRe: A Programming Model for Verifiably Safe Local-First Software (Extended Abstract)

Author

Haas, Julian, Mogk, Ragnar, Yanakieva, Elena, Bieniusa, Annette, and Mezini, Mira

Subjects

Software and its engineering → Distributed programming languages, Software and its engineering → Data flow languages, Automated Verification, Software and its engineering → Consistency, Invariants, Software and its engineering → Formal software verification, Reactive Programming, Theory of computation → Program specifications, Local-First Software, Consistency, Computer systems organization → Peer-to-peer architectures, Theory of computation → Pre- and post-conditions

Abstract

Local-first software manages and processes private data locally while still enabling collaboration between multiple parties connected via partially unreliable networks. Such software typically involves interactions with users and the execution environment (the outside world). The unpredictability of such interactions paired with their decentralized nature make reasoning about the correctness of local-first software a challenging endeavor. Yet, existing solutions to develop local-first software do not provide support for automated safety guarantees and instead expect developers to reason about concurrent interactions in an environment with unreliable network conditions. We propose LoRe, a programming model and compiler that automatically verifies developer-supplied safety properties for local-first applications. LoRe combines the declarative data flow of reactive programming with static analysis and verification techniques to precisely determine concurrent interactions that violate safety invariants and to selectively employ strong consistency through coordination where required. We propose a formalized proof principle and demonstrate how to automate the process in a prototype implementation that outputs verified executable code. Our evaluation shows that LoRe simplifies the development of safe local-first software when compared to state-of-the-art approaches and that verification times are acceptable., LIPIcs, Vol. 263, 37th European Conference on Object-Oriented Programming (ECOOP 2023), pages 12:1-12:15

Published

2023

40. LoRe: A Programming Model for Verifiably Safe Local-First Software (Artifact)

Author

Haas, Julian, Mogk, Ragnar, Yanakieva, Elena, Bieniusa, Annette, and Mezini, Mira

Subjects

Software and its engineering → Distributed programming languages, Software and its engineering → Data flow languages, Automated Verification, Software and its engineering → Consistency, Invariants, Software and its engineering → Formal software verification, Reactive Programming, Theory of computation → Program specifications, Local-First Software, Consistency, Computer systems organization → Peer-to-peer architectures, Theory of computation → Pre- and post-conditions

Abstract

Local-first software manages and processes private data locally while still enabling collaboration between multiple parties connected via partially unreliable networks. Such software typically involves interactions with users and the execution environment (the outside world). The unpredictability of such interactions paired with their decentralized nature make reasoning about the correctness of local-first software a challenging endeavor. Yet, existing solutions to develop local-first software do not provide support for automated safety guarantees and instead expect developers to reason about concurrent interactions in an environment with unreliable network conditions. We propose LoRe, a programming model and compiler that automatically verifies developer-supplied safety properties for local-first applications. LoRe combines the declarative data flow of reactive programming with static analysis and verification techniques to precisely determine concurrent interactions that violate safety invariants and to selectively employ strong consistency through coordination where required. We propose a formalized proof principle and demonstrate how to automate the process in a prototype implementation that outputs verified executable code. Our evaluation shows that LoRe simplifies the development of safe local-first software when compared to state-of-the-art approaches and that verification times are acceptable., DARTS, Vol. 9, Special Issue of the 37th European Conference on Object-Oriented Programming (ECOOP 2023), pages 11:1-11:2

Published

2023

41. Quantifying the Similarity of BPMN Processes

Author

Salaün, Gwen, Construction of verified concurrent systems (CONVECS ), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Laboratoire d'Informatique de Grenoble (LIG), Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes (UGA)-Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP ), Université Grenoble Alpes (UGA)-Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes (UGA)-Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP ), and Université Grenoble Alpes (UGA)

Subjects

Business Processes, Automated Verification, Quantitative Analysis, BPMN, [INFO.INFO-SE]Computer Science [cs]/Software Engineering [cs.SE]

Abstract

International audience; Business Process Model and Notation (BPMN) is a graphical modelling language for specifying business processes. Among the open issues existing in the business process development, one of them aims at providing techniques for comparing two versions of a process model. Comparing processes is useful for tackling several problems such as process reconfiguration or evolution, process harmonization or effective search. In this paper, we propose two measures of similarity between two versions of a BPMN process. The first one relies on the syntactic descriptions of the two processes considered as input, whereas the second one focuses on their semantic models. These two measures are complementary and allows users to better understand the differences and similarities between the two processes. Our approach is fully automated by several tools we reused or implemented for this work.

Published

2022

42. Automated Verification of Model Transformations in the Automotive Industry

Author

Selim, Gehan M. K., Büttner, Fabian, Cordy, James R., Dingel, Juergen, Wang, Shige, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Moreira, Ana, editor, Schätz, Bernhard, editor, Gray, Jeff, editor, Vallecillo, Antonio, editor, and Clarke, Peter, editor

Published

2013

43. Dynamically-Driven Timed Automaton Abstractions for Proving Liveness of Continuous Systems

Author

Carter, Rebekah, Navarro-López, Eva M., Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Jurdziński, Marcin, editor, and Ničković, Dejan, editor

Published

2012

44. A hardware-software system for the automation of verification and calibration of oil metering units secondary equipment.

Author

Boyarnikov, A. V., Boyarnikova, L. V., Kozhushko, A. A., and Sekachev, A. F.

Subjects

*CALIBRATION, *SOFTWARE verification, *AUTOMATIC control systems, *GAS measurement, *PETROLEUM pipelines

Abstract

In the article the process of verification (calibration) of oil metering units secondary equipment is considered. The purpose of the work is to increase the reliability and reduce the complexity of this process by developing a software and hardware system that provides automated verification and calibration. The hardware part of this complex carries out the commutation of the measuring channels of the verified controller and the reference channels of the calibrator in accordance with the introduced algorithm. The developed software allows controlling the commutation of channels, setting values on the calibrator, reading the measured data from the controller, calculating errors and compiling protocols. This system can be used for checking the controllers of the secondary equipment of the oil metering units in the automatic verification mode (with the open communication protocol) or in the semi-automatic verification mode (without it). The peculiar feature of the approach used is the development of a universal signal switch operating under software control, which can be configured for various verification methods (calibration), which allows to cover the entire range of controllers of metering units secondary equipment. The use of automatic verification with the help of a hardware and software system allows to shorten the verification time by 5-10 times and to increase the reliability of measurements, excluding the influence of the human factor. [ABSTRACT FROM AUTHOR]

Published

2017

45. A METHODOLOGY FOR DESIGN SPACE EXPLORATION OF REAL-TIME LOCATION SYSTEMS

Author

R. Passerone and A.A. Ozhiganov

Subjects

design space exploration, localization, positioning, real-time location systems, RTLS, simulation, automated verification, statistical model checking, networked embedded systems, embedded systems, cyber-physical systems, CPS, Optics. Light, QC350-467, Electronic computers. Computer science, QA75.5-76.95

Abstract

Scope of Research. This paper deals with the problem of design space exploration for a particular class of networked embedded systems called Real-Time Location Systems (RTLS). Methods. The paper contains a clear and detailed plan of anongoing research and could be considered as a review, a vision and a statement of objectives. Analytical and formal methods, simulation and automated verification will be involved in the research. Main Results. Analysis of the state of the art (current design flow, existing simulation tools and verification techniques) has revealed several limitations for performing efficientdesign space exploration of RTLS, especially for safety-critical applications. The review part of the paper also contains a clear problem statement. The main outcome of this research is the proposed vision of a novel methodology for determining the best-suited technology and its configuration from the space of potential solutions. In particular, it is planned to extend an existing simulation framework and apply automated verification techniques. The latter will be used for checking simulation results and also for exploring different system configuration alternatives, that is, to optimize the design, which is a novel approach. A case study for validating the methodology is also proposed. Practical Significance. The proposed methodology will highly increase the breadth of design space exploration of RTLS as well as the confidence on taken design decisions. It will also contribute to optimizing the design.

Published

2015

46. Deductive Verification of the Sliding Window Protocol

Author

D. A. Chkliaev and V. A. Nepomniaschy

Subjects

communication protocols, sliding window protocol, fault tolerance, formal specification, automated verification, interactive theorem proving, pvs, Information technology, T58.5-58.64

Abstract

We consider the well-known Sliding Window Protocol which provides reliable and efficient transmission of data over unreliable channels. A formal proof of correctness for this protocol faces substantial difficulties caused by a high degree of parallelism which creates a significant potential for errors. Here we consider a version of the protocol that is based on selective repeat of frames. The specification of the protocol by a state machine and its safety property are represented in the language of the verification system PVS. Using the PVS system, we give an interactive proof of this property of the Sliding Window Protocol.

Published

2015

47. Formal methods and automated verification of critical systems.

Author

ter Beek, Maurice H., Gnesi, Stefania, and Knapp, Alexander

Subjects

*COMPUTER software, *ROBUST control, *FAULT tolerance (Engineering), *AUTOMATION, *AUTOMATIC control systems

Abstract

Critical (software) systems are all around us. These systems are typically characterised by stringent dependability requirements and demand elevated levels of robustness and fault tolerance. To assure that they function as intended and provide a number of quality guarantees, formal methods and automated verification techniques and tools have been in use in the engineering of such critical systems for many years now. In this introduction to the special issue FMICS-AVoCS on “Formal Methods and Automated Verification of Critical Systems”, we outline a number of recent achievements concerning the use of formal methods and automated verification techniques and tools for the specification and analysis of critical systems from a variety of application domains. These achievements are represented by six selected papers: five were selected from the joint 21st International Workshop on Formal Methods for Industrial Critical Systems and 16th International Workshop on Automated Verification of Critical Systems (FMICS-AVoCS 2016), while one of them was selected after an open call for papers. [ABSTRACT FROM AUTHOR]

Published

2018

48. Using CSP to Detect Insertion and Evasion Possibilities within the Intrusion Detection Area

Author

Rohrmair, Gordon Thomas, Lowe, Gavin, Goos, Gerhard, editor, Hartmanis, Juris, editor, van Leeuwen, Jan, editor, Abdallah, Ali E., editor, Ryan, Peter, editor, and Schneider, Steve, editor

Published

2003

49. Modeling and Verification of Insider Threats Using Logical Analysis.

Author

Kammuller, Florian and Probst, Christian W.

Abstract

In this paper, we combine formal modeling and analysis of infrastructures of organizations with sociological explanation to provide a framework for insider threat analysis. We use the higher order logic (HOL) proof assistant Isabelle/HOL to support this framework. In the formal model, we exhibit and use a common trick from the formal verification of security protocols, showing that it is applicable to insider threats. We introduce briefly a three-step process of social explanation, illustrating that it can be applied fruitfully to the characterization of insider threats. We introduce the insider theory constructed in Isabelle that implements this process of social explanation. To validate that the social explanation is generally useful for the analysis of insider threats and to demonstrate our framework, we model and verify the insider threat patterns of entitled independent and Ambitious Leader in our Isabelle/HOL framework. [ABSTRACT FROM PUBLISHER]

Published

2017

50. Intruder deducibility constraints with negation. Decidability and application to secured service compositions.

Author

Avanesov, Tigran, Chevalier, Yannick, Rusinowitch, Michael, and Turuani, Mathieu

Subjects

*INTRUSION detection systems (Computer security), *DECIDABILITY (Mathematical logic), *CRYPTOGRAPHY, *DECISION making, *ENCRYPTION protocols

Abstract

We consider a problem of automated orchestration of security-aware services under additional constraints. The problem of finding a mediator to compose secured services has been reduced in previous works to the problem of solving deducibility constraints similar to those employed for cryptographic protocol analysis. We extend in this paper the mediator synthesis procedure (i.e. a solution for the orchestration problem) by allowing additional non-disclosure policies that express the fact that some data is not accessible to the mediator at a given point of its execution. We present a decision procedure that answers the question whether a mediator satisfying these policies can be effectively synthesized. The approach presented in this work extends the constraint solving procedure for cryptographic protocol analysis in a significant way as to be able to handle negation of deducibility constraints. It applies to all subterm convergent theories and therefore covers several interesting theories in formal security analysis including encryption, hashing, signature and pairing; it is also expressive enough for some RBAC policies. A variant of this procedure for Dolev Yao theory has been implemented in Cl-Atse, a protocol analysis tool based on constraint solving. [ABSTRACT FROM AUTHOR]

Published

2017