15,701 research outputs found

    Formal Verification of Security Protocol Implementations: A Survey

    Get PDF
    Automated formal verification of security protocols has been mostly focused on analyzing high-level abstract models which, however, are significantly different from real protocol implementations written in programming languages. Recently, some researchers have started investigating techniques that bring automated formal proofs closer to real implementations. This paper surveys these attempts, focusing on approaches that target the application code that implements protocol logic, rather than the libraries that implement cryptography. According to these approaches, libraries are assumed to correctly implement some models. The aim is to derive formal proofs that, under this assumption, give assurance about the application code that implements the protocol logic. The two main approaches of model extraction and code generation are presented, along with the main techniques adopted for each approac

    Modal logics for reasoning about object-based component composition

    Get PDF
    Component-oriented development of software supports the adaptability and maintainability of large systems, in particular if requirements change over time and parts of a system have to be modified or replaced. The software architecture in such systems can be described by components and their composition. In order to describe larger architectures, the composition concept becomes crucial. We will present a formal framework for component composition for object-based software development. The deployment of modal logics for defining components and component composition will allow us to reason about and prove properties of components and compositions

    Visual Model-Driven Design, Verification and Implementation of Security Protocols

    Get PDF
    A novel visual model-driven approach to security protocol design, verification, and implementation is presented in this paper. User-friendly graphical models are combined with rigorous formal methods to enable protocol verification and sound automatic code generation. Domain-specific abstractions keep the graphical models simple, yet powerful enough to represent complex, realistic protocols such as SSH. The main contribution is to bring together aspects that were only partially available or not available at all in previous proposal

    Ontology-based modelling of architectural styles

    Get PDF
    The conceptual modelling of software architectures is of central importance for the quality of a software system. A rich modelling language is required to integrate the different aspects of architecture modelling, such as architectural styles, structural and behavioural modelling, into a coherent framework. Architectural styles are often neglected in software architectures. We propose an ontological approach for architectural style modelling based on description logic as an abstract, meta-level modelling instrument. We introduce a framework for style definition and style combination. The application of the ontological framework in the form of an integration into existing architectural description notations is illustrated

    Formally based semi-automatic implementation of an open security protocol

    Get PDF
    International audienceThis paper presents an experiment in which an implementation of the client side of the SSH Transport Layer Protocol (SSH-TLP) was semi-automatically derived according to a model-driven development paradigm that leverages formal methods in order to obtain high correctness assurance. The approach used in the experiment starts with the formalization of the protocol at an abstract level. This model is then formally proved to fulfill the desired secrecy and authentication properties by using the ProVerif prover. Finally, a sound Java implementation is semi-automatically derived from the verified model using an enhanced version of the Spi2Java framework. The resulting implementation correctly interoperates with third party servers, and its execution time is comparable with that of other manually developed Java SSH-TLP client implementations. This case study demonstrates that the adopted model-driven approach is viable even for a real security protocol, despite the complexity of the models needed in order to achieve an interoperable implementation

    Refinement by interpretation in {\pi}-institutions

    Get PDF
    The paper discusses the role of interpretations, understood as multifunctions that preserve and reflect logical consequence, as refinement witnesses in the general setting of pi-institutions. This leads to a smooth generalization of the refinement-by-interpretation approach, recently introduced by the authors in more specific contexts. As a second, yet related contribution a basis is provided to build up a refinement calculus of structured specifications in and across arbitrary pi-institutions.Comment: In Proceedings Refine 2011, arXiv:1106.348

    Composing features by managing inconsistent requirements

    Get PDF
    One approach to system development is to decompose the requirements into features and specify the individual features before composing them. A major limitation of deferring feature composition is that inconsistency between the solutions to individual features may not be uncovered early in the development, leading to unwanted feature interactions. Syntactic inconsistencies arising from the way software artefacts are described can be addressed by the use of explicit, shared, domain knowledge. However, behavioural inconsistencies are more challenging: they may occur within the requirements associated with two or more features as well as at the level of individual features. Whilst approaches exist that address behavioural inconsistencies at design time, these are overrestrictive in ruling out all possible conflicts and may weaken the requirements further than is desirable. In this paper, we present a lightweight approach to dealing with behavioural inconsistencies at run-time. Requirement Composition operators are introduced that specify a run-time prioritisation to be used on occurrence of a feature interaction. This prioritisation can be static or dynamic. Dynamic prioritisation favours some requirement according to some run-time criterion, for example, the extent to which it is already generating behaviour

    Component Composition in Business and System Modelling

    Get PDF
    Bespoke development of large business systems can be couched in terms of the composition of components, which are, put simply, chunks of development work. Design, mapping a specification to an implementation, can also be expressed in terms of components: a refinement comprising an abstract component, a concrete component and a mapping between them. Similarly, system extension is the composition of an existing component, the legacy system, with a new component, the extension. This paper overviews work being done on a UK EPSRC funded research project formulating and formalizing techniques for describing, composing and performing integrity checks on components. Although the paper focuses on the specification and development of information systems, the techniques are equally applicable to the modeling and re-engineering of businesses, where no computer system may be involved
    corecore