21,469 research outputs found
Finite Model Finding for Parameterized Verification
In this paper we investigate to which extent a very simple and natural
"reachability as deducibility" approach, originated in the research in formal
methods in security, is applicable to the automated verification of large
classes of infinite state and parameterized systems. The approach is based on
modeling the reachability between (parameterized) states as deducibility
between suitable encodings of states by formulas of first-order predicate
logic. The verification of a safety property is reduced to a pure logical
problem of finding a countermodel for a first-order formula. The later task is
delegated then to the generic automated finite model building procedures. In
this paper we first establish the relative completeness of the finite
countermodel finding method (FCM) for a class of parameterized linear arrays of
finite automata. The method is shown to be at least as powerful as known
methods based on monotonic abstraction and symbolic backward reachability.
Further, we extend the relative completeness of the approach and show that it
can solve all safety verification problems which can be solved by the
traditional regular model checking.Comment: 17 pages, slightly different version of the paper is submitted to
TACAS 201
Modelling and simulation of a biometric identity-based cryptography
Government information is a vital asset that must be kept in a trusted environment and efficiently managed by authorised parties. Even though e-Government provides a number of advantages, it also introduces a range of new security risks. Sharing confidential and top-secret information in a secure manner among government sectors tend to be the main element that government agencies look for. Thus, developing an effective methodology is essential and it is a key factor for e-Government success. The proposed e-Government scheme in this paper is a combination of identity-based encryption and biometric technology. This new scheme can effectively improve the security in authentication systems, which provides a reliable identity with a high degree of assurance. In addition, this paper demonstrates the feasibility of using Finite-state machines as a formal method to analyse the proposed protocols
Analysis of security protocols using finite-state machines
This paper demonstrates a comprehensive analysis method using formal methods such as finite-state machine. First, we describe the modified version of our new protocol and briefly explain the encrypt-then-authenticate mechanism, which is regarded as more a secure mechanism than the one used in our protocol. Then, we use a finite-state verification to study the behaviour of each machine created for each phase of the protocol and examine their behaviour s together. Modelling with finite-state machines shows that the modified protocol can function correctly and behave properly even with invalid input or time delay
An Experiment in Ping-Pong Protocol Verification by Nondeterministic Pushdown Automata
An experiment is described that confirms the security of a well-studied class
of cryptographic protocols (Dolev-Yao intruder model) can be verified by
two-way nondeterministic pushdown automata (2NPDA). A nondeterministic pushdown
program checks whether the intersection of a regular language (the protocol to
verify) and a given Dyck language containing all canceling words is empty. If
it is not, an intruder can reveal secret messages sent between trusted users.
The verification is guaranteed to terminate in cubic time at most on a
2NPDA-simulator. The interpretive approach used in this experiment simplifies
the verification, by separating the nondeterministic pushdown logic and program
control, and makes it more predictable. We describe the interpretive approach
and the known transformational solutions, and show they share interesting
features. Also noteworthy is how abstract results from automata theory can
solve practical problems by programming language means.Comment: In Proceedings MARS/VPT 2018, arXiv:1803.0866
Applying Formal Methods to Networking: Theory, Techniques and Applications
Despite its great importance, modern network infrastructure is remarkable for
the lack of rigor in its engineering. The Internet which began as a research
experiment was never designed to handle the users and applications it hosts
today. The lack of formalization of the Internet architecture meant limited
abstractions and modularity, especially for the control and management planes,
thus requiring for every new need a new protocol built from scratch. This led
to an unwieldy ossified Internet architecture resistant to any attempts at
formal verification, and an Internet culture where expediency and pragmatism
are favored over formal correctness. Fortunately, recent work in the space of
clean slate Internet design---especially, the software defined networking (SDN)
paradigm---offers the Internet community another chance to develop the right
kind of architecture and abstractions. This has also led to a great resurgence
in interest of applying formal methods to specification, verification, and
synthesis of networking protocols and applications. In this paper, we present a
self-contained tutorial of the formidable amount of work that has been done in
formal methods, and present a survey of its applications to networking.Comment: 30 pages, submitted to IEEE Communications Surveys and Tutorial
Verifying Policy Enforcers
Policy enforcers are sophisticated runtime components that can prevent
failures by enforcing the correct behavior of the software. While a single
enforcer can be easily designed focusing only on the behavior of the
application that must be monitored, the effect of multiple enforcers that
enforce different policies might be hard to predict. So far, mechanisms to
resolve interferences between enforcers have been based on priority mechanisms
and heuristics. Although these methods provide a mechanism to take decisions
when multiple enforcers try to affect the execution at a same time, they do not
guarantee the lack of interference on the global behavior of the system. In
this paper we present a verification strategy that can be exploited to discover
interferences between sets of enforcers and thus safely identify a-priori the
enforcers that can co-exist at run-time. In our evaluation, we experimented our
verification method with several policy enforcers for Android and discovered
some incompatibilities.Comment: Oliviero Riganelli, Daniela Micucci, Leonardo Mariani, and Yli\`es
Falcone. Verifying Policy Enforcers. Proceedings of 17th International
Conference on Runtime Verification (RV), 2017. (to appear
Verification and Control of Partially Observable Probabilistic Real-Time Systems
We propose automated techniques for the verification and control of
probabilistic real-time systems that are only partially observable. To formally
model such systems, we define an extension of probabilistic timed automata in
which local states are partially visible to an observer or controller. We give
a probabilistic temporal logic that can express a range of quantitative
properties of these models, relating to the probability of an event's
occurrence or the expected value of a reward measure. We then propose
techniques to either verify that such a property holds or to synthesise a
controller for the model which makes it true. Our approach is based on an
integer discretisation of the model's dense-time behaviour and a grid-based
abstraction of the uncountable belief space induced by partial observability.
The latter is necessarily approximate since the underlying problem is
undecidable, however we show how both lower and upper bounds on numerical
results can be generated. We illustrate the effectiveness of the approach by
implementing it in the PRISM model checker and applying it to several case
studies, from the domains of computer security and task scheduling
Modeling Bitcoin Contracts by Timed Automata
Bitcoin is a peer-to-peer cryptographic currency system. Since its
introduction in 2008, Bitcoin has gained noticeable popularity, mostly due to
its following properties: (1) the transaction fees are very low, and (2) it is
not controlled by any central authority, which in particular means that nobody
can "print" the money to generate inflation. Moreover, the transaction syntax
allows to create the so-called contracts, where a number of
mutually-distrusting parties engage in a protocol to jointly perform some
financial task, and the fairness of this process is guaranteed by the
properties of Bitcoin. Although the Bitcoin contracts have several potential
applications in the digital economy, so far they have not been widely used in
real life. This is partly due to the fact that they are cumbersome to create
and analyze, and hence risky to use.
In this paper we propose to remedy this problem by using the methods
originally developed for the computer-aided analysis for hardware and software
systems, in particular those based on the timed automata. More concretely, we
propose a framework for modeling the Bitcoin contracts using the timed automata
in the UPPAAL model checker. Our method is general and can be used to model
several contracts. As a proof-of-concept we use this framework to model some of
the Bitcoin contracts from our recent previous work. We then automatically
verify their security in UPPAAL, finding (and correcting) some subtle errors
that were difficult to spot by the manual analysis. We hope that our work can
draw the attention of the researchers working on formal modeling to the problem
of the Bitcoin contract verification, and spark off more research on this
topic
- …