18,950 research outputs found
Formal Verification of Security Protocol Implementations: A Survey
Automated formal verification of security protocols has been mostly focused on analyzing high-level abstract models which, however, are significantly different from real protocol implementations written in programming languages. Recently, some researchers have started investigating techniques that bring automated formal proofs closer to real implementations. This paper surveys these attempts, focusing on approaches that target the application code that implements protocol logic, rather than the libraries that implement cryptography. According to these approaches, libraries are assumed to correctly implement some models. The aim is to derive formal proofs that, under this assumption, give assurance about the application code that implements the protocol logic. The two main approaches of model extraction and code generation are presented, along with the main techniques adopted for each approac
Recommended from our members
Using formal methods to support testing
Formal methods and testing are two important approaches that assist in the development of high quality software. While traditionally these approaches have been seen as rivals, in recent
years a new consensus has developed in which they are seen as complementary. This article reviews the state of the art regarding ways in which the presence of a formal specification can be used to assist testing
A Dual-Engine for Early Analysis of Critical Systems
This paper presents a framework for modeling, simulating, and checking
properties of critical systems based on the Alloy language -- a declarative,
first-order, relational logic with a built-in transitive closure operator. The
paper introduces a new dual-analysis engine that is capable of providing both
counterexamples and proofs. Counterexamples are found fully automatically using
an SMT solver, which provides a better support for numerical expressions than
the existing Alloy Analyzer. Proofs, however, cannot always be found
automatically since the Alloy language is undecidable. Our engine offers an
economical approach by first trying to prove properties using a
fully-automatic, SMT-based analysis, and switches to an interactive theorem
prover only if the first attempt fails. This paper also reports on applying our
framework to Microsoft's COM standard and the mark-and-sweep garbage collection
algorithm.Comment: Workshop on Dependable Software for Critical Infrastructures (DSCI),
Berlin 201
An Iterative Abstraction Algorithm for Reactive Correct-by-Construction Controller Synthesis
In this paper, we consider the problem of synthesizing
correct-by-construction controllers for discrete-time dynamical systems. A
commonly adopted approach in the literature is to abstract the dynamical system
into a Finite Transition System (FTS) and thus convert the problem into a two
player game between the environment and the system on the FTS. The controller
design problem can then be solved using synthesis tools for general linear
temporal logic or generalized reactivity(1) specifications. In this article, we
propose a new abstraction algorithm. Instead of generating a single FTS to
represent the system, we generate two FTSs, which are under- and
over-approximations of the original dynamical system. We further develop an
iterative abstraction scheme by exploiting the concept of winning sets, i.e.,
the sets of states for which there exists a winning strategy for the system.
Finally, the efficiency of the new abstraction algorithm is illustrated by
numerical examples.Comment: A shorter version has been accepted for publication in the 54th IEEE
Conference on Decision and Control (held Tuesday through Friday, December
15-18, 2015 at the Osaka International Convention Center, Osaka, Japan
- …