17,610 research outputs found
Event-based Compositional Reasoning of Information-Flow Security for Concurrent Systems
High assurance of information-flow security (IFS) for concurrent systems is
challenging. A promising way for formal verification of concurrent systems is
the rely-guarantee method. However, existing compositional reasoning approaches
for IFS concentrate on language-based IFS. It is often not applicable for
system-level security, such as multicore operating system kernels, in which
secrecy of actions should also be considered. On the other hand, existing
studies on the rely-guarantee method are basically built on concurrent
programming languages, by which semantics of concurrent systems cannot be
completely captured in a straightforward way. In order to formally verify
state-action based IFS for concurrent systems, we propose a
rely-guarantee-based compositional reasoning approach for IFS in this paper. We
first design a language by incorporating ``Event'' into concurrent languages
and give the IFS semantics of the language. As a primitive element, events
offer an extremely neat framework for modeling system and are not necessarily
atomic in our language. For compositional reasoning of IFS, we use
rely-guarantee specification to define new forms of unwinding conditions (UCs)
on events, i.e., event UCs. By a rely-guarantee proof system of the language
and the soundness of event UCs, we have that event UCs imply IFS of concurrent
systems. In such a way, we relax the atomicity constraint of actions in
traditional UCs and provide a compositional reasoning way for IFS in which
security proof of systems can be discharged by independent security proof on
individual events. Finally, we mechanize the approach in Isabelle/HOL and
develop a formal specification and its IFS proof for multicore separation
kernels as a study case according to an industrial standard -- ARINC 653
A theorem prover-based analysis tool for object-oriented databases
We present a theorem-prover based analysis tool for object-oriented database systems with integrity constraints. Object-oriented database specifications are mapped to higher-order logic (HOL). This allows us to reason about the semantics of database operations using a mechanical theorem prover such as Isabelle or PVS. The tool can be used to verify various semantics requirements of the schema (such as transaction safety, compensation, and commutativity) to support the advanced transaction models used in workflow and cooperative work. We give an example of method safety analysis for the generic structure editing operations of a cooperative authoring system
Compensation methods to support cooperative applications: A case study in automated verification of schema requirements for an advanced transaction model
Compensation plays an important role in advanced transaction models, cooperative work and workflow systems. A schema designer is typically required to supply for each transaction another transaction to semantically undo the effects of . Little attention has been paid to the verification of the desirable properties of such operations, however. This paper demonstrates the use of a higher-order logic theorem prover for verifying that compensating transactions return a database to its original state. It is shown how an OODB schema is translated to the language of the theorem prover so that proofs can be performed on the compensating transactions
Compensation methods to support generic graph editing: A case study in automated verification of schema requirements for an advanced transaction model
Compensation plays an important role in advanced transaction models, cooperative work, and workflow systems. However, compensation operations are often simply written as a^ā1 in
transaction model literature. This notation ignores any operation parameters, results, and side effects. A schema designer intending to use an advanced transaction model is expected (required) to write correct method code. However, in the days of cut-and-paste, this is much easier said than done. In this paper, we demonstrate the feasibility of using an off-the-shelf theorem prover (also called a proof assistant) to perform automated verification of compensation requirements for an OODB schema. We report on the results of a case study in verification for a particular advanced transaction model that supports cooperative applications. The case study is based on an OODB schema that provides generic graph editing functionality for the creation, insertion, and manipulation of nodes and links
A Proof Strategy Language and Proof Script Generation for Isabelle/HOL
We introduce a language, PSL, designed to capture high level proof strategies
in Isabelle/HOL. Given a strategy and a proof obligation, PSL's runtime system
generates and combines various tactics to explore a large search space with low
memory usage. Upon success, PSL generates an efficient proof script, which
bypasses a large part of the proof search. We also present PSL's monadic
interpreter to show that the underlying idea of PSL is transferable to other
ITPs.Comment: This paper has been submitted to CADE2
Automatic Verification of Transactions on an Object-Oriented Database
In the context of the object-oriented data model, a compiletime approach is given that provides for a significant reduction of the amount of run-time transaction overhead due to integrity constraint checking. The higher-order logic Isabelle theorem prover is used to automatically prove which constraints might, or might not be violated by a given transaction in a manner analogous to the one used by Sheard and Stemple (1989) for the relational data model. A prototype transaction verification tool has been implemented, which automates the semantic mappings and generates proof goals for Isabelle. Test results are discussed to illustrate the effectiveness of our approach
- ā¦