112,392 research outputs found
A formal methodology for integral security design and verification of network protocols
We propose a methodology for verifying security properties of network
protocols at design level. It can be separated in two main parts: context and
requirements analysis and informal verification; and formal representation and
procedural verification. It is an iterative process where the early steps are
simpler than the last ones. Therefore, the effort required for detecting flaws
is proportional to the complexity of the associated attack. Thus, we avoid
wasting valuable resources for simple flaws that can be detected early in the
verification process. In order to illustrate the advantages provided by our
methodology, we also analyze three real protocols
A System for Deduction-based Formal Verification of Workflow-oriented Software Models
The work concerns formal verification of workflow-oriented software models
using deductive approach. The formal correctness of a model's behaviour is
considered. Manually building logical specifications, which are considered as a
set of temporal logic formulas, seems to be the significant obstacle for an
inexperienced user when applying the deductive approach. A system, and its
architecture, for the deduction-based verification of workflow-oriented models
is proposed. The process of inference is based on the semantic tableaux method
which has some advantages when compared to traditional deduction strategies.
The algorithm for an automatic generation of logical specifications is
proposed. The generation procedure is based on the predefined workflow patterns
for BPMN, which is a standard and dominant notation for the modeling of
business processes. The main idea for the approach is to consider patterns,
defined in terms of temporal logic,as a kind of (logical) primitives which
enable the transformation of models to temporal logic formulas constituting a
logical specification. Automation of the generation process is crucial for
bridging the gap between intuitiveness of the deductive reasoning and the
difficulty of its practical application in the case when logical specifications
are built manually. This approach has gone some way towards supporting,
hopefully enhancing our understanding of, the deduction-based formal
verification of workflow-oriented models.Comment: International Journal of Applied Mathematics and Computer Scienc
Incompleteness of relational simulations in the blocking paradigm
Refinement is the notion of development between formal specifications For specifications given in a relational formalism downward and upward simulations are the standard method to verify that a refinement holds their usefulness based upon their soundness and joint completeness This is known to be true for total relational specifications and has been claimed to hold for partial relational specifications in both the non-blocking and blocking interpretations
In this paper we show that downward and upward simulations in the blocking interpretation where domains are guards are not Jointly complete This contradicts earlier claims in the literature We illustrate this with an example (based on one recently constructed by Reeves and Streader) and then construct a proof to show why Joint completeness fails in general (C) 2010 Elsevier B V All rights reserve
Carnap: an Open Framework for Formal Reasoning in the Browser
This paper presents an overview of Carnap, a free and open framework for the development of formal reasoning applications. Carnap’s design emphasizes flexibility, extensibility, and rapid prototyping. Carnap-based applications are written in Haskell, but can be compiled to JavaScript to run in standard web browsers. This combination of features makes Carnap ideally suited for educational applications, where ease-of-use is crucial for students and adaptability to different teaching strategies and classroom needs is crucial for instructors. The paper describes Carnap’s implementation, along with its current and projected pedagogical applications
Report on the Implementation of Work Package 4 “Selection and Testing New ICT Tools” in the Framework of the IRNet Project
This article, prepared by an international team of authors – researchers from
different scientific areas, connected with ICT, e-learning, pedagogy, and other
related disciplines – focuses on the objectives and some results of the IRNet
international project. In particular, this article describes the research tools, methods,
and some procedures of the Work Package 4 (WP4) “Selection and Testing New ICT tools”: Objectives, Tasks, Deliverables, and implementation of research trips.
Researchers from partner universities have analysed the results of WP4 in the
context of the next stages and Work Packages of the IRNet project – International
Research Network
Formal Verification of Security Protocol Implementations: A Survey
Automated formal verification of security protocols has been mostly focused on analyzing high-level abstract models which, however, are significantly different from real protocol implementations written in programming languages. Recently, some researchers have started investigating techniques that bring automated formal proofs closer to real implementations. This paper surveys these attempts, focusing on approaches that target the application code that implements protocol logic, rather than the libraries that implement cryptography. According to these approaches, libraries are assumed to correctly implement some models. The aim is to derive formal proofs that, under this assumption, give assurance about the application code that implements the protocol logic. The two main approaches of model extraction and code generation are presented, along with the main techniques adopted for each approac
- …