8,143 research outputs found
Formal Verification of Security Protocol Implementations: A Survey
Automated formal verification of security protocols has been mostly focused on analyzing high-level abstract models which, however, are significantly different from real protocol implementations written in programming languages. Recently, some researchers have started investigating techniques that bring automated formal proofs closer to real implementations. This paper surveys these attempts, focusing on approaches that target the application code that implements protocol logic, rather than the libraries that implement cryptography. According to these approaches, libraries are assumed to correctly implement some models. The aim is to derive formal proofs that, under this assumption, give assurance about the application code that implements the protocol logic. The two main approaches of model extraction and code generation are presented, along with the main techniques adopted for each approac
Kickstarting Choreographic Programming
We present an overview of some recent efforts aimed at the development of
Choreographic Programming, a programming paradigm for the production of
concurrent software that is guaranteed to be correct by construction from
global descriptions of communication behaviour
Applying Formal Methods to Networking: Theory, Techniques and Applications
Despite its great importance, modern network infrastructure is remarkable for
the lack of rigor in its engineering. The Internet which began as a research
experiment was never designed to handle the users and applications it hosts
today. The lack of formalization of the Internet architecture meant limited
abstractions and modularity, especially for the control and management planes,
thus requiring for every new need a new protocol built from scratch. This led
to an unwieldy ossified Internet architecture resistant to any attempts at
formal verification, and an Internet culture where expediency and pragmatism
are favored over formal correctness. Fortunately, recent work in the space of
clean slate Internet design---especially, the software defined networking (SDN)
paradigm---offers the Internet community another chance to develop the right
kind of architecture and abstractions. This has also led to a great resurgence
in interest of applying formal methods to specification, verification, and
synthesis of networking protocols and applications. In this paper, we present a
self-contained tutorial of the formidable amount of work that has been done in
formal methods, and present a survey of its applications to networking.Comment: 30 pages, submitted to IEEE Communications Surveys and Tutorial
Transforming ASN.1 Specifications into CafeOBJ to assist with Property Checking
The adoption of algebraic specification/formal method techniques by the
networks' research community is happening slowly but steadily. We work towards
a software environment that can translate a protocol's specification, from
Abstract Syntax Notation One (ASN.1 - a very popular specification language
with many applications), into the powerful algebraic specification language
CafeOBJ. The resulting code can be used to check, validate and falsify critical
properties of systems, at the pre-coding stage of development. In this paper,
we introduce some key elements of ASN.1 and CafeOBJ and sketch some first steps
towards the implementation of such a tool including a case study.Comment: 8 pages, 12 figure
Benefits of Session Types for software Development
Session types are a formalism used to specify and check the correctness of communication based systems. Within their scope, they can guarantee the absence of communication errors such as deadlock, sending an unexpected message or failing to handle an incoming message. Introduced over two decades ago, they have developed into a significant theme in programming languages. In this paper we examine the beliefs that drive research into this area and make it popular. We look at the claims and motivation behind session types throughout the literature. We identify the hypotheses upon which session types have been designed and implemented, and attempt to clarify and formulate them in a more suitable manner for testing
A Program Logic for Verifying Secure Routing Protocols
The Internet, as it stands today, is highly vulnerable to attacks. However,
little has been done to understand and verify the formal security guarantees of
proposed secure inter-domain routing protocols, such as Secure BGP (S-BGP). In
this paper, we develop a sound program logic for SANDLog-a declarative
specification language for secure routing protocols for verifying properties of
these protocols. We prove invariant properties of SANDLog programs that run in
an adversarial environment. As a step towards automated verification, we
implement a verification condition generator (VCGen) to automatically extract
proof obligations. VCGen is integrated into a compiler for SANDLog that can
generate executable protocol implementations; and thus, both verification and
empirical evaluation of secure routing protocols can be carried out in this
unified framework. To validate our framework, we encoded several proposed
secure routing mechanisms in SANDLog, verified variants of path authenticity
properties by manually discharging the generated verification conditions in
Coq, and generated executable code based on SANDLog specification and ran the
code in simulation
- …