Protocol modelling : synchronous composition of data and behaviour

This thesis develops and explores a technique called Protocol Modelling, a mathematics for the description of orderings. Protocol Modelling can be viewed as a hybrid of object orientation, as it supports ideas of data encapsulation and object instantiation; and process algebra, as it supports a formally defined idea of process and process composition. The first half of the thesis focuses on describing and defining the Protocol Modelling technique. A formal denotational semantics for protocol machines is developed and used to establish various properties; in particular that composition is closed and preserves type safety. The formal semantics is extended to cover instantiation of objects. Comparison is made with other process algebras and an approach to unification of different formulations of the semantics of process composition is proposed. The second half of the thesis explores three applications of Protocol Modelling: Object Modelling. This explores the use of Protocol Modelling as a medium for object modelling, and the facility to execute protocol models is described. Protocol Modelling is compared with other object modelling techniques; in particular by contrasting its compositional style with traditional hierarchical inheritance. Protocol Contracts. This proposes the use of protocol models as a medium for expressing formal behavioural contracts. This is compared with more traditional forms of software contract in the generalization of the notion of contractual obligation as a mechanism for software specification. Choreographed Collaborations. In this application Protocol Modelling is used as a medium to describe choreographies for asynchronous multiparty collaborations. A compositional approach to choreography engineering, enabled by the synchronous semantics of Protocol Modelling, is explored and results established concerning sufficient conditions for choreography realizability. The results are extended to address choreographies that employ behavioural rules based on data

Distributed systems : architecture-driven specification using extended LOTOS

The thesis uses the LOTOS language (ISO International Standard ISO 8807) as a basis for the formal specification of distributed systems. Contributions are made to two key research areas: architecture-driven specification and LOTOS language extensions. The notion of architecture-driven specification is to guide the specification process by providing a reference-base of pre-defined domain-specific components. The thesis builds an infra-structure of architectural elements, and provides Extended LOTOS (XL) definitions of these elements. The thesis develops Extended LOTOS (XI.) for the specification of distributed systems. XL- is LOTOS enhanced with features for the formal specification of quantitative timing. probabilistic and priority requirements. For distributed systems, the specification of these ‘performance’ requirements, ran be as important as the specification of the associated functional requirements. To support quantitative timing features, the XL semantics define a global, discrete clock which can be used both to force events to occur at specific times, and to measure Intervals between event occurrences. XL introduces time policy operators ASAP (as soon as possible’ corresponding to “maximal progress semantics") and ALAP (late as possible'). Special internal transitions are introduced in XL semantics for the specification of probability, Conformance relations based on a notion of probabilization, together with a testing framework, are defined to support reasoning about probabilistic XL specifications. Priority within the XL semantics ensures that permitted events with the highest priority weighting of their class are allowed first. Both functional and performance specification play important roles in CIM (Computer Integrated Manufacturing) systems. The thesis uses a CIM system known as the CIM- OSA lntegrating Infrastructure as a case study of architecture-driven specification using XL. The thesis thus constitutes a step in the evolution of distributed system specification methods that have both an architectural basis and a formal basis

Formal Methods for Wireless Systems

I sistemi wireless sono costituiti da dispositivi che comunicano tra loro per mezzo di un canale radio. Questo paradigma di rete presenta molti vantaggi, ma la presenza del canale radio lo rende intrinsecamente vulnerabile. Di conseguenza, in tale ambito la sicurezza rappresenta un tema importante. I meccanismi di sicurezza messi a punto per i sistemi cablati presentano molti limiti quando vengono utilizzati in una rete wireless. I problemi principali derivano dal fatto che essi operano in modo centralizzato e sotto l'ipotesi di un “mondo chiuso”. Pertanto tecniche formali sono necessarie per stabilire una connessione matematicamente rigorosa tra la modellazione e gli obiettivi di sicurezza. Nella presente tesi si applica il formalismo ben noto del "process calculus" per modellare le principali caratteristiche della comunicazione wireless. Il contributo scientifico è essenzialmente teorico. Verrà proposto un primo process calculus per modellare il passaggio del tempo nei sistemi wireless. Verranno dimostrate alcune interessanti proprietà relative al tempo. Inoltre verrà presentata una rigorosa trattazione dei problemi di collisione. Verranno fornite anche “equivalenze comportamentali” (behavioural equivalence) e verranno dimostrate una serie di leggi algebriche. L'usabilità del calcolo verrà mostrata modellando il Carrier Sense Multiple Access, un diffuso protocollo di livello MAC in cui un dispositivo ascolta il canale prima di trasmettere. Verranno poi analizzati alcuni aspetti di sicurezza, in particolare verrà proposto un modello di trust per le reti ad hoc mobili. Tali reti sono costituite da nodi mobili che comunicano senza l’ausilio di altre infrastrutture. Le reti di tale calcolo verranno modellate come sistemi multilivello perché le relazioni di trust associano ai nodi livelli di sicurezza in base al loro comportamento. Tale modello di trust verrà incluso in un process calculus per reti ad hoc che sarà dotato di equivalenze comportamentali a partire dalle quali verrà sviluppata una "teoria osservazionale" (observational theory). Saranno garantiti sia alcune interessanti proprietà relative alla sicurezza, come la safety in presenza di nodi compromessi, sia risultati di non interferenza. Tale calcolo verrà utilizzato per analizzare una versione “sicura” di un algoritmo per il leader election nelle reti ad hoc. Verrà fornita anche una codifica del protocollo di routing per reti ad hoc chiamato endairA. Infine, il calcolo sul trust verrà esteso con aspetti legati al tempo, per spiegare la relazione tra tempo e trust. Infine quest’ultimo calcolo verrà applicato per dare una codifica del protocollo di routing per reti ad hoc chiamato ARAN.Wireless systems consist of wireless devices which communicate with each other by means of a radio frequency channel. This networking paradigm offers much convenience, but because of the use of the wireless medium it is inherently vulnerable to many threats. As a consequence, security represents an important issue. Security mechanisms developed for wired systems present many limitations when used in a wireless context. The main problems stem from the fact that they operate in a centralised manner and under the assumption of a \closed world". Formal techniques are therefore needed to establish a mathematically rigorous connection between modelling and security goals. In the present dissertation we apply the well-known formalism of process calculus to model the features of wireless communication. The scientic contributions are primarily theoretical.We propose a timed process calculus modelling the communication features of wireless systems and enjoying some desirable time properties. The presence of time allows us to reason about communication collisions. We also provide behavioural equivalences and we prove a number of algebraic laws. We illustrate the usability of the calculus to model the Carrier Sense Multiple Access scheme, a widely used MAC level protocol in which a device senses the channel before transmitting. We then focus on security aspects, in particular we propose a trust model for mobile ad hoc networks, composed only of mobile nodes that communicate each other without relying on any base station. We model our networks as multilevel systems because trust relations associate security levels to nodes depending on their behaviour. Then we embody this trust model in a process calculus modelling the features of ad hoc networks. Our calculus is equipped with behavioural equivalences allowing us to develop an observational theory. We ensure safety despite compromised nodes and non interference results. We then use this calculus to analyse a secure version of a leader election algorithm for ad hoc networks. We also provide an encoding of the endairA routing protocol for ad hoc networks. Finally, we extend the trust-based calculus with timing aspects to reason about the relationship between trust and time. We then apply our calculus to formalise the routing protocol ARAN for ad hoc networks

Emerging research directions in computer science : contributions from the young informatics faculty in Karlsruhe

In order to build better human-friendly human-computer interfaces, such interfaces need to be enabled with capabilities to perceive the user, his location, identity, activities and in particular his interaction with others and the machine. Only with these perception capabilities can smart systems ( for example human-friendly robots or smart environments) become posssible. In my research I\u27m thus focusing on the development of novel techniques for the visual perception of humans and their activities, in order to facilitate perceptive multimodal interfaces, humanoid robots and smart environments. My work includes research on person tracking, person identication, recognition of pointing gestures, estimation of head orientation and focus of attention, as well as audio-visual scene and activity analysis. Application areas are humanfriendly humanoid robots, smart environments, content-based image and video analysis, as well as safety- and security-related applications. This article gives a brief overview of my ongoing research activities in these areas