15,469 research outputs found
Applying Formal Methods to Networking: Theory, Techniques and Applications
Despite its great importance, modern network infrastructure is remarkable for
the lack of rigor in its engineering. The Internet which began as a research
experiment was never designed to handle the users and applications it hosts
today. The lack of formalization of the Internet architecture meant limited
abstractions and modularity, especially for the control and management planes,
thus requiring for every new need a new protocol built from scratch. This led
to an unwieldy ossified Internet architecture resistant to any attempts at
formal verification, and an Internet culture where expediency and pragmatism
are favored over formal correctness. Fortunately, recent work in the space of
clean slate Internet design---especially, the software defined networking (SDN)
paradigm---offers the Internet community another chance to develop the right
kind of architecture and abstractions. This has also led to a great resurgence
in interest of applying formal methods to specification, verification, and
synthesis of networking protocols and applications. In this paper, we present a
self-contained tutorial of the formidable amount of work that has been done in
formal methods, and present a survey of its applications to networking.Comment: 30 pages, submitted to IEEE Communications Surveys and Tutorial
gCSP: A Graphical Tool for Designing CSP systems
For broad acceptance of an engineering paradigm, a graphical notation and a supporting design tool seem necessary. This paper discusses certain issues of developing a design environment for building systems based on CSP. Some of the issues discussed depend specifically on the underlying theory of CSP, while a number of them are common for any graphical notation and supporting tools, such as provisions for complexity management and design overview
Graphical modelling language for spycifying concurrency based on CSP
Introduced in this (shortened) paper is a graphical modelling language for specifying concurrency in software designs. The language notations are derived from CSP and the resulting designs form CSP diagrams. The notations reflect both data-flow and control-flow aspects of concurrent software architectures. These designs can automatically be described by CSP algebraic expressions that can be used for formal analysis. The designer does not have to be aware of the underlying mathematics. The techniques and rules presented provide guidance to the development of concurrent software architectures. One can detect and reason about compositional conflicts (errors in design), potential deadlocks (errors at run-time), and priority inversion problems (performance burden) at a high level of abstraction. The CSP diagram collaborates with objectoriented modelling languages and structured methods
Life of occam-Pi
This paper considers some questions prompted by a brief review of the history of computing. Why is programming so hard? Why is concurrency considered an “advanced” subject? What’s the matter with Objects? Where did all the Maths go? In searching for answers, the paper looks at some concerns over fundamental ideas within object orientation (as represented by modern programming languages), before focussing on the concurrency model of communicating processes and its particular expression in the occam family of languages. In that focus, it looks at the history of occam, its underlying philosophy (Ockham’s Razor), its semantic foundation on Hoare’s CSP, its principles of process oriented design and its development over almost three decades into occam-? (which blends in the concurrency dynamics of Milner’s ?-calculus). Also presented will be an urgent need for rationalisation – occam-? is an experiment that has demonstrated significant results, but now needs time to be spent on careful review and implementing the conclusions of that review. Finally, the future is considered. In particular, is there a future
Model the System from Adversary Viewpoint: Threats Identification and Modeling
Security attacks are hard to understand, often expressed with unfriendly and
limited details, making it difficult for security experts and for security
analysts to create intelligible security specifications. For instance, to
explain Why (attack objective), What (i.e., system assets, goals, etc.), and
How (attack method), adversary achieved his attack goals. We introduce in this
paper a security attack meta-model for our SysML-Sec framework, developed to
improve the threat identification and modeling through the explicit
representation of security concerns with knowledge representation techniques.
Our proposed meta-model enables the specification of these concerns through
ontological concepts which define the semantics of the security artifacts and
introduced using SysML-Sec diagrams. This meta-model also enables representing
the relationships that tie several such concepts together. This representation
is then used for reasoning about the knowledge introduced by system designers
as well as security experts through the graphical environment of the SysML-Sec
framework.Comment: In Proceedings AIDP 2014, arXiv:1410.322
CSP design model and tool support
The CSP paradigm is known as a powerful concept for designing and analysing the architectural and behavioural parts of concurrent software. Although the theory of CSP is useful for mathematicians, the programming language occam has been derived from CSP that is useful for any engineering practice. Nowadays, the concept of occam/CSP can be used for almost every object-oriented programming language. This paper describes a tree-based description model and prototype tool that elevates the use of occam/CSP concepts at the design level and performs code generation to Java, C, C++, and machine-readable CSP for the level of implementation. The tree-based description model can be used to browse through the generated source code. The tool is a kind of browser that is able to assist modern workbenches (like Borland Builder, Microsoft Visual C++ and 20-SIM) with coding concurrency. The tool will guide the user through the design trajectory using support messages and several semantic and syntax rule checks. The machine-readable CSP can be read by FDR, enabling more advanced analysis on the design. Early experiments with the prototype tool show that the browser concept, combined with the tree-based description model, enables a user-friendly way to create a design using the CSP concepts and benefits. The design tool is available from our URL, http://www.rt.el.utwente.nl/javapp
Actor-network procedures: Modeling multi-factor authentication, device pairing, social interactions
As computation spreads from computers to networks of computers, and migrates
into cyberspace, it ceases to be globally programmable, but it remains
programmable indirectly: network computations cannot be controlled, but they
can be steered by local constraints on network nodes. The tasks of
"programming" global behaviors through local constraints belong to the area of
security. The "program particles" that assure that a system of local
interactions leads towards some desired global goals are called security
protocols. As computation spreads beyond cyberspace, into physical and social
spaces, new security tasks and problems arise. As networks are extended by
physical sensors and controllers, including the humans, and interlaced with
social networks, the engineering concepts and techniques of computer security
blend with the social processes of security. These new connectors for
computational and social software require a new "discipline of programming" of
global behaviors through local constraints. Since the new discipline seems to
be emerging from a combination of established models of security protocols with
older methods of procedural programming, we use the name procedures for these
new connectors, that generalize protocols. In the present paper we propose
actor-networks as a formal model of computation in heterogenous networks of
computers, humans and their devices; and we introduce Procedure Derivation
Logic (PDL) as a framework for reasoning about security in actor-networks. On
the way, we survey the guiding ideas of Protocol Derivation Logic (also PDL)
that evolved through our work in security in last 10 years. Both formalisms are
geared towards graphic reasoning and tool support. We illustrate their workings
by analysing a popular form of two-factor authentication, and a multi-channel
device pairing procedure, devised for this occasion.Comment: 32 pages, 12 figures, 3 tables; journal submission; extended
references, added discussio
- …