Visual Model-Driven Design, Verification and Implementation of Security Protocols

A novel visual model-driven approach to security protocol design, verification, and implementation is presented in this paper. User-friendly graphical models are combined with rigorous formal methods to enable protocol verification and sound automatic code generation. Domain-specific abstractions keep the graphical models simple, yet powerful enough to represent complex, realistic protocols such as SSH. The main contribution is to bring together aspects that were only partially available or not available at all in previous proposal

Research in computer science

The research efforts of University of Virginia students under a NASA sponsored program are summarized and the status of the program is reported. The research includes: testing method evaluations for N version programming; a representation scheme for modeling three dimensional objects; fault tolerant protocols for real time local area networks; performance investigation of Cyber network; XFEM implementation; and vectorizing incomplete Cholesky conjugate gradients

A Review of System Development Systems

The requirements for a system development system are defined and used as guidelines to review six such systems: SAMM, SREM, SADT, ADS / SODA, PSL/PSA and Systematics. It is found that current system development systems emphasise only validation and user verification. They can perform relatively little on automatic file optimisation, process optimisation and maintenance.postprin

Compiling and securing cryptographic protocols

Protocol narrations are widely used in security as semi-formal notations to specify conversations between roles. We define a translation from a protocol narration to the sequences of operations to be performed by each role. Unlike previous works, we reduce this compilation process to well-known decision problems in formal protocol analysis. This allows one to define a natural notion of prudent translation and to reuse many known results from the literature in order to cover more crypto-primitives. In particular this work is the first one to show how to compile protocols parameterised by the properties of the available operations.Comment: A short version was submitted to IP

Mutation of Directed Graphs -- Corresponding Regular Expressions and Complexity of Their Generation

Directed graphs (DG), interpreted as state transition diagrams, are traditionally used to represent finite-state automata (FSA). In the context of formal languages, both FSA and regular expressions (RE) are equivalent in that they accept and generate, respectively, type-3 (regular) languages. Based on our previous work, this paper analyzes effects of graph manipulations on corresponding RE. In this present, starting stage we assume that the DG under consideration contains no cycles. Graph manipulation is performed by deleting or inserting of nodes or arcs. Combined and/or multiple application of these basic operators enable a great variety of transformations of DG (and corresponding RE) that can be seen as mutants of the original DG (and corresponding RE). DG are popular for modeling complex systems; however they easily become intractable if the system under consideration is complex and/or large. In such situations, we propose to switch to corresponding RE in order to benefit from their compact format for modeling and algebraic operations for analysis. The results of the study are of great potential interest to mutation testing

Un modelo para documentar la elicitación de requisitos

Context: This work proposes a model to document the elicitation of requirements in the field of Requirements Engineering. Method: A systematic review of the literature was conducted to determine the validity and effectiveness of the existing models for documenting requirements elicitation. Results: By analyzing the results of this review, it was concluded that it is possible – and that is required – to take the best documented practices and add principles from logic, abstraction, and formal methods to them in order to structure a semi-formal model for documenting elicitation. Those currently proposed focus on techniques to collect information and pay little attention to documentation. In addition, these models are mainly based on natural language, which makes their interpretation difficult, and they generate re-processing in later stages of the life cycle due to ambiguities. Conclusions: This article describes a structured model, as well as its application and validation, by comparing it against five models found in the review.Contexto: En este trabajo se propone un modelo para documentar la elicitación de requisitos en el área de Ingeniería de Requisitos. Método: Se realizó una revisión sistemática de la literatura para determinar la validez y efectividad de los modelos que existen para documentar la elicitación de requisitos. Resultados: Analizando los resultados de esta revisión, se concluyó que es posible –y así se requiere– tomar las mejores prácticas documentadas y agregarles principios de lógica, abstracción y métodos formales para estructurar un modelo semiformal para documentar la elicitación. Los que se proponen actualmente se centran en las técnicas de recogida de información y prestan poca atención a la documentación. Además, estos modelos se basan principalmente en el lenguaje natural, por lo cual es difícil su interpretación, y generan reprocesos para las etapas posteriores del ciclo de vida debido a las ambigüedades. Conclusiones: En este artículo se describe un modelo estructurado, así como su aplicación y validación mediante la comparación con cinco modelos encontrados en la revisión

Petri Games: Synthesis of Distributed Systems with Causal Memory

We present a new multiplayer game model for the interaction and the flow of information in a distributed system. The players are tokens on a Petri net. As long as the players move in independent parts of the net, they do not know of each other; when they synchronize at a joint transition, each player gets informed of the causal history of the other player. We show that for Petri games with a single environment player and an arbitrary bounded number of system players, deciding the existence of a safety strategy for the system players is EXPTIME-complete.Comment: In Proceedings GandALF 2014, arXiv:1408.556

A VISUAL DESIGN METHOD AND ITS APPLICATION TO HIGH RELIABILITY HYPERMEDIA SYSTEMS

This work addresses the problem of the production of hypermedia documentation for applications that require high reliability, particularly technical documentation in safety critical industries. One requirement of this application area is for the availability of a task-based organisation, which can guide and monitor such activities as maintenance and repair. In safety critical applications there must be some guarantee that such sequences are correctly presented. Conventional structuring and design methods for hypermedia systems do not allow such guarantees to be made. A formal design method that is based on a process algebra is proposed as a solution to this problem. Design methods of this kind need to be accessible to information designers. This is achieved by use of a technique already familiar to them: the storyboard. By development of a storyboard notation that is syntactically equivalent to a process algebra a bridge is made between information design and computer science, allowing formal analysis and refinement of the specification drafted by information designers. Process algebras produce imperative structures that do not map easily into the declarative formats used for some hypermedia systems, but can be translated into concurrent programs. This translation process, into a language developed by the author, called ClassiC, is illustrated and the properties that make ClassiC a suitable implementation target discussed. Other possible implementation targets are evaluated, and a comparative illustration given of translation into another likely target, Java