17 research outputs found
Quantitative Analysis of DoS Attacks and Client Puzzles in IoT Systems
Denial of Service (DoS) attacks constitute a major security threat to today's
Internet. This challenge is especially pertinent to the Internet of Things
(IoT) as devices have less computing power, memory and security mechanisms to
mitigate DoS attacks. This paper presents a model that mimics the unique
characteristics of a network of IoT devices, including components of the system
implementing `Crypto Puzzles' - a DoS mitigation technique. We created an
imitation of a DoS attack on the system, and conducted a quantitative analysis
to simulate the impact such an attack may potentially exert upon the system,
assessing the trade off between security and throughput in the IoT system. We
model this through stochastic model checking in PRISM and provide evidence that
supports this as a valuable method to compare the efficiency of different
implementations of IoT systems, exemplified by a case study
Towards the Formal Reliability Analysis of Oil and Gas Pipelines
It is customary to assess the reliability of underground oil and gas
pipelines in the presence of excessive loading and corrosion effects to ensure
a leak-free transport of hazardous materials. The main idea behind this
reliability analysis is to model the given pipeline system as a Reliability
Block Diagram (RBD) of segments such that the reliability of an individual
pipeline segment can be represented by a random variable. Traditionally,
computer simulation is used to perform this reliability analysis but it
provides approximate results and requires an enormous amount of CPU time for
attaining reasonable estimates. Due to its approximate nature, simulation is
not very suitable for analyzing safety-critical systems like oil and gas
pipelines, where even minor analysis flaws may result in catastrophic
consequences. As an accurate alternative, we propose to use a
higher-order-logic theorem prover (HOL) for the reliability analysis of
pipelines. As a first step towards this idea, this paper provides a
higher-order-logic formalization of reliability and the series RBD using the
HOL theorem prover. For illustration, we present the formal analysis of a
simple pipeline that can be modeled as a series RBD of segments with
exponentially distributed failure times.Comment: 15 page
A Holistic Approach in Embedded System Development
We present pState, a tool for developing "complex" embedded systems by
integrating validation into the design process. The goal is to reduce
validation time. To this end, qualitative and quantitative properties are
specified in system models expressed as pCharts, an extended version of
hierarchical state machines. These properties are specified in an intuitive way
such that they can be written by engineers who are domain experts, without
needing to be familiar with temporal logic. From the system model, executable
code that preserves the verified properties is generated. The design is
documented on the model and the documentation is passed as comments into the
generated code. On the series of examples we illustrate how models and
properties are specified using pState.Comment: In Proceedings F-IDE 2015, arXiv:1508.0338
Formal verification of synchronisation, gossip and environmental effects for wireless sensor networks
The Internet of Things (IoT) promises a revolution in the monitoring and control of a wide range of applications, from urban water supply networks and precision agriculture food production, to vehicle connectivity and healthcare monitoring. For applications in such critical areas, control software and protocols for IoT systems must be verified to be both robust and reliable. Two of the largest obstacles to robustness and reliability in IoT systems are effects on the hardware caused by environmental conditions, and the choice of parameters used by the protocol. In this paper we use probabilistic model checking to verify that a synchronisation and dissemination protocol for Wireless Sensor Networks (WSNs) is correct with respect to its requirements, and is not adversely affected by the environment. We show how the protocol can be converted into a logical model and then analysed using the probabilistic model-checker, PRISM. Using this approach we prove under which circumstances the protocol is guaranteed to synchronise all nodes and disseminate new information to all nodes. We also examine the bounds on synchronisation as the environment changes the performance of the hardware clock, and investigate the scalability constraints of this approach. © 2019 Universitatsbibliothek TU Berlin
Formal Verification of Synchronisation, Gossip and Environmental Effects for Wireless Sensor Networks
The Internet of Things (IoT) promises a revolution in the monitoring and control of a wide range of applications, from urban water supply networks and precision agriculture food production, to vehicle connectivity and healthcare monitoring. For applications in such critical areas, control software and protocols for IoT systems must be verified to be both robust and reliable. Two of the largest obstacles to robustness and reliability in IoT systems are effects on the hardware caused by environmental conditions, and the choice of parameters used by the protocol. In this paper we use probabilistic model checking to verify that a synchronisation and dissemination protocol for Wireless Sensor Networks (WSNs) is correct with respect to its requirements, and is not adversely affected by the environment. We show how the protocol can be converted into a logical model and then analysed using the probabilistic model-checker, PRISM. Using this approach we prove under which circumstances the protocol is guaranteed to synchronise all nodes and disseminate new information to all nodes. We also examine the bounds on synchronisation as the environment changes the performance of the hardware clock, and investigate the scalability constraints of this approach
Adversarial Robustness Verification and Attack Synthesis in Stochastic Systems
Probabilistic model checking is a useful technique for specifying and
verifying properties of stochastic systems including randomized protocols and
reinforcement learning models. Existing methods rely on the assumed structure
and probabilities of certain system transitions. These assumptions may be
incorrect, and may even be violated by an adversary who gains control of system
components.
In this paper, we develop a formal framework for adversarial robustness in
systems modeled as discrete time Markov chains (DTMCs). We base our framework
on existing methods for verifying probabilistic temporal logic properties and
extend it to include deterministic, memoryless policies acting in Markov
decision processes (MDPs). Our framework includes a flexible approach for
specifying structure-preserving and non structure-preserving adversarial
models. We outline a class of threat models under which adversaries can perturb
system transitions, constrained by an ball around the original
transition probabilities.
We define three main DTMC adversarial robustness problems: adversarial
robustness verification, maximal synthesis, and worst case attack
synthesis. We present two optimization-based solutions to these three problems,
leveraging traditional and parametric probabilistic model checking techniques.
We then evaluate our solutions on two stochastic protocols and a collection of
Grid World case studies, which model an agent acting in an environment
described as an MDP. We find that the parametric solution results in fast
computation for small parameter spaces. In the case of less restrictive
(stronger) adversaries, the number of parameters increases, and directly
computing property satisfaction probabilities is more scalable. We demonstrate
the usefulness of our definitions and solutions by comparing system outcomes
over various properties, threat models, and case studies.Comment: To Appear, 35th IEEE Computer Security Foundations Symposium (2022
New Proposals to Improve a MAC Layer Protocol in Wireless Sensor Networks
The evolution of Wireless Sensor Networks has led to the development of protocols that
must comply with their new restrictions while being efficient in terms of energy consumption and time. We focus on a collision resolution protocol, the so-called Two Cell Sorted (2CS-WSN). We propose three different ways to improve its performance by minimising the collision resolution time or the energy consumption. After evaluating these proposals and carrying out the comparison with the original protocol, we recommend an improvement to the protocol which reduces the elapsed time by early 8% and the number of retries and conflicts more than 40%
Quantitative Assurance and Synthesis of Controllers from Activity Diagrams
Probabilistic model checking is a widely used formal verification technique
to automatically verify qualitative and quantitative properties for
probabilistic models. However, capturing such systems, writing corresponding
properties, and verifying them require domain knowledge. This makes it not
accessible for researchers and engineers who may not have the required
knowledge. Previous studies have extended UML activity diagrams (ADs),
developed transformations, and implemented accompanying tools for automation.
The research, however, is incomprehensive and not fully open, which makes it
hard to be evaluated, extended, adapted, and accessed. In this paper, we
propose a comprehensive verification framework for ADs, including a new profile
for probability, time, and quality annotations, a semantics interpretation of
ADs in three Markov models, and a set of transformation rules from activity
diagrams to the PRISM language, supported by PRISM and Storm. Most importantly,
we developed algorithms for transformation and implemented them in a tool,
called QASCAD, using model-based techniques, for fully automated verification.
We evaluated one case study where multiple robots are used for delivery in a
hospital and further evaluated six other examples from the literature. With all
these together, this work makes noteworthy contributions to the verification of
ADs by improving evaluation, extensibility, adaptability, and accessibility.Comment: 43 pages, 29 figures, 5 tables, submitted to Journal of Systems and
Software (JSS