A modular approach to formal specification and verification of dependable distributed protocols

Dependable distributed system typically utilize a hierarchy of protocols to provide for reliable and timely services. Such protocols have both dependability and real-time attributes, and the analysis of these protocols is a problem of growing complexity. The development of precise and accurate formal specifications of these protocols and their subsequent formal verification to gain assurance have been a great challenge. Exploiting the inherent modularity in the design of most dependable protocols, in this thesis, we present our modular approach to specification composition and verification of dependable distributed protocol. In particular, we consider redundancy management protocols that are needed to manage redundant resources used in the system for dependability purposes. Utilizing building-block protocols inherently used in redundancy management protocols, we perform compositional specification and verification of a checkpointing and recovery protocol based on them. The key idea is that if a library of these basic components, like the primitives and sub-protocols are being formulated, then these elements aid in systematic and hierarchical development of dependable distributed protocols. The main contribution of this thesis to illustrate the fact that by defining a priori validated building-blocks for dependable distributed protocols, larger and more complex protocols can be easily specified and verified. For a mechanical support in formal verification process, we use formal tools such as Specware and PVS

Formal analysis of fault tolerant real time multiprocessor allocation and scheduling protocols

Dependable real-time distributed systems rely on allocation and scheduling protocols to satisfy stringent resource and timing constraints. As these protocols have both dependability and real-time attributes, verification of such composite services warrants a rigorous and formal levels of assurance for their correctness. The wide acceptance of formal techniques in the design and development of dependable real-time systems is limited because, most of these formal theories for real-time scheduling have been developed without much regard for their further reuse. This makes the formal specifications and their proof constructs in general difficult to reuse, and to verify or analyze similar or related protocols. To expand the utility of formal techniques, this thesis explores the possibility of effectively defining and then reusing formal theories in order to simplify verification and analysis for a wide spectrum of dependable real-time protocols. We present a modular formal analysis of a fault-tolerant version of a real-time task allocation and scheduling policies. The main aim is to develop a library of formal theories for the identified modules for real-time and dependable services which could be systematically, and if required, repeatedly used to develop different and new composite dependable multiprocessor real-time allocation and scheduling protocols. We demonstrate a rigorous and tool-assisted formal analysis of three multiprocessor real time fault tolerant allocation and scheduling protocols for both periodic and aperiodic task models using the concept of reuasability of previously defined theories. We show the reduced effort in the analysis and verification process by reusing the previously formalized theories. Formal analyses of these protocols have been performed using a mechanized theorem proving environment, called PVS from SRI labs

An IDE for the Design, Verification and Implementation of Security Protocols

Security protocols are critical components for the construction of secure and dependable distributed applications, but their implementation is challenging and error prone. Therefore, tools for formal modelling and analysis of security protocols can be potentially very useful to support software engineers. However, despite such tools have been available for a long time, their adoption outside the research community has been very limited. In fact, most practitioners find such applications too complex and hardly usable for their daily work. In this paper, we present an Integrated Development Environment for the design, verification and implementation of security protocols, aimed at lowering the adoption barrier of formal methods tools for security. In the spirit of Model Driven Development, the environment supports the user in the specification of the model using the simple and intuitive language AnB (and its extension AnBx). Moreover, it provides a push-button solution for the formal verification of the abstract and concrete models, and for the automatic generation of Java implementation. This Eclipse-based IDE leverages on existing languages and tools for modelling and verification of security protocols, such as the AnBx Compiler and Code Generator, the model checker OFMC and the protocol verifier ProVerif

Modular composition and verification of transaction processing protocols using category theory

Establishing the correctness of reliable distributed protocols supporting dependable applications necessitates modular/compositional approaches to tackle the inherent complexity of these protocols. Efforts involved in the specification and verification of these reliable distributed protocols can be considerably reduced if the protocol is composed utilizing smaller components (building-blocks) possessing individual functionalities that are integral parts of the overall protocol operation. In this thesis, we introduce techniques utilizing the concepts of category theory for the modular composition of dependable distributed protocols. In particular, we show how by defining external interfaces of basic modules, and morphisms linking two different modules, a larger or more complex protocol can be formally composed and verified. To illustrate the effectiveness of the proposed methodology for compositional specification and verification, in this thesis, we present a modular composition and verification of a transaction processing protocol namely the non-blocking atomic three phase commit (3PC) protocol using category theoretic concepts. Specifically, we illustrate how the overall global properties of the protocol can be proved by utilizing constructs of local sub-properties of the inherent building blocks of the 3PC protocol. A key benefit of this modular approach is that these identified building blocks would be helpful to system designers for their capability of specifying and facilitating rigorously tested and pretested formal theory modules of required system and component behavior; and also supporting system design decisions and modifications

Quantitative Verification: Formal Guarantees for Timeliness, Reliability and Performance

Computerised systems appear in almost all aspects of our daily lives, often in safety-critical scenarios such as embedded control systems in cars and aircraft or medical devices such as pacemakers and sensors. We are thus increasingly reliant on these systems working correctly, despite often operating in unpredictable or unreliable environments. Designers of such devices need ways to guarantee that they will operate in a reliable and efficient manner. Quantitative verification is a technique for analysing quantitative aspects of a system's design, such as timeliness, reliability or performance. It applies formal methods, based on a rigorous analysis of a mathematical model of the system, to automatically prove certain precisely specified properties, e.g. ``the airbag will always deploy within 20 milliseconds after a crash'' or ``the probability of both sensors failing simultaneously is less than 0.001''. The ability to formally guarantee quantitative properties of this kind is beneficial across a wide range of application domains. For example, in safety-critical systems, it may be essential to establish credible bounds on the probability with which certain failures or combinations of failures can occur. In embedded control systems, it is often important to comply with strict constraints on timing or resources. More generally, being able to derive guarantees on precisely specified levels of performance or efficiency is a valuable tool in the design of, for example, wireless networking protocols, robotic systems or power management algorithms, to name but a few. This report gives a short introduction to quantitative verification, focusing in particular on a widely used technique called model checking, and its generalisation to the analysis of quantitative aspects of a system such as timing, probabilistic behaviour or resource usage. The intended audience is industrial designers and developers of systems such as those highlighted above who could benefit from the application of quantitative verification,but lack expertise in formal verification or modelling

A survey on online monitoring approaches of computer-based systems

This report surveys forms of online data collection that are in current use (as well as being the subject of research to adapt them to changing technology and demands), and can be used as inputs to assessment of dependability and resilience, although they are not primarily meant for this use