Procedure-modular specification and verification of temporal safety properties

This paper describes ProMoVer, a tool for fully automated procedure-modular verification of Java programs equipped with method-local and global assertions that specify safety properties of sequences of method invocations. Modularity at the procedure-level is a natural instantiation of the modular verification paradigm, where correctness of global properties is relativized on the local properties of the methods rather than on their implementations. Here, it is based on the construction of maximal models for a program model that abstracts away from program data. This approach allows global properties to be verified in the presence of code evolution, multiple method implementations (as arising from software product lines), or even unknown method implementations (as in mobile code for open platforms). ProMoVer automates a typical verification scenario for a previously developed tool set for compositional verification of control flow safety properties, and provides appropriate pre- and post-processing. Both linear-time temporal logic and finite automata are supported as formalisms for expressing local and global safety properties, allowing the user to choose a suitable format for the property at hand. Modularity is exploited by a mechanism for proof reuse that detects and minimizes the verification tasks resulting from changes in the code and the specifications. The verification task is relatively light-weight due to support for abstraction from private methods and automatic extraction of candidate specifications from method implementations. We evaluate the tool on a number of applications from the domains of Java Card and web-based application

Applying constraint solving to the management of distributed applications

Submitted to DOA08We present our approach for deploying and managing distributed component-based applications. A Desired State Description (DSD), written in a high-level declarative language, specifies requirements for a distributed application. Our infrastructure accepts a DSD as input, and from it automatically configures and deploys the distributed application. Subsequent violations of the original requirements are detected and, where possible, automatically rectified by reconfiguration and redeployment of the necessary application components. A constraint solving tool is used to plan deployments that meet the application requirements.Postprin

Formal Verification of Security Protocol Implementations: A Survey

Automated formal verification of security protocols has been mostly focused on analyzing high-level abstract models which, however, are significantly different from real protocol implementations written in programming languages. Recently, some researchers have started investigating techniques that bring automated formal proofs closer to real implementations. This paper surveys these attempts, focusing on approaches that target the application code that implements protocol logic, rather than the libraries that implement cryptography. According to these approaches, libraries are assumed to correctly implement some models. The aim is to derive formal proofs that, under this assumption, give assurance about the application code that implements the protocol logic. The two main approaches of model extraction and code generation are presented, along with the main techniques adopted for each approac

The Belgian Electronic Identity Card: a Verification Case Study

In the field of annotation-based source code level program verification for Java-like languages, separation-logic based verifiers offer a promising alternative to classic JML based verifiers such as ESC/Java2, the Mobius tool or Spec#. Researchers have demonstrated the advantages of separation logic based verification by showing that it is feasible to verify very challenging (though very small) sample code, such as design patterns, or highly concurrent code. However, there is little experience in using this new breed of verifiers on real code. In this paper we report on our experience of verifying several thousands of lines of Java Card code using VeriFast, one of the state-of-the-art separation logic based verifiers. We quantify annotation overhead, verification performance, and impact on code quality (number of bugs found). Finally, our experiments suggest a number of potential improvements to the VeriFast tool

Technical Report on Deploying a highly secured OpenStack Cloud Infrastructure using BradStack as a Case Study

Cloud computing has emerged as a popular paradigm and an attractive model for providing a reliable distributed computing model.it is increasing attracting huge attention both in academic research and industrial initiatives. Cloud deployments are paramount for institution and organizations of all scales. The availability of a flexible, free open source cloud platform designed with no propriety software and the ability of its integration with legacy systems and third-party applications are fundamental. Open stack is a free and opensource software released under the terms of Apache license with a fragmented and distributed architecture making it highly flexible. This project was initiated and aimed at designing a secured cloud infrastructure called BradStack, which is built on OpenStack in the Computing Laboratory at the University of Bradford. In this report, we present and discuss the steps required in deploying a secured BradStack Multi-node cloud infrastructure and conducting Penetration testing on OpenStack Services to validate the effectiveness of the security controls on the BradStack platform. This report serves as a practical guideline, focusing on security and practical infrastructure related issues. It also serves as a reference for institutions looking at the possibilities of implementing a secured cloud solution.Comment: 38 pages, 19 figures

Implementing a Loyalty Card for smartphones using a Bitcoin Like Approach

Cryptographic currencies have been thriving in the last 5 years, specially since the appearance of Bitcoin in 2009. Factors, as the particular advantages of this type of currency, the current economy conjecture and the evolution of technology are fuelling their popularity. In some countries, cryptographic currency systems are considered to be feasible alternatives to real money by the government and Bitcoin is actually being used in transactions worldwide. The success of Bitcoin is mostly due to its elegant mathematical description, proven security under its assumptions, its decentralized character and anonymity assurance. Apart from the initial effort to securely and correctly implement the system and of the maintenance of the applications, Bitcoin works automatically with the contribution of the nodes of a fully decentralized infrastructure. The full specification of the protocol is readily available, e.g., in the Internet, and it can be used by anyone. This masters programme explored the possibility to use it, with modifications, as a means to implement a system for electronic loyalty cards. In order to do so, the aforementioned cryptographic currency was studied in detail, a set of requirements for the new system and modifications to the original protocol were specified, and a software system was engineered and implemented in the Java programming language. The specification of the modifications was performed while taking the particular application scenario into account. The restrictions deriving from the application scenario were mostly dominated by the fact that the underlying Peer-to-Peer (P2P) infrastructure was to be constituted by smartphones only. The most visible outcome of this masters programme is the fully working prototype of the loyalty card system, comprised by an application for mobile devices and by a server side application. This prototype implements part of the Bitcoin from scratch, starting from the seminal work that defines it, along with the modifications that introduce a central agent for better controlling the quantity of currency per client and aid in the establishment of the P2P connections between two mobile applications. The modified version of the system is herein called Bitpoints, and the currency is instead constituted by points. The implemented loyalty card system benefits of some of the advantages of the popular cryptographic currency, namely the public access to the ledger for isolated verification of all transactions. The loyalty card permits the exchange of points between users and mining new points, which is fundamentally different than currently available loyalty cards. Within the context of this masters programme, a survey was delivery to a population constituted of 34 individuals, who answered a set of questions concerning the handling of the aforementioned prototype. The analysis of the obtained results allows to induce that people would feel comfortable with this application and accept the concept on which is based on, probably preferring a system similar to the proposed one.As moedas criptográficas têm vindo a prosperar nos últimos cinco anos, especialmente desde o aparecimento da Bitcoin em 2009. Fatores como as vantagens específicas deste tipo de moedas, a atual conjetura económica e a evolução tecnológica, estão a estimular a sua popularidade. Em alguns países, os sistemas monetários criptográficos são considerados pelo governo, alternativas viáveis ao dinheiro real e a Bitcoin está efetivamente a ser utilizada em transações por todo o mundo. O sucesso da Bitcoin é essencialmente baseado na sua elegante descrição matemática, segurança comprovada pelos seus princípios, pelo seu carácter descentralizado e pela garantia de anonimato. Para além do esforço inicial para implementar corretamente e de forma segura o sistema, e da manutenção das aplicações, a Bitcoin funciona automaticamente com a contribuição dos nós de uma infraestrutura descentralizada. A especificação completa do protocolo está facilmente disponível, por exemplo na Internet, e pode ser utilizada por qualquer pessoa. Este programa de mestrado explorou a possibilidade de usá-lo, com modificações, como uma forma de implementar um sistema de cartões de fidelização eletrónicos. De forma a fazer isso, a moeda criptográfica acima mencionada, foi estudada em detalhe, foram especificados um conjunto de requisitos para o novo sistema e modificações ao protocolo original, e um sistema em software foi projetado e implementado na linguagem de programação Java. A especificação das modificações foi realizada, tendo em conta o cenário desta aplicação em particular. As restrições resultantes do cenário da aplicação foram maioritariamente dominadas pelo fato de que a infraestrutura Peer-to-Peer (P2P) subjacente era constituída apenas por smartphones. O resultado mais visível deste programa de mestrado é o protótipo completamente funcional de um sistema de cartões de fidelização, composto por uma aplicação para dispositivos móveis, e outra para ser executada do lado do servidor. Este protótipo implementa de raiz, a parte do Bitcoin, a partir do trabalho seminal que o define, juntamente com as alterações que introduzem um agente central para controlar melhor a quantidade de moedas por cliente, e auxiliar no estabelecimento de ligações P2P entre duas aplicações móveis. A versão modificada do sistema é aqui chamada de Bitpoints e a moeda é em vez disso, constituída por pontos. Os benefícios da implementação deste sistema de cartões de fidelização, e de algumas das vantagens da popular moeda criptográfica são, nomeadamente o acesso público à cadeia de blocos para verificação isolada de todas as transações. O cartão de fidelização permite a troca de pontos entre utilizadores e novos pontos de mineração, que é fundamentalmente diferente dos cartões de fidelização atualmente disponíveis. Dentro do contexto deste programa de mestrado, foi distribuído um inquérito por uma população de 34 indivíduos, que responderam a um conjunto de questões relativas ao manuseamento do protótipo referido anteriormente. A análise dos resultados obtidos permitiu induzir que as pessoas se sentem confortáveis com a aplicação, e que aceitaram o conceito na qual esta é baseada, preferindo provavelmente um sistema semelhante ao proposto