Applying Formal Methods to Networking: Theory, Techniques and Applications

Despite its great importance, modern network infrastructure is remarkable for the lack of rigor in its engineering. The Internet which began as a research experiment was never designed to handle the users and applications it hosts today. The lack of formalization of the Internet architecture meant limited abstractions and modularity, especially for the control and management planes, thus requiring for every new need a new protocol built from scratch. This led to an unwieldy ossified Internet architecture resistant to any attempts at formal verification, and an Internet culture where expediency and pragmatism are favored over formal correctness. Fortunately, recent work in the space of clean slate Internet design---especially, the software defined networking (SDN) paradigm---offers the Internet community another chance to develop the right kind of architecture and abstractions. This has also led to a great resurgence in interest of applying formal methods to specification, verification, and synthesis of networking protocols and applications. In this paper, we present a self-contained tutorial of the formidable amount of work that has been done in formal methods, and present a survey of its applications to networking.Comment: 30 pages, submitted to IEEE Communications Surveys and Tutorial

A multi-paradigm language for reactive synthesis

This paper proposes a language for describing reactive synthesis problems that integrates imperative and declarative elements. The semantics is defined in terms of two-player turn-based infinite games with full information. Currently, synthesis tools accept linear temporal logic (LTL) as input, but this description is less structured and does not facilitate the expression of sequential constraints. This motivates the use of a structured programming language to specify synthesis problems. Transition systems and guarded commands serve as imperative constructs, expressed in a syntax based on that of the modeling language Promela. The syntax allows defining which player controls data and control flow, and separating a program into assumptions and guarantees. These notions are necessary for input to game solvers. The integration of imperative and declarative paradigms allows using the paradigm that is most appropriate for expressing each requirement. The declarative part is expressed in the LTL fragment of generalized reactivity(1), which admits efficient synthesis algorithms, extended with past LTL. The implementation translates Promela to input for the Slugs synthesizer and is written in Python. The AMBA AHB bus case study is revisited and synthesized efficiently, identifying the need to reorder binary decision diagrams during strategy construction, in order to prevent the exponential blowup observed in previous work.Comment: In Proceedings SYNT 2015, arXiv:1602.0078

TiLA: Twin-in-the-Loop Architecture for Cyber-Physical Production Systems

Digital twin is a virtual replica of a real-world object that lives simultaneously with its physical counterpart. Since its first introduction in 2003 by Grieves, digital twin has gained momentum in a wide range of applications such as industrial manufacturing, automotive and artificial intelligence. However, many digital-twin-related approaches, found in industries as well as literature, mainly focus on modelling individual physical things with high-fidelity methods with limited scalability. In this paper, we introduce a digital-twin architecture called TiLA (Twin-in-the-Loop Architecture). TiLA employs heterogeneous models and online data to create a digital twin, which follows a Globally Asynchronous Locally Synchronous (GALS) model of computation. It facilitates the creation of a scalable digital twin with different levels of modelling abstraction as well as giving GALS formalism for execution strategy. Furthermore, TiLA provides facilities to develop applications around the twin as well as an interface to synchronise the twin with the physical system through an industrial communication protocol. A digital twin for a manufacturing line has been developed as a case study using TiLA. It demonstrates the use of digital twin models together with online data for monitoring and analysing failures in the physical system

Current Sensing Completion Detection in Single-Rail Asynchronous Systems

In this article, an alternative approach to detecting the computation completion of combinatorial blocks in asynchronous digital systems is presented. The proposed methodology is based on well-known phenomenon that occurs in digital systems fabricated in CMOS technology. Such logic circuits exhibit significantly higher current consumption during the signal transitions than in the idle state. Duration of these current peaks correlates very well with the actual computation time of the combinatorial block. Hence, this fact can be exploited for separation of the computation activity from static state. The paper presents fundamental background of addressed alternative completion detection and its implementation in single-rail encoded asynchronous systems, the proposed current sensing circuitry, achieved simulation results as well as the comparison to the state-of-the-art methods of completion detection. The presented method promises the enhancement of the performance of an asynchronous circuit, and under certain circumstances it also reduces the silicon area requirements of the completion detection block

Automated Synthesis of Enforcing Mechanisms for Security Properties in a Timed Setting

AbstractIn [Martinelli, F. and I. Matteucci, Modeling security automata with process algebras and related results (2006), presented at the 6th International Workshop on Issues in the Theory of Security (WITS '06) - Informal proceedings; Martinelli, F. and I. Matteucci, Through modeling to synthesis of security automata (2006), accepted to STM06. To appeare in ENTCS] we have presented an approach for enforcing security properties. It is based on the automatic synthesis of controller programs that are able to detect and eventually prevent possible wrong action performed by an external agent. Here, we extend this approach also to a timed setting. Under certain assumptions, we are also able to enforce several information flow properties. We show how to deal with parameterized systems

Synthesis from multi-paradigm specifications

This work proposes a language for describing reactive synthesis problems that integrates imperative and declarative elements. The semantics is defined in terms of two-player turn-based infinite games with full information. Currently, synthesis tools accept linear temporal logic (LTL) as input, but this description is less structured and does not facilitate the expression of sequential constraints. This motivates the use of a structured programming language to specify synthesis problems. Transition systems and guarded commands serve as imperative constructs, expressed in a syntax based on that of the modeling language Promela. The syntax allows defining which player controls data and control flow, and separating a program into assumptions and guarantees. These notions are necessary for input to game solvers. The integration of imperative and declarative paradigms allows using the paradigm that is most appropriate for expressing each requirement. The declarative part is expressed in the LTL fragment of generalized reactivity(1), which admits efficient synthesis algorithms. The implementation translates Promela to input for the Slugs synthesizer and is written in Python

Real time control of nonlinear dynamic systems using neuro-fuzzy controllers

The problem of real time control of a nonlinear dynamic system using intelligent control techniques is considered. The current trend is to incorporate neural networks and fuzzy logic into adaptive control strategies. The focus of this work is to investigate the current neuro-fuzzy approaches from literature and adapt them for a specific application. In order to achieve this objective, an experimental nonlinear dynamic system is considered. The motivation for this comes from the desire to solve practical problems and to create a test-bed which can be used to test various control strategies. The nonlinear dynamic system considered here is an unstable balance beam system that contains two fluid tanks, one at each end, and the balance is achieved by pumping the fluid back and forth from the tanks. A popular approach, called ANFIS (Adaptive Networks-based Fuzzy Inference Systems), which combines the structure of fuzzy logic controllers with the learning aspects from neural networks is considered as a basis for developing novel techniques, because it is considered to be one of the most general framework for developing adaptive controllers. However, in the proposed new method, called Generalized Network-based Fuzzy Inferencing Systems (GeNFIS), more conventional fuzzy schemes for the consequent part are used instead of using what is called the Sugeno type rules. Moreover, in contrast to ANFIS which uses a full set of rules, GeNFIS uses only a limited number of rules based on certain expert knowledge. GeNFIS is tested on the balance beam system, both in a real- time actual experiment and the simulation, and is found to perform better than a comparable ANFIS under supervised learning. Based on these results, several modifications of GeNFIS are considered, for example, synchronous defuzzification through triangular as well as bell shaped membership functions. Another modification involves simultaneous use of Sugeno type as well as conventional fuzzy schemes for the consequent part, in an effort to create a more flexible framework. Results of testing different versions of GeNFIS on the balance beam system are presented

Index to 1985 NASA Tech Briefs, volume 10, numbers 1-4

Short announcements of new technology derived from the R&D activities of NASA are presented. These briefs emphasize information considered likely to be transferrable across industrial, regional, or disciplinary lines and are issued to encourage commercial application. This index for 1985 Tech Briefs contains abstracts and four indexes: subject, personal author, originating center, and Tech Brief Number. The following areas are covered: electronic components and circuits, electronic systems, physical sciences, materials, life sciences, mechanics, machinery, fabrication technology, and mathematics and information sciences