62,815 research outputs found
Automated Cryptographic Analysis of the Pedersen Commitment Scheme
Aiming for strong security assurance, recently there has been an increasing
interest in formal verification of cryptographic constructions. This paper
presents a mechanised formal verification of the popular Pedersen commitment
protocol, proving its security properties of correctness, perfect hiding, and
computational binding. To formally verify the protocol, we extended the theory
of EasyCrypt, a framework which allows for reasoning in the computational
model, to support the discrete logarithm and an abstraction of commitment
protocols. Commitments are building blocks of many cryptographic constructions,
for example, verifiable secret sharing, zero-knowledge proofs, and e-voting.
Our work paves the way for the verification of those more complex
constructions.Comment: 12 pages, conference MMM-ACNS 201
Exploiting Hierarchy in the Abstraction-Based Verification of Statecharts Using SMT Solvers
Statecharts are frequently used as a modeling formalism in the design of
state-based systems. Formal verification techniques are also often applied to
prove certain properties about the behavior of the system. One of the most
efficient techniques for formal verification is Counterexample-Guided
Abstraction Refinement (CEGAR), which reduces the complexity of systems by
automatically building and refining abstractions. In our paper we present a
novel adaptation of the CEGAR approach to hierarchical statechart models. First
we introduce an encoding of the statechart to logical formulas that preserves
information about the state hierarchy. Based on this encoding we propose
abstraction and refinement techniques that utilize the hierarchical structure
of statecharts and also handle variables in the model. The encoding allows us
to use SMT solvers for the systematic exploration and verification of the
abstract model, including also bounded model checking. We demonstrate the
applicability and efficiency of our abstraction techniques with measurements on
an industry-motivated example.Comment: In Proceedings FESCA 2017, arXiv:1703.0659
Model checking learning agent systems using Promela with embedded C code and abstraction
As autonomous systems become more prevalent, methods for their verification will become more
widely used. Model checking is a formal verification technique that can help ensure the safety of autonomous
systems, but in most cases it cannot be applied by novices, or in its straight \off-the-shelf" form. In order
to be more widely applicable it is crucial that more sophisticated techniques are used, and are presented
in a way that is reproducible by engineers and verifiers alike. In this paper we demonstrate in detail two
techniques that are used to increase the power of model checking using the model checker SPIN. The first
of these is the use of embedded C code within Promela specifications, in order to accurately re
ect robot
movement. The second is to use abstraction together with a simulation relation to allow us to verify multiple
environments simultaneously. We apply these techniques to a fairly simple system in which a robot moves
about a fixed circular environment and learns to avoid obstacles. The learning algorithm is inspired by the
way that insects learn to avoid obstacles in response to pain signals received from their antennae. Crucially,
we prove that our abstraction is sound for our example system { a step that is often omitted but is vital if
formal verification is to be widely accepted as a useful and meaningful approach
Report on the formal specification and partial verification of the VIPER microprocessor
The formal specification and partial verification of the VIPER microprocessor is reviewed. The VIPER microprocessor was designed by RSRE, Malvern, England, for safety critical computing applications (e.g., aircraft, reactor control, medical instruments, armaments). The VIPER was carefully specified and partially verified in an attempt to provide a microprocessor with completely predictable operating characteristics. The specification of VIPER is divided into several levels of abstraction, from a gate-level description up to an instruction execution model. Although the consistency between certain levels was demonstrated with mechanically-assisted mathematical proof, the formal verification of VIPER was never completed
StocHy: automated verification and synthesis of stochastic processes
StocHy is a software tool for the quantitative analysis of discrete-time
stochastic hybrid systems (SHS). StocHy accepts a high-level description of
stochastic models and constructs an equivalent SHS model. The tool allows to
(i) simulate the SHS evolution over a given time horizon; and to automatically
construct formal abstractions of the SHS. Abstractions are then employed for
(ii) formal verification or (iii) control (policy, strategy) synthesis. StocHy
allows for modular modelling, and has separate simulation, verification and
synthesis engines, which are implemented as independent libraries. This allows
for libraries to be easily used and for extensions to be easily built. The tool
is implemented in C++ and employs manipulations based on vector calculus, the
use of sparse matrices, the symbolic construction of probabilistic kernels, and
multi-threading. Experiments show StocHy's markedly improved performance when
compared to existing abstraction-based approaches: in particular, StocHy beats
state-of-the-art tools in terms of precision (abstraction error) and
computational effort, and finally attains scalability to large-sized models (12
continuous dimensions). StocHy is available at www.gitlab.com/natchi92/StocHy
Robustness Verification of Support Vector Machines
We study the problem of formally verifying the robustness to adversarial
examples of support vector machines (SVMs), a major machine learning model for
classification and regression tasks. Following a recent stream of works on
formal robustness verification of (deep) neural networks, our approach relies
on a sound abstract version of a given SVM classifier to be used for checking
its robustness. This methodology is parametric on a given numerical abstraction
of real values and, analogously to the case of neural networks, needs neither
abstract least upper bounds nor widening operators on this abstraction. The
standard interval domain provides a simple instantiation of our abstraction
technique, which is enhanced with the domain of reduced affine forms, which is
an efficient abstraction of the zonotope abstract domain. This robustness
verification technique has been fully implemented and experimentally evaluated
on SVMs based on linear and nonlinear (polynomial and radial basis function)
kernels, which have been trained on the popular MNIST dataset of images and on
the recent and more challenging Fashion-MNIST dataset. The experimental results
of our prototype SVM robustness verifier appear to be encouraging: this
automated verification is fast, scalable and shows significantly high
percentages of provable robustness on the test set of MNIST, in particular
compared to the analogous provable robustness of neural networks
A Faithful Semantics for Generalised Symbolic Trajectory Evaluation
Generalised Symbolic Trajectory Evaluation (GSTE) is a high-capacity formal
verification technique for hardware. GSTE uses abstraction, meaning that
details of the circuit behaviour are removed from the circuit model. A
semantics for GSTE can be used to predict and understand why certain circuit
properties can or cannot be proven by GSTE. Several semantics have been
described for GSTE. These semantics, however, are not faithful to the proving
power of GSTE-algorithms, that is, the GSTE-algorithms are incomplete with
respect to the semantics.
The abstraction used in GSTE makes it hard to understand why a specific
property can, or cannot, be proven by GSTE. The semantics mentioned above
cannot help the user in doing so. The contribution of this paper is a faithful
semantics for GSTE. That is, we give a simple formal theory that deems a
property to be true if-and-only-if the property can be proven by a GSTE-model
checker. We prove that the GSTE algorithm is sound and complete with respect to
this semantics
- …