32,856 research outputs found
Applying Formal Methods to Networking: Theory, Techniques and Applications
Despite its great importance, modern network infrastructure is remarkable for
the lack of rigor in its engineering. The Internet which began as a research
experiment was never designed to handle the users and applications it hosts
today. The lack of formalization of the Internet architecture meant limited
abstractions and modularity, especially for the control and management planes,
thus requiring for every new need a new protocol built from scratch. This led
to an unwieldy ossified Internet architecture resistant to any attempts at
formal verification, and an Internet culture where expediency and pragmatism
are favored over formal correctness. Fortunately, recent work in the space of
clean slate Internet design---especially, the software defined networking (SDN)
paradigm---offers the Internet community another chance to develop the right
kind of architecture and abstractions. This has also led to a great resurgence
in interest of applying formal methods to specification, verification, and
synthesis of networking protocols and applications. In this paper, we present a
self-contained tutorial of the formidable amount of work that has been done in
formal methods, and present a survey of its applications to networking.Comment: 30 pages, submitted to IEEE Communications Surveys and Tutorial
Finite Model Finding for Parameterized Verification
In this paper we investigate to which extent a very simple and natural
"reachability as deducibility" approach, originated in the research in formal
methods in security, is applicable to the automated verification of large
classes of infinite state and parameterized systems. The approach is based on
modeling the reachability between (parameterized) states as deducibility
between suitable encodings of states by formulas of first-order predicate
logic. The verification of a safety property is reduced to a pure logical
problem of finding a countermodel for a first-order formula. The later task is
delegated then to the generic automated finite model building procedures. In
this paper we first establish the relative completeness of the finite
countermodel finding method (FCM) for a class of parameterized linear arrays of
finite automata. The method is shown to be at least as powerful as known
methods based on monotonic abstraction and symbolic backward reachability.
Further, we extend the relative completeness of the approach and show that it
can solve all safety verification problems which can be solved by the
traditional regular model checking.Comment: 17 pages, slightly different version of the paper is submitted to
TACAS 201
Partial Order Reduction for Security Protocols
Security protocols are concurrent processes that communicate using
cryptography with the aim of achieving various security properties. Recent work
on their formal verification has brought procedures and tools for deciding
trace equivalence properties (e.g., anonymity, unlinkability, vote secrecy) for
a bounded number of sessions. However, these procedures are based on a naive
symbolic exploration of all traces of the considered processes which,
unsurprisingly, greatly limits the scalability and practical impact of the
verification tools.
In this paper, we overcome this difficulty by developing partial order
reduction techniques for the verification of security protocols. We provide
reduced transition systems that optimally eliminate redundant traces, and which
are adequate for model-checking trace equivalence properties of protocols by
means of symbolic execution. We have implemented our reductions in the tool
Apte, and demonstrated that it achieves the expected speedup on various
protocols
Compiling symbolic attacks to protocol implementation tests
Recently efficient model-checking tools have been developed to find flaws in
security protocols specifications. These flaws can be interpreted as potential
attacks scenarios but the feasability of these scenarios need to be confirmed
at the implementation level. However, bridging the gap between an abstract
attack scenario derived from a specification and a penetration test on real
implementations of a protocol is still an open issue. This work investigates an
architecture for automatically generating abstract attacks and converting them
to concrete tests on protocol implementations. In particular we aim to improve
previously proposed blackbox testing methods in order to discover automatically
new attacks and vulnerabilities. As a proof of concept we have experimented our
proposed architecture to detect a renegotiation vulnerability on some
implementations of SSL/TLS, a protocol widely used for securing electronic
transactions.Comment: In Proceedings SCSS 2012, arXiv:1307.802
Towards Efficient Verification of Population Protocols
Population protocols are a well established model of computation by
anonymous, identical finite state agents. A protocol is well-specified if from
every initial configuration, all fair executions reach a common consensus. The
central verification question for population protocols is the
well-specification problem: deciding if a given protocol is well-specified.
Esparza et al. have recently shown that this problem is decidable, but with
very high complexity: it is at least as hard as the Petri net reachability
problem, which is EXPSPACE-hard, and for which only algorithms of non-primitive
recursive complexity are currently known.
In this paper we introduce the class WS3 of well-specified strongly-silent
protocols and we prove that it is suitable for automatic verification. More
precisely, we show that WS3 has the same computational power as general
well-specified protocols, and captures standard protocols from the literature.
Moreover, we show that the membership problem for WS3 reduces to solving
boolean combinations of linear constraints over N. This allowed us to develop
the first software able to automatically prove well-specification for all of
the infinitely many possible inputs.Comment: 29 pages, 1 figur
Non-collaborative Attackers and How and Where to Defend Flawed Security Protocols (Extended Version)
Security protocols are often found to be flawed after their deployment. We
present an approach that aims at the neutralization or mitigation of the
attacks to flawed protocols: it avoids the complete dismissal of the interested
protocol and allows honest agents to continue to use it until a corrected
version is released. Our approach is based on the knowledge of the network
topology, which we model as a graph, and on the consequent possibility of
creating an interference to an ongoing attack of a Dolev-Yao attacker, by means
of non-collaboration actuated by ad-hoc benign attackers that play the role of
network guardians. Such guardians, positioned in strategical points of the
network, have the task of monitoring the messages in transit and discovering at
runtime, through particular types of inference, whether an attack is ongoing,
interrupting the run of the protocol in the positive case. We study not only
how but also where we can attempt to defend flawed security protocols: we
investigate the different network topologies that make security protocol
defense feasible and illustrate our approach by means of concrete examples.Comment: 29 page
- …