80,417 research outputs found
Rewriting-based Verification and Debugging of Web Systems
The increasing complexity of Web system has led to the development of sophisticated formal methodologies for verifying and correcting Web data and Web programs.
In general, establishing whether a Web system behaves correctly with respect to the original intention of the programmer or checking its internal consistency
are non-trivial tasks as witnessed by many studies in the literature.
In this dissertation, we face two challenging problems related to the verification of Web systems.
Firstly, we extend a previous Web verification framework based on partial rewriting by providing a semi-automatic technique for repairing Web systems.
We propose a basic repairing methodology that is endowed with several strategies for optimizing the number of repair actions that must be executed in order to fix a given Web site.
Also, we develop an improvement of the Web verification framework that is based on abstract interpretation and greatly enhances both efficiency and scalability of the original technique.
Secondly, we formalize a framework for the specification and model-checking of dynamic Web applications that is based on Rewriting Logic.
Our framework allows one to simulate
the user navigation and the evaluation of Web scripts within a Web application, and also check important related properties such us reachability and consistency.
When a property is refuted, a counter-example with the erroneous trace is delivered.
Such information can be analyzed in order to debug the Web application under examination by means of a novel backward trace slicing technique that we formulated for this purpose.
This technique consists in tracing back, along an execution trace, all the relevant symbols of the term (or state) that we are interested to observe.Romero ., DO. (2011). Rewriting-based Verification and Debugging of Web Systems [Tesis doctoral no publicada]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/12496Palanci
Debugging of Web Applications with Web-TLR
Web-TLR is a Web verification engine that is based on the well-established
Rewriting Logic--Maude/LTLR tandem for Web system specification and
model-checking. In Web-TLR, Web applications are expressed as rewrite theories
that can be formally verified by using the Maude built-in LTLR model-checker.
Whenever a property is refuted, a counterexample trace is delivered that
reveals an undesired, erroneous navigation sequence. Unfortunately, the
analysis (or even the simple inspection) of such counterexamples may be
unfeasible because of the size and complexity of the traces under examination.
In this paper, we endow Web-TLR with a new Web debugging facility that supports
the efficient manipulation of counterexample traces. This facility is based on
a backward trace-slicing technique for rewriting logic theories that allows the
pieces of information that we are interested to be traced back through inverse
rewrite sequences. The slicing process drastically simplifies the computation
trace by dropping useless data that do not influence the final result. By using
this facility, the Web engineer can focus on the relevant fragments of the
failing application, which greatly reduces the manual debugging effort and also
decreases the number of iterative verifications.Comment: In Proceedings WWV 2011, arXiv:1108.208
Model checking: Correct Web page navigations with browser behavior.
While providing better performance, transparency and expressiveness, the main features of the web technologies such as web caching, session and cookies, dynamically generated web pages etc. may also affect the correct understanding of the web applications running on top of them. From the viewpoint of formal verification and specification-based testing, this suggests that the formal model of the web application we use for static analysis or test case generation should contain the abstract behavior of the underlying web application environment. Here we consider the automated generation of such a model in terms of extended finite state machines from a given abstract description of a web application by incorporating the abstract behavioral model of the web browsers in the presence of session/cookies and dynamically generated web pages. The derived model can serve as the formal basis for both model checking and specification-based testing on the web applications where we take into account the effect of the internal caching mechanism to the correct accessibility of the web pages, which can be quite sensitive to the security of the information they carry. In order to check the correctness of the derived model against required properties, we provide the automated translation of the model into Promela. By applying SPIN on Promela models, we present experimental results on the evaluation of the proposed modeling in terms of scalability.Dept. of Computer Science. Paper copy at Leddy Library: Theses & Major Papers - Basement, West Bldg. / Call Number: Thesis2004 .Z543. Source: Masters Abstracts International, Volume: 43-05, page: 1761. Adviser: Jessica Chen. Thesis (M.Sc.)--University of Windsor (Canada), 2004
Model checking web applications
The modelling of web-based applications can assist in capturing and understanding their behaviour.
The development of such applications requires the use of sound methodologies to ensure that the
intended and actual behaviour are the same.
As a verification technique, model checking can assist in finding design
flaws and simplifying the
design of a web application, and as a result the design and the security of the web application can
be improved. Model checking has the advantage of using an exhaustive search of the state space of
a system to determine if the specifications are true or not in a given model.
In this thesis we present novel approaches in modelling and verifying web applications' properties
to ensure their design correctness and security. Since the actions in web applications rely on both
the user input and the server status; we propose an approach for modelling and verifying dynamic
navigation properties. The Spin model checker has been used successfully in verifying communication
protocols. However, the current version of Spin does not support modelling time. We integrate
discrete time in the Spin model to allow the modelling of realistic properties that rely on time
constraints and to analyse the sequence of actions and time. Examining the sequence of actions in
web applications assists in understanding their behaviour in different scenarios such as navigation
errors and in the presence of an intruder. The model checker Uppaal is presented in the literature
as an alternative to Spin when modelling real-time systems. We develop models with real time
constraints in Uppaal in order to validate the results from the Spin models and to compare the
differences between modelling with real time and with discrete time as in Spin. We also compare
the complexity and expressiveness of each model checker in verifying web applications' properties.
The web application models in our research are developed gradually to ensure their correctness and
to manage the complexities of specifying the security and navigation properties. We analyse the
compromised model to compare the differences in the sequence of actions and time with the secure
model to assist in improving early detections of malicious behaviour in web applications
An executable formal semantics of PHP with applications to program analysis
Nowadays, many important activities in our lives involve the web. However, the software and protocols on which web applications are based were not designed with the appropriate level of security in mind. Many web applications have reached a level of complexity for which testing, code reviews and human inspection are no longer sufficient quality-assurance guarantees. Tools that employ static analysis techniques are needed in order to explore all possible execution paths through an application and guarantee the absence of undesirable behaviours. To make sure that an analysis captures the properties of interest, and to navigate the trade-offs between efficiency and precision, it is necessary to base the design and the development of static analysis tools on a firm understanding of the language to be analysed. When this underlying knowledge is missing or erroneous, tools can’t be trusted no matter what advanced techniques they use to perform their task. In this Thesis, we introduce KPHP, the first executable formal semantics of PHP, one of the most popular languages for server-side web programming. Then, we demonstrate its practical relevance by developing two verification tools, of increasing complexity, on top of it - a simple verifier based on symbolic execution and LTL model checking and a general purpose, fully configurable and extensible static analyser based on Abstract Interpretation. Our LTL-based tool leverages the existing symbolic execution and model checking support offered by K, our semantics framework of choice, and constitutes a first proof-of-concept of the usefulness of our semantics. Our abstract interpreter, on the other hand, represents a more significant and novel contribution to the field of static analysis of dynamic scripting languages (PHP in particular). Although our tool is still a prototype and therefore not well suited for handling large real-world codebases, we demonstrate how our semantics-based, principled approach to the development of verification tools has lead to the design of static analyses that outperform existing tools and approaches, both in terms of supported language features, precision, and breadth of possible applications.Open Acces
Modeling and Formal Verification of Smart Environments
Smart Environments (SmE) are a growing combination of various computing frameworks (ubiquitous, pervasive etc), devices, control algorithms and a complex web of interactions. It is at the
core of user facilitation in a number of industrial, domestic and public areas. Based on their application areas, SmE may be critical in terms of correctness, reliability, safety, security etc. To achieve error-free and requirement-compliant implementation, these systems are designed resorting to various modeling approaches including Ontology and Statecharts. This paper attempts to consider correctness, reliability, safety and security in the design process of SmE and its related components by proposing a design time modeling and formal verification methodology. The proposed methodology covers various design features related to modeling and formal verification SmE (focusing on users, devices, environment, control algorithms and their interaction) against the set of the requirements through model checking. A realistic case study of a Bank Door Security Booth System (BDSB) is tested. The results show the successful verification of the properties related to the safety, security and desired reliable behavior of BDSB
Real-time systems refinement : application to the verification of web services
Les services Web sont des applications distribuées qui sont conçus pour atteindre une tâche spécifique de l'entreprise sur le web. Afin d'augmenter la qualité et d'élever la sécurité des services Web, la vérification de BPEL, un service web langage de composition est considérée. Dans ce contexte, le model checking est une des techniques de vérification les plus utilisés en raison de son exhaustivité, son application facile et automatique. Cependant, un inconvénient majeur du model checking est l'explosion combinatoire en cas de grands modèles. Le raffinement est une des techniques utilisées pour combattre au problème d'explosion. Dans cette thèse, nous étudions le raffinement des systèmes temporisés et son application à des situations réelles, à savoir les modèles BPEL. Pour cela, nous proposons d'abord une technique automatique pour la vérification de la simulation faible temporisée entre des systèmes de transitions temporisé basée sur des modèles issus d'un langage de spécification formelle, FIACRE. La technique est une méthode basée sur l'observation, dans laquelle deux systèmes de transitions temporisés sont composées avec un observateur temporisé. Une propriété de mu-calcul qui capte la simulation faible temporisée est ensuite vérifiée sur le résultat de la composition. En deuxième étape, afin de valider les modèles BPEL, nous proposons une technique qui consiste dans les étapes suivantes: premièrement, les activités BPEL qui ont besoin d'être abstrait sont fournis avec leurs abstractions. Deuxièmement, la source BPEL est transformé en FIACRE en fonction des choix précédents. Troisièmement, les propriétés d'exigences sont vérifiées sur le modèle de FIACRE abstrait. Enfin, les relations de simulation sont prouvés entre les composants concrets et abstraits du modèle.Web services are distributed applications which are designed to achieve a specific business task over the web. In order to increase the security and to elevate the safety of web services, the verification of BPEL, a web services composition language is considered. In this context, model checking is one of the most used verification techniques because of its thoroughness, its easy application, and automatic approach. However, a major drawback of model checking is the combinatory explosion in case of large models. Refinement is one of the used techniques to alleviate the model checking problem. In this PhD, we study the refinement of timed systems and its application to real life scenarios, namely to BPEL models. For this, we first suggest an automatic technique for checking the timed weak simulation between timed transition systems based on models originating from a formal specification language, FIACRE. The technique is an observation-based method in which two timed transition systems are composed with a timed observer. A -calculus property that captures the timed weak simulation is then verified upon the result of the composition. At the second stage, in order to validate BPEL models, we suggest a technique that consists in the following steps : first, BPEL activities to-be-abstracted are provided along with their abstractions. Second, the BPEL source is transformed to FIACRE according to the previous choices. Third, domain properties are verified on the abstract FIACRE model. Finally, simulation relations are proven between concrete and abstract parts of the model
Procedure-modular specification and verification of temporal safety properties
This paper describes ProMoVer, a tool for fully automated procedure-modular verification of Java programs equipped with method-local and global assertions that specify safety properties of sequences of method invocations. Modularity at the procedure-level is a natural instantiation of the modular verification paradigm, where correctness of global properties is relativized on the local properties of the methods rather than on their implementations. Here, it is based on the construction of maximal models for a program model that abstracts away from program data. This approach allows global properties to be verified in the presence of code evolution, multiple method implementations (as arising from software product lines), or even unknown method implementations (as in mobile code for open platforms). ProMoVer automates a typical verification scenario for a previously developed tool set for compositional verification of control flow safety properties, and provides appropriate pre- and post-processing. Both linear-time temporal logic and finite automata are supported as formalisms for expressing local and global safety properties, allowing the user to choose a suitable format for the property at hand. Modularity is exploited by a mechanism for proof reuse that detects and minimizes the verification tasks resulting from changes in the code and the specifications. The verification task is relatively light-weight due to support for abstraction from private methods and automatic extraction of candidate specifications from method implementations. We evaluate the tool on a number of applications from the domains of Java Card and web-based application
- …