31,005 research outputs found
Towards verifying correctness of wireless sensor network applications using Insense and Spin
The design and implementation of wireless sensor network applications often require domain experts, who may lack expertise in software engineering, to produce resource-constrained, concurrent, real-time software without the support of high-level software engineering facilities. The Insense language aims to address this mismatch by allowing the complexities of synchronisation, memory management and event-driven programming to be borne by the language implementation rather than by the programmer. The main contribution of this paper is all initial step towards verifying the correctness of WSN applications with a focus on concurrency. We model part of the synchronisation mechanism of the Insense language implementation using Promela constructs and verify its correctness using SPIN. We demonstrate how a previously published version of the mechanism is shown to be incorrect by SPIN, and give complete verification results for the revised mechanism.Preprin
Using SPIN to Analyse the Tree Identification Phase of the IEEE 1394 High-Performance Serial Bus(FireWire)Protocol
We describe how the tree identification phase of the IEEE 1394 high-performance serial bus (FireWire) protocol is modelled in Promela and verified using SPIN. The verification of arbitrary system configurations is discussed
Model Checking Paxos in Spin
We present a formal model of a distributed consensus algorithm in the
executable specification language Promela extended with a new type of guards,
called counting guards, needed to implement transitions that depend on majority
voting. Our formalization exploits abstractions that follow from reduction
theorems applied to the specific case-study. We apply the model checker Spin to
automatically validate finite instances of the model and to extract
preconditions on the size of quorums used in the election phases of the
protocol.Comment: In Proceedings GandALF 2014, arXiv:1408.556
Model checking programmable router configurations
Programmable networks offer the ability to customize router behaviour at run time, thus increasing flexibility of network administration. Programmable network routers are configured using domain-specific languages. In this paper, we describe our approach to defining the syntax and semantics of such a domain-specific language. The ability to evolve router programs dynamically creates potential for misconfigurations. By exploiting domain-specific abstractions, we are able to translate router configurations into Promela and validate them using the Spin model checker, thus providing reasoning support for our domain-specific language. To evaluate our approach we use our configuration language to express the IETF's Differentiated Services specification and show that industrial-sized DiffServ router configurations can be validated using Spin on a standard PC. © 2010 Springer-Verlag Berlin Heidelberg
IoTSan: Fortifying the Safety of IoT Systems
Today's IoT systems include event-driven smart applications (apps) that
interact with sensors and actuators. A problem specific to IoT systems is that
buggy apps, unforeseen bad app interactions, or device/communication failures,
can cause unsafe and dangerous physical states. Detecting flaws that lead to
such states, requires a holistic view of installed apps, component devices,
their configurations, and more importantly, how they interact. In this paper,
we design IoTSan, a novel practical system that uses model checking as a
building block to reveal "interaction-level" flaws by identifying events that
can lead the system to unsafe states. In building IoTSan, we design novel
techniques tailored to IoT systems, to alleviate the state explosion associated
with model checking. IoTSan also automatically translates IoT apps into a
format amenable to model checking. Finally, to understand the root cause of a
detected vulnerability, we design an attribution mechanism to identify
problematic and potentially malicious apps. We evaluate IoTSan on the Samsung
SmartThings platform. From 76 manually configured systems, IoTSan detects 147
vulnerabilities. We also evaluate IoTSan with malicious SmartThings apps from a
previous effort. IoTSan detects the potential safety violations and also
effectively attributes these apps as malicious.Comment: Proc. of the 14th ACM CoNEXT, 201
Graph- versus Vector-Based Analysis of a Consensus Protocol
The Paxos distributed consensus algorithm is a challenging case-study for
standard, vector-based model checking techniques. Due to asynchronous
communication, exhaustive analysis may generate very large state spaces already
for small model instances. In this paper, we show the advantages of graph
transformation as an alternative modelling technique. We model Paxos in a rich
declarative transformation language, featuring (among other things) nested
quantifiers, and we validate our model using the GROOVE model checker, a
graph-based tool that exploits isomorphism as a natural way to prune the state
space via symmetry reductions. We compare the results with those obtained by
the standard model checker Spin on the basis of a vector-based encoding of the
algorithm.Comment: In Proceedings GRAPHITE 2014, arXiv:1407.767
Platform Dependent Verification: On Engineering Verification Tools for 21st Century
The paper overviews recent developments in platform-dependent explicit-state
LTL model checking.Comment: In Proceedings PDMC 2011, arXiv:1111.006
- …