4,703 research outputs found
An Alloy Verification Model for Consensus-Based Auction Protocols
Max Consensus-based Auction (MCA) protocols are an elegant approach to
establish conflict-free distributed allocations in a wide range of network
utility maximization problems. A set of agents independently bid on a set of
items, and exchange their bids with their first hop-neighbors for a distributed
(max-consensus) winner determination. The use of MCA protocols was proposed,
, to solve the task allocation problem for a fleet of unmanned aerial
vehicles, in smart grids, or in distributed virtual network management
applications. Misconfigured or malicious agents participating in a MCA, or an
incorrect instantiation of policies can lead to oscillations of the protocol,
causing, , Service Level Agreement (SLA) violations.
In this paper, we propose a formal, machine-readable, Max-Consensus Auction
model, encoded in the Alloy lightweight modeling language. The model consists
of a network of agents applying the MCA mechanisms, instantiated with
potentially different policies, and a set of predicates to analyze its
convergence properties. We were able to verify that MCA is not resilient
against rebidding attacks, and that the protocol fails (to achieve a
conflict-free resource allocation) for some specific combinations of policies.
Our model can be used to verify, with a "push-button" analysis, the convergence
of the MCA mechanism to a conflict-free allocation of a wide range of policy
instantiations
A Concurrent Perspective on Smart Contracts
In this paper, we explore remarkable similarities between multi-transactional
behaviors of smart contracts in cryptocurrencies such as Ethereum and classical
problems of shared-memory concurrency. We examine two real-world examples from
the Ethereum blockchain and analyzing how they are vulnerable to bugs that are
closely reminiscent to those that often occur in traditional concurrent
programs. We then elaborate on the relation between observable contract
behaviors and well-studied concurrency topics, such as atomicity, interference,
synchronization, and resource ownership. The described
contracts-as-concurrent-objects analogy provides deeper understanding of
potential threats for smart contracts, indicate better engineering practices,
and enable applications of existing state-of-the-art formal verification
techniques.Comment: 15 page
Symbolic Abstractions for Quantum Protocol Verification
Quantum protocols such as the BB84 Quantum Key Distribution protocol exchange
qubits to achieve information-theoretic security guarantees. Many variants
thereof were proposed, some of them being already deployed. Existing security
proofs in that field are mostly tedious, error-prone pen-and-paper proofs of
the core protocol only that rarely account for other crucial components such as
authentication. This calls for formal and automated verification techniques
that exhaustively explore all possible intruder behaviors and that scale well.
The symbolic approach offers rigorous, mathematical frameworks and automated
tools to analyze security protocols. Based on well-designed abstractions, it
has allowed for large-scale formal analyses of real-life protocols such as TLS
1.3 and mobile telephony protocols. Hence a natural question is: Can we use
this successful line of work to analyze quantum protocols? This paper proposes
a first positive answer and motivates further research on this unexplored path
A Graph-Based Semantics Workbench for Concurrent Asynchronous Programs
A number of novel programming languages and libraries have been proposed that
offer simpler-to-use models of concurrency than threads. It is challenging,
however, to devise execution models that successfully realise their
abstractions without forfeiting performance or introducing unintended
behaviours. This is exemplified by SCOOP---a concurrent object-oriented
message-passing language---which has seen multiple semantics proposed and
implemented over its evolution. We propose a "semantics workbench" with fully
and semi-automatic tools for SCOOP, that can be used to analyse and compare
programs with respect to different execution models. We demonstrate its use in
checking the consistency of semantics by applying it to a set of representative
programs, and highlighting a deadlock-related discrepancy between the principal
execution models of the language. Our workbench is based on a modular and
parameterisable graph transformation semantics implemented in the GROOVE tool.
We discuss how graph transformations are leveraged to atomically model
intricate language abstractions, and how the visual yet algebraic nature of the
model can be used to ascertain soundness.Comment: Accepted for publication in the proceedings of FASE 2016 (to appear
Parameterized Model-Checking for Timed-Systems with Conjunctive Guards (Extended Version)
In this work we extend the Emerson and Kahlon's cutoff theorems for process
skeletons with conjunctive guards to Parameterized Networks of Timed Automata,
i.e. systems obtained by an \emph{apriori} unknown number of Timed Automata
instantiated from a finite set of Timed Automata templates.
In this way we aim at giving a tool to universally verify software systems
where an unknown number of software components (i.e. processes) interact with
continuous time temporal constraints. It is often the case, indeed, that
distributed algorithms show an heterogeneous nature, combining dynamic aspects
with real-time aspects. In the paper we will also show how to model check a
protocol that uses special variables storing identifiers of the participating
processes (i.e. PIDs) in Timed Automata with conjunctive guards. This is
non-trivial, since solutions to the parameterized verification problem often
relies on the processes to be symmetric, i.e. indistinguishable. On the other
side, many popular distributed algorithms make use of PIDs and thus cannot
directly apply those solutions
An Adaptive Design Methodology for Reduction of Product Development Risk
Embedded systems interaction with environment inherently complicates
understanding of requirements and their correct implementation. However,
product uncertainty is highest during early stages of development. Design
verification is an essential step in the development of any system, especially
for Embedded System. This paper introduces a novel adaptive design methodology,
which incorporates step-wise prototyping and verification. With each adaptive
step product-realization level is enhanced while decreasing the level of
product uncertainty, thereby reducing the overall costs. The back-bone of this
frame-work is the development of Domain Specific Operational (DOP) Model and
the associated Verification Instrumentation for Test and Evaluation, developed
based on the DOP model. Together they generate functionally valid test-sequence
for carrying out prototype evaluation. With the help of a case study 'Multimode
Detection Subsystem' the application of this method is sketched. The design
methodologies can be compared by defining and computing a generic performance
criterion like Average design-cycle Risk. For the case study, by computing
Average design-cycle Risk, it is shown that the adaptive method reduces the
product development risk for a small increase in the total design cycle time.Comment: 21 pages, 9 figure
- …