36 research outputs found
Proving Correctness and Completeness of Normal Programs - a Declarative Approach
We advocate a declarative approach to proving properties of logic programs.
Total correctness can be separated into correctness, completeness and clean
termination; the latter includes non-floundering. Only clean termination
depends on the operational semantics, in particular on the selection rule. We
show how to deal with correctness and completeness in a declarative way,
treating programs only from the logical point of view. Specifications used in
this approach are interpretations (or theories). We point out that
specifications for correctness may differ from those for completeness, as
usually there are answers which are neither considered erroneous nor required
to be computed.
We present proof methods for correctness and completeness for definite
programs and generalize them to normal programs. For normal programs we use the
3-valued completion semantics; this is a standard semantics corresponding to
negation as finite failure. The proof methods employ solely the classical
2-valued logic. We use a 2-valued characterization of the 3-valued completion
semantics which may be of separate interest. The presented methods are compared
with an approach based on operational semantics. We also employ the ideas of
this work to generalize a known method of proving termination of normal
programs.Comment: To appear in Theory and Practice of Logic Programming (TPLP). 44
page
Formal verification of cryptographic software implementations
Tese de doutoramento em InformáticaSecurity is notoriously difficult to sell as a feature in software products. In addition to
meeting a set of security requirements, cryptographic software has to be cheap, fast,
and use little resources. The development of cryptographic software is an area with
specific needs in terms of software development processes and tools. In this thesis we
explore how formal techniques, namely deductive verification techniques, can be used
to increase the guarantees that cryptographic software implementations indeed work as
prescribed. This thesis is organized in two parts.
The first part is focused on the identification of relevant security policies that may
be at play in cryptographic systems, as well as the language-based mechanisms that can
be used to enforce such policies in those systems. We propose methodologies based on
deductive verification to formalise and verify relevant security policies in cryptographic
software. We also show the applicability of those methodologies by presenting some
case studies using a deductive verification tool integrated in the Frama-c framework.
In the second part we propose a deductive verification tool (CAOVerif) for a domainspecific
language for cryptographic implementations (CAO). Our aim is to apply the
methodologies proposed in the first part of this thesis work to verify the cryptographic
implementations written in CAO. The design of CAOVerif follows the same approach
used in other scenarios for general-propose languages and it is build on top of a plug-in
from the Frama-c framework. At the very end, we conclude the work of this thesis by
reasoning about the soundness of our verification tool.O software criptográfico possui requisitos específicos para garantir a segurança da
informação que manipula. Além disso, este tipo de software necessita de ser barato,
rápido e utilizar um número reduzido de recursos. Garantir a segurança da informação
que é manipulada por tais sistemas é um grande desafio, sendo por isso de grande objecto
de estudo actualmente. Nesta tese exploramos como as técnicas formais, nomeadamente
as técnicas de verificação dedutiva, podem ser utilizadas por forma a garantir que as
implementações de software criptográfico funcionam, de facto, como prescrito. O
trabalho desta tese está organizado em duas partes.
A primeira parte foca-se essencialmente na identificação de políticas de segurança
relevantes nos sistemas criptográficos, bem como nos mecanismos baseados em linguagens
que podem ser aplicados para garantir tais políticas. Neste contexto, propomos
metodologias baseadas em verificação dedutiva para formalizar e verificar políticas
de segurança. Mostramos também como essas metodologias podem ser aplicadas na
verificação de casos de estudo reais, utilizando a ferramenta de verificação dedutiva
integrada na ferramenta Frama-c.
Na segunda parte, propomos uma ferramenta de verificação dedutiva (CAOVerif)
para uma linguagem de domínio específico para implementações criptográficas (CAO).
O desenvolvimento de tal ferramenta tem como objectivo aplicar as metodologias desenvolvidas
na primeira parte deste trabalho às implementações criptográficas definidas em
CAO. O desenho desta ferramenta segue a mesma aproximação de outras ferramentas
de verificação dedutiva já existentes para outras linguagens. Concluímos o trabalho
desenvolvido dando um prova formal da correcção da ferramenta
IEEE/NASA Workshop on Leveraging Applications of Formal Methods, Verification, and Validation
This volume contains the Preliminary Proceedings of the 2005 IEEE ISoLA Workshop on Leveraging Applications of Formal Methods, Verification, and Validation, with a special track on the theme of Formal Methods in Human and Robotic Space Exploration. The workshop was held on 23-24 September 2005 at the Loyola College Graduate Center, Columbia, MD, USA. The idea behind the Workshop arose from the experience and feedback of ISoLA 2004, the 1st International Symposium on Leveraging Applications of Formal Methods held in Paphos (Cyprus) last October-November. ISoLA 2004 served the need of providing a forum for developers, users, and researchers to discuss issues related to the adoption and use of rigorous tools and methods for the specification, analysis, verification, certification, construction, test, and maintenance of systems from the point of view of their different application domains
Embedded System Design
A unique feature of this open access textbook is to provide a comprehensive introduction to the fundamental knowledge in embedded systems, with applications in cyber-physical systems and the Internet of things. It starts with an introduction to the field and a survey of specification models and languages for embedded and cyber-physical systems. It provides a brief overview of hardware devices used for such systems and presents the essentials of system software for embedded systems, including real-time operating systems. The author also discusses evaluation and validation techniques for embedded systems and provides an overview of techniques for mapping applications to execution platforms, including multi-core platforms. Embedded systems have to operate under tight constraints and, hence, the book also contains a selected set of optimization techniques, including software optimization techniques. The book closes with a brief survey on testing. This fourth edition has been updated and revised to reflect new trends and technologies, such as the importance of cyber-physical systems (CPS) and the Internet of things (IoT), the evolution of single-core processors to multi-core processors, and the increased importance of energy efficiency and thermal issues
Embedded System Design
A unique feature of this open access textbook is to provide a comprehensive introduction to the fundamental knowledge in embedded systems, with applications in cyber-physical systems and the Internet of things. It starts with an introduction to the field and a survey of specification models and languages for embedded and cyber-physical systems. It provides a brief overview of hardware devices used for such systems and presents the essentials of system software for embedded systems, including real-time operating systems. The author also discusses evaluation and validation techniques for embedded systems and provides an overview of techniques for mapping applications to execution platforms, including multi-core platforms. Embedded systems have to operate under tight constraints and, hence, the book also contains a selected set of optimization techniques, including software optimization techniques. The book closes with a brief survey on testing. This fourth edition has been updated and revised to reflect new trends and technologies, such as the importance of cyber-physical systems (CPS) and the Internet of things (IoT), the evolution of single-core processors to multi-core processors, and the increased importance of energy efficiency and thermal issues
Nouvelles approches pour la conception d'outils CAO pour le domaine des systèmes embarqués
Thèse numérisée par la Division de la gestion de documents et des archives de l'Université de Montréal
Abstraction in Model Checking Multi-Agent Systems
This thesis presents existential abstraction techniques for multi-agent systems preserving temporal-epistemic
specifications. Multi-agent systems, defined in the interpreted system frameworks,
are abstracted by collapsing the local states and actions of each agent. The goal of abstraction
is to reduce the state space of the system under investigation in order to cope with the state
explosion problem that impedes the verification of very large state space systems. Theoretical
results show that the resulting abstract system simulates the concrete one. Preservation
and correctness theorems are proved in this thesis. These theorems assure that if a temporal-epistemic
formula holds on the abstract system, then the formula also holds on the concrete
one. These results permit to verify temporal-epistemic formulas in abstract systems instead of
the concrete ones, therefore saving time and space in the verification process.
In order to test the applicability, usefulness, suitability, power and effectiveness of the abstraction
method presented, two different implementations are presented: a tool for data-abstraction
and one for variable-abstraction. The first technique achieves a state space reduction by collapsing
the values of the domains of the system variables. The second technique performs a
reduction on the size of the model by collapsing groups of two or more variables. Therefore, the
abstract system has a reduced number of variables. Each new variable in the abstract system
takes values belonging to a new domain built automatically by the tool. Both implementations
perform abstraction in a fully automatic way. They operate on multi agents models specified
in a formal language, called ISPL (Interpreted System Programming Language). This is the
input language for MCMAS, a model checker for multi-agent systems. The output is an ISPL
file as well (with a reduced state space).
This thesis also presents several suitable temporal-epistemic examples to evaluate both techniques.
The experiments show good results and point to the attractiveness of the temporal-epistemic
abstraction techniques developed in this thesis. In particular, the contributions of
the thesis are the following ones:
• We produced correctness and preservation theoretical results for existential abstraction.
• We introduced two algorithms to perform data-abstraction and variable-abstraction on
multi-agent systems.
• We developed two software toolkits for automatic abstraction on multi-agent scenarios:
one tool performing data-abstraction and the second performing variable-abstraction.
• We evaluated the methodologies introduced in this thesis by running experiments on
several multi-agent system examples