Formalizing Mobile Ad Hoc and Sensor Networks Using VDM-SL

AbstractMobile ad hoc and sensor networks (MAHSNs) are expected to become the fabric of modern societies. Despite considerable advancements, these networks are yet unable to surmount many operational challenges especially in safety-critical large-scale applications. Most of the published research focused on performance analysis of nonfunctional properties and ignore correctness of the approach which is vital in large and complex systems. This paper investigates an alternative formal specification and analysis technique for MAHSNs. We model MAHSNs as dynamic graph and employ VDM-SL for formal specification and verification of LASCNN algorithm. Constraints are put on the data where required to support validation of the formal algorithm. Pre and post conditions are defined for correct operation of communication in terms of messages. VDM-SL is used because it is a formal specification language to describe detailed examination of the system. The specification is analyzed and validated using VDM-SL toolbox

Smart technologies for effective reconfiguration: the FASTER approach

Current and future computing systems increasingly require that their functionality stays flexible after the system is operational, in order to cope with changing user requirements and improvements in system features, i.e. changing protocols and data-coding standards, evolving demands for support of different user applications, and newly emerging applications in communication, computing and consumer electronics. Therefore, extending the functionality and the lifetime of products requires the addition of new functionality to track and satisfy the customers needs and market and technology trends. Many contemporary products along with the software part incorporate hardware accelerators for reasons of performance and power efficiency. While adaptivity of software is straightforward, adaptation of the hardware to changing requirements constitutes a challenging problem requiring delicate solutions. The FASTER (Facilitating Analysis and Synthesis Technologies for Effective Reconfiguration) project aims at introducing a complete methodology to allow designers to easily implement a system specification on a platform which includes a general purpose processor combined with multiple accelerators running on an FPGA, taking as input a high-level description and fully exploiting, both at design time and at run time, the capabilities of partial dynamic reconfiguration. The goal is that for selected application domains, the FASTER toolchain will be able to reduce the design and verification time of complex reconfigurable systems providing additional novel verification features that are not available in existing tool flows

Analysis of communication topologies by partner abstraction

Dynamic communication systems are hard to verify due to inherent unboundedness. Unbounded creation and destruction of objects and a dynamically evolving communication topology are characteristic features. Prominent examples include traffic control systems based on wireless communication and ad hoc networks. As dynamic communication systems have to meet safety-critical requirements, this thesis develops appropriate specification and verification techniques for them. It is shown that earlier attempts at doing so have failed. Partner graph grammars are presented as an adequate specification formalism for dynamic communication systems. They form a novel variant of the single pushout approach to algebraic graph transformation equipped with a special kind of negative application conditions: Partner constraints that allow to reason about communication partners are specifically tailored to dynamic communication systems. A novel verification technique based on abstract interpretation of partner graph grammars is proposed. It is based on a two-layered abstraction that keeps precise information about objects and the kinds of their communication partners. The analysis is formally proven sound. Some statically checkable cases are defined for which the analysis results are even complete. The analysis has been implemented in the hiralysis tool. A complex case study - car platooning originally developed in the California PATH project - is modeled using partner graph grammars. An experimental evaluation using the tool discovered many flaws in the PATH specification of car platooning that had not been discovered earlier due to insufficient specification and verification methods. Many interesting properties can be automatically proven for a corrected implementation of car platooning using hiralysis.Aufgrund ihres unbeschränkten Verhaltens sind dynamisch kommunizierende Systeme schwierig zu verifizieren. Sie zeichnen sich durch unbegrenztes Erzeugen und Zerstören von Objekten sowie eine sich ständig ändernde Kommunikationstopologie aus. Funkbasierte Verkehrskontrollsysteme und drahtlose Ad-hoc Netzwerke sind bekannte Beispiele dynamisch kommunizierender Systeme. Da diese außerdem sicherheitskritischen Anforderungen genügen müssen, werden in dieser Arbeit Spezifikations- und Verifikationsmethoden für dynamisch kommunizierende Systeme entwickelt. Es wird gezeigt, dass frühere Versuche in dieser Richtung fehlgeschlagen sind. Partner-Graphgrammatiken stellen einen geeigneten Formalismus zur Beschreibung solcher Systeme dar. Sie bilden eine neue Form des "single pushout" Ansatzes für algebraische Graphtransformationen erweitert um besondere negative Anwendungsbedingungen. "Partner constraints", die speziell für die Spezifikation dynamisch kommunizierender Systeme entwickelt wurden, erlauben, Nebenbedingungen an Objekte und ihre Kommunikationspartner zu formulieren. Es wird eine neuartige Verifikationstechnik vorgeschlagen, die auf der abstrakten Interpretation von Partner-Graphgrammatiken beruht. Diese fußt auf einer Abstraktion, die präzise Informationen über Objekte und ihre Kommunikationspartner erhält. Die Analyse wird korrekt bewiesen, und es werden statisch erkennbare Fälle aufgezeigt, in denen die Analyse sogar vollständige Resultate liefert. Die Analyse wurde in dem hiralysis Werkzeug implementiert. Eine komplexe Fallstudie - "car platooning", welche ursprünglich im Rahmen des California PATH Projektes entwickelt wurde - wird durch Partner-Graphgrammatiken modelliert. Eine experimentelle Auswertung mithilfe desWerkzeugs deckte zahlreiche Fehler in der ursprünglichen Modellierung auf, welche ihre Ursache in unzureichenden Spezifikations- und Verifikationsmethoden haben. Viele interessante Eigenschaften eines verbesserten Modells konnten mittels hiralysis automatisch bewiesen werden

Applying Formal Methods to Networking: Theory, Techniques and Applications

Despite its great importance, modern network infrastructure is remarkable for the lack of rigor in its engineering. The Internet which began as a research experiment was never designed to handle the users and applications it hosts today. The lack of formalization of the Internet architecture meant limited abstractions and modularity, especially for the control and management planes, thus requiring for every new need a new protocol built from scratch. This led to an unwieldy ossified Internet architecture resistant to any attempts at formal verification, and an Internet culture where expediency and pragmatism are favored over formal correctness. Fortunately, recent work in the space of clean slate Internet design---especially, the software defined networking (SDN) paradigm---offers the Internet community another chance to develop the right kind of architecture and abstractions. This has also led to a great resurgence in interest of applying formal methods to specification, verification, and synthesis of networking protocols and applications. In this paper, we present a self-contained tutorial of the formidable amount of work that has been done in formal methods, and present a survey of its applications to networking.Comment: 30 pages, submitted to IEEE Communications Surveys and Tutorial

LCM and MCM: specification of a control system using dynamic logic and process algebra

LCM 3.0 is a specification language based on dynamic logic and process algebra, and can be used to specify systems of dynamic objects that communicate synchronously. LCM 3.0 was developed for the specification of object-oriented information systems, but contains sufficient facilities for the specification of control to apply it to the specification of control-intensive systems as well. In this paper, the results of such an application are reported. The paper concludes with a discussion of the need for theorem-proving support and of the extensions that would be needed to be able to specify real-time properties

Proceedings of International Workshop "Global Computing: Programming Environments, Languages, Security and Analysis of Systems"

According to the IST/ FET proactive initiative on GLOBAL COMPUTING, the goal is to obtain techniques (models, frameworks, methods, algorithms) for constructing systems that are flexible, dependable, secure, robust and efficient. The dominant concerns are not those of representing and manipulating data efficiently but rather those of handling the co-ordination and interaction, security, reliability, robustness, failure modes, and control of risk of the entities in the system and the overall design, description and performance of the system itself. Completely different paradigms of computer science may have to be developed to tackle these issues effectively. The research should concentrate on systems having the following characteristics: • The systems are composed of autonomous computational entities where activity is not centrally controlled, either because global control is impossible or impractical, or because the entities are created or controlled by different owners. • The computational entities are mobile, due to the movement of the physical platforms or by movement of the entity from one platform to another. • The configuration varies over time. For instance, the system is open to the introduction of new computational entities and likewise their deletion. The behaviour of the entities may vary over time. • The systems operate with incomplete information about the environment. For instance, information becomes rapidly out of date and mobility requires information about the environment to be discovered. The ultimate goal of the research action is to provide a solid scientific foundation for the design of such systems, and to lay the groundwork for achieving effective principles for building and analysing such systems. This workshop covers the aspects related to languages and programming environments as well as analysis of systems and resources involving 9 projects (AGILE , DART, DEGAS , MIKADO, MRG, MYTHS, PEPITO, PROFUNDIS, SECURE) out of the 13 founded under the initiative. After an year from the start of the projects, the goal of the workshop is to fix the state of the art on the topics covered by the two clusters related to programming environments and analysis of systems as well as to devise strategies and new ideas to profitably continue the research effort towards the overall objective of the initiative. We acknowledge the Dipartimento di Informatica and Tlc of the University of Trento, the Comune di Rovereto, the project DEGAS for partially funding the event and the Events and Meetings Office of the University of Trento for the valuable collaboration