150 research outputs found
Specifying and Verifying Communications Protocols using Mixed Intuitionistic Linear Logic
In this paper we present a technique for specifying and verifying communications protocols and demonstrate this approach by specifying and verifying two of the fundamental communications protocols, namely TCP and IP, which form the basis of many distributed systems. The logical formalism used is Mixed Intuitionistic Linear Logic in order to use both commutative and non-commutative operators to model the concurrent and sequential processes in these protocols. Key properties of both protocols are proved
Computational Logic for Biomedicine and Neurosciences
We advocate here the use of computational logic for systems biology, as a
\emph{unified and safe} framework well suited for both modeling the dynamic
behaviour of biological systems, expressing properties of them, and verifying
these properties. The potential candidate logics should have a traditional
proof theoretic pedigree (including either induction, or a sequent calculus
presentation enjoying cut-elimination and focusing), and should come with
certified proof tools. Beyond providing a reliable framework, this allows the
correct encodings of our biological systems. % For systems biology in general
and biomedicine in particular, we have so far, for the modeling part, three
candidate logics: all based on linear logic. The studied properties and their
proofs are formalized in a very expressive (non linear) inductive logic: the
Calculus of Inductive Constructions (CIC). The examples we have considered so
far are relatively simple ones; however, all coming with formal semi-automatic
proofs in the Coq system, which implements CIC. In neuroscience, we are
directly using CIC and Coq, to model neurons and some simple neuronal circuits
and prove some of their dynamic properties. % In biomedicine, the study of
multi omic pathway interactions, together with clinical and electronic health
record data should help in drug discovery and disease diagnosis. Future work
includes using more automatic provers. This should enable us to specify and
study more realistic examples, and in the long term to provide a system for
disease diagnosis and therapy prognosis
Specification and Verification of Contract-Based Applications
Nowadays emerging paradigms are being adopted by several companies, where applications
are built by assembling loosely-coupled distributed components, called services.
Services may belong to possibly mutual distrusted organizations and may have conflicting
goals. New methodologies for designing and verifying these applications are
necessary for coping with new scenarios in which a service does not adhere with its
prescribed behaviour, namely its contract.
The thesis tackles this problem by proposing techniques for specifying and verifying
distributed applications. The first contribution is an automata-based model checking technique
for ensuring both service compliance and security requirements in a composition of
services. We further develop the automata-based approach by proposing a novel formal
model of contracts based on tailored finite state automata, called contract automata.
The proposed model features several notions of contract agreement described from a
language-theoretic perspective, for characterising the modalities in which the duties and
requirements of services are fulfilled. Contract automata are equipped with different
composition operators, to uniformly model both single and composite services, and techniques
for synthesising an orchestrator to enforce the properties of agreement. Algorithms
for verifying these properties are introduced, based on control theory and linear programming
techniques. The formalism assumes the existence of possible malicious components
trying to break the overall agreement, and techniques for detecting and banning eventually
liable services are described. We study the conditions for dismissing the central
orchestrator in order to generate a distributed choreography of services, analysing both
closed and open choreographed systems, with synchronous or asynchronous interactions.
We relate contract automata with different intutionistic logics for contracts, introduced
for solving mutual circular dependencies between the requirements and the obligations of
the parties, with either linear or non-linear availability of resources. Finally, a prototypical tool implementing the theory developed in the thesis is presented
Behavioral types in programming languages
A recent trend in programming language research is to use behav- ioral type theory to ensure various correctness properties of large- scale, communication-intensive systems. Behavioral types encompass concepts such as interfaces, communication protocols, contracts, and choreography. The successful application of behavioral types requires a solid understanding of several practical aspects, from their represen- tation in a concrete programming language, to their integration with other programming constructs such as methods and functions, to de- sign and monitoring methodologies that take behaviors into account. This survey provides an overview of the state of the art of these aspects, which we summarize as the pragmatics of behavioral types
Computational Logic for Biomedicine and Neuroscience
We advocate here the use of computational logic for systems biology, as a \emph{unified and safe} framework well suited for both modeling the dynamic behaviour of biological systems, expressing properties of them, and verifying these properties. The potential candidate logics should have a traditional proof theoretic pedigree (including either induction, or a sequent calculus presentation enjoying cut-elimination and focusing), and should come with certified proof tools. Beyond providing a reliable framework, this allows the correct encodings of our biological systems. % For systems biology in general and biomedicine in particular, we have so far, for the modeling part, three candidate logics: all based on linear logic. The studied properties and their proofs are formalized in a very expressive (non linear) inductive logic: the Calculus of Inductive Constructions (CIC). The examples we have considered so far are relatively simple ones; however, all coming with formal semi-automatic proofs in the Coq system, which implements CIC. In neuroscience, we are directly using CIC and Coq, to model neurons and some simple neuronal circuits and prove some of their dynamic properties. % In biomedicine, the study of multi omic pathway interactions, together with clinical and electronic health record data should help in drug discovery and disease diagnosis. Future work includes using more automatic provers. This should enable us to specify and study more realistic examples, and in the long term to provide a system for disease diagnosis and therapy prognosis.Nous pr{\^o}nons ici l'utilisation d'une logique calculatoire pour la biologie des systèmes, en tant que cadre \emph{unifié et sûr}, bien adapté à la fois à la modélisation du comportement dynamique des systèmes biologiques,à l'expression de leurs propriétés, et à la vérification de ces propriétés.Les logiques candidates potentielles doivent avoir un pedigree traditionnel en théorie de la preuve (y compris, soit l'induction, soit une présentation en calcul des séquents, avec l'élimination des coupures et des règles ``focales''), et doivent être accompagnées d'outils de preuves certifiés.En plus de fournir un cadre fiable, cela nous permet d'encoder de manière correcte nos systèmes biologiques. Pour la biologie des systèmes en général et la biomédecine en particulier, nous avons jusqu'à présent, pour la partie modélisation, trois logiques candidates : toutes basées sur la logique linéaire.Les propriétés étudiées et leurs preuves sont formalisées dans une logique inductive (non linéaire) très expressive : le Calcul des Constructions Inductives (CIC).Les exemples que nous avons étudiés jusqu'à présent sont relativement simples. Cependant, ils sont tous accompagnés de preuves formelles semi-automatiques dans le système Coq, qui implémente CIC. En neurosciences, nous utilisons directement CIC et Coq pour modéliser les neurones et certains circuits neuronaux simples et prouver certaines de leurs propriétés dynamiques.En biomédecine, l'étude des interactions entre des voies multiomiques,ainsi que les études cliniques et les données des dossiers médicaux électroniques devraient aider à la découverte de médicaments et au diagnostic des maladies.Les travaux futurs portent notamment sur l'utilisation de systèmes de preuves plus automatiques.Cela devrait nous permettre de modéliser et d'étudier des exemples plus réalistes,et à terme de fournir un système pour le diagnostic des maladies et le pronostic thérapeutique
Did you mix me? Formally Verifying Verifiable Mix Nets in Electronic Voting
Verifiable mix nets, and specifically proofs of (correct) shuffle, are a fundamental building block in numerous applications: these zero-knowledge proofs allow the prover to produce a public transcript which can be perused by the verifier to confirm the purported shuffle. They are particularly vital to verifiable electronic voting, where they underpin almost all voting schemes with non-trivial tallying methods. These complicated pieces of cryptography are a prime location for critical errors which might allow undetected modification of the outcome.
The best solution to preventing these errors is to machine-check the cryptographic properties of the design and implementation of the mix net. Particularly crucial for the integrity of the outcome is the soundness of the design and implementation of the verifier (software). Unfortunately, several different encryption schemes are used in many different slight variations which makes t infeasible to machine-check every single case individually. However, a particular optimized variant of the Terelius-Wikstrom mix net is, and has been, widely deployed in elections including national elections in Norway, Estonia and Switzerland, albeit with many slight variations and several different encryption schemes.
In this work, we develop the logical theory and formal methods tools to machine-check the design and implementation of all these variants of Terelius-Wikstrom mix nets, for all the different encryption schemes used; resulting in provably correct mix nets for all these different variations. We do this carefully to ensure that we can extract a formally verified implementation of the verifier (software) which is compatible with existing deployed implementations of the Terelius-Wikstrom mix net. This gives us provably correct implementations of the verifiers for more than half of the national elections which have used verifiable mix nets.
Our implementation of a proof of correct shuffle is the first to be machine-checked to be cryptographically correct and able to verify proof transcripts from national elections. We demonstrate the practicality of our implementation by verifying transcripts produced by the Verificatum mix net system and the CHVote evoting system from Switzerland
- …