Applying Formal Methods to Networking: Theory, Techniques and Applications

Despite its great importance, modern network infrastructure is remarkable for the lack of rigor in its engineering. The Internet which began as a research experiment was never designed to handle the users and applications it hosts today. The lack of formalization of the Internet architecture meant limited abstractions and modularity, especially for the control and management planes, thus requiring for every new need a new protocol built from scratch. This led to an unwieldy ossified Internet architecture resistant to any attempts at formal verification, and an Internet culture where expediency and pragmatism are favored over formal correctness. Fortunately, recent work in the space of clean slate Internet design---especially, the software defined networking (SDN) paradigm---offers the Internet community another chance to develop the right kind of architecture and abstractions. This has also led to a great resurgence in interest of applying formal methods to specification, verification, and synthesis of networking protocols and applications. In this paper, we present a self-contained tutorial of the formidable amount of work that has been done in formal methods, and present a survey of its applications to networking.Comment: 30 pages, submitted to IEEE Communications Surveys and Tutorial

Quantum Bounded Query Complexity

We combine the classical notions and techniques for bounded query classes with those developed in quantum computing. We give strong evidence that quantum queries to an oracle in the class NP does indeed reduce the query complexity of decision problems. Under traditional complexity assumptions, we obtain an exponential speedup between the quantum and the classical query complexity of function classes. For decision problems and function classes we obtain the following results: o P_||^NP[2k] is included in EQP_||^NP[k] o P_||^NP[2^(k+1)-2] is included in EQP^NP[k] o FP_||^NP[2^(k+1)-2] is included in FEQP^NP[2k] o FP_||^NP is included in FEQP^NP[O(log n)] For sets A that are many-one complete for PSPACE or EXP we show that FP^A is included in FEQP^A[1]. Sets A that are many-one complete for PP have the property that FP_||^A is included in FEQP^A[1]. In general we prove that for any set A there is a set X such that FP^A is included in FEQP^X[1], establishing that no set is superterse in the quantum setting.Comment: 11 pages LaTeX2e, no figures, accepted for CoCo'9

Recursive Program Optimization Through Inductive Synthesis Proof Transformation

The research described in this paper involved developing transformation techniques which increase the efficiency of the noriginal program, the source, by transforming its synthesis proof into one, the target, which yields a computationally more efficient algorithm. We describe a working proof transformation system which, by exploiting the duality between mathematical induction and recursion, employs the novel strategy of optimizing recursive programs by transforming inductive proofs. We compare and contrast this approach with the more traditional approaches to program transformation, and highlight the benefits of proof transformation with regards to search, correctness, automatability and generality

ON THE APPLICATIONS OF INTERACTIVE THEOREM PROVING IN COMPUTATIONAL SCIENCES AND ENGINEERING

Interactive Theorem Proving (ITP) is one of the most rigorous methods used in formal verification of computing systems. While ITP provides a high level of confidence in the correctness of the system under verification, it suffers from a steep learning curve and the laborious nature of interaction with a theorem prover. As such, it is desirable to investigate whether ITP can be used in unexplored (but high-impact) domains where other verification methods fail to deliver. To this end, the focus of this dissertation is on two important domains, namely design of parameterized self-stabilizing systems, and mechanical verification of numerical approximations for Riemann integration. Self-stabilization is an important property of distributed systems that enables recovery from any system configuration/state. There are important applications for self-stabilization in network protocols, game theory, socioeconomic systems, multi-agent systems and robust data structures. Most existing techniques for the design of self-stabilization rely on a ‘manual design and after-the-fact verification’ method. In a paradigm shift, we present a novel hybrid method of ‘synthesize in small scale and generalize’ where we combine the power of a finite-state synthesizer with theorem proving. We have used our method for the design of network protocols that are self-stabilizing irrespective of the number of network nodes (i.e., parameterized protocols). The second domain of application of ITP that we are investigating concentrates on formal verification of the numerical propositions of Riemann integral in formal proofs. This is a high-impact problem as Riemann Integral is considered one of the most indispensable tools of modern calculus. That has significant applications in the development of mission-critical systems in many Engineering fields that require rigorous computations such as aeronautics, space mechanics, and electrodynamics. Our contribution to this problem is three fold: first, we formally specify and verify the fundamental Riemann Integral inclusion theorem in interval arithmetic; second, we propose a general method to verify numerical propositions on Riemann Integral for a large class of integrable functions; third, we develop a set of practical automatic proof strategies based on formally verified theorems. The contributions of Part II have become part of the ultra-reliable NASA PVS standard library