379 research outputs found
Verificare: a platform for composable verification with application to SDN-Enabled systems
Software-Defined Networking (SDN) has become increasing prevalent
in both the academic and industrial communities. A new class of system built on
SDNs, which we refer to as SDN-Enabled, provide programmatic interfaces between
the SDN controller and the larger distributed system. Existing tools for SDN
verification and analysis are insufficiently expressive to capture
this composition of a network and a larger distributed system. Generic
verification systems are an infeasible solution, due to their monolithic
approach to modeling and rapid state-space explosion.
In this thesis we present a new compositional approach to system modeling and
verification that is particularly appropriate for SDN-Enabled systems.
Compositional models may have sub-components (such as switches and
end-hosts) modified, added, or removed with only minimal, isolated changes.
Furthermore, invariants may be defined over the composed system that restrict
its behavior, allowing assumptions to be added or removed and for components to
be abstracted away into the service guarantee that they provide (such as
guaranteed packet arrival). Finally, compositional modeling can minimize the
size of the state space to be verified by taking advantage of known model
structure.
We also present the Verificare platform, a tool chain for building
compositional models in our modeling language and automatically compiling them
to multiple off-the-shelf verification tools. The compiler outputs a minimal,
calculus-oblivious formalism, which is accessed by plugins via a translation
API. This enables a wide variety of requirements to be
verified. As new tools become available, the translator can easily be extended
with plugins to support them
Recommended from our members
Secure state estimation against sensor attacks in the presence of noise
We consider the problem of estimating the state of a noisy linear dynamical system when an unknown subset of sensors is arbitrarily corrupted by an adversary. We propose a secure state estimation algorithm, and derive (optimal) bounds on the achievable state estimation error given an upper bound on the number of attacked sensors. The proposed state estimator involves Kalman filters operating over subsets of sensors to search for a sensor subset which is reliable for state estimation. To further improve the subset search time, we propose Satisfiability Modulo Theory-based techniques to exploit the combinatorial nature of searching over sensor subsets. Finally, as a result of independent interest, we give a coding theoretic view of attack detection and state estimation against sensor attacks in a noiseless dynamical system
Structural Refinement for the Modal nu-Calculus
We introduce a new notion of structural refinement, a sound abstraction of
logical implication, for the modal nu-calculus. Using new translations between
the modal nu-calculus and disjunctive modal transition systems, we show that
these two specification formalisms are structurally equivalent.
Using our translations, we also transfer the structural operations of
composition and quotient from disjunctive modal transition systems to the modal
nu-calculus. This shows that the modal nu-calculus supports composition and
decomposition of specifications.Comment: Accepted at ICTAC 201
Satisfiability Checking of Multi-Variable TPTL with Unilateral Intervals Is PSPACE-Complete
We investigate the decidability of the fragment of Timed
Propositional Temporal Logic (TPTL). We show that the satisfiability checking
of TPTL is PSPACE-complete. Moreover, even its 1-variable fragment
(1-TPTL) is strictly more expressive than Metric Interval Temporal
Logic (MITL) for which satisfiability checking is EXPSPACE complete. Hence, we
have a strictly more expressive logic with computationally easier
satisfiability checking. To the best of our knowledge, TPTL is the
first multi-variable fragment of TPTL for which satisfiability checking is
decidable without imposing any bounds/restrictions on the timed words (e.g.
bounded variability, bounded time, etc.). The membership in PSPACE is obtained
by a reduction to the emptiness checking problem for a new "non-punctual"
subclass of Alternating Timed Automata with multiple clocks called Unilateral
Very Weak Alternating Timed Automata (VWATA) which we prove to be
in PSPACE. We show this by constructing a simulation equivalent
non-deterministic timed automata whose number of clocks is polynomial in the
size of the given VWATA.Comment: Accepted in Concur 202
On bounded model checking of asynchronous systems
This dissertation studies the verification of reachability properties of concurrent systems where the components of the system are Labeled Transition Systems (LTSs) using a symbolic model checking technique called Bounded Model Checking (BMC). BMC is a technique that seeks to answer the question whether among the system’s executions shorter than some given number of steps there is one (or more) violating a given property. Answering this question is reduced to propositional satisfiability, i.e., to a propositional formula that is satisfiable iff there is such a violating execution. The translation from a system to a formula is polynomial in the size of the system but the running time of the propositional solver can be exponential in the number of atomic propositions in the formula. This number, on the other hand, correlates directly with the number of execution steps that the formula models. Traditionally, LTSs are model checked by composing the component
- …