{JML}-based Verification of Liveness Properties on a Class in isolation

International audienceThis paper proposes a way to verify temporal properties of a Java class in an extension of JML (Java Modeling Language) called JTPL (Java Temporal Pattern Language). We particularly address the verification of liveness properties by automatically translating the temporal properties into JML annotations for this class. This automatic translation is implemented in a tool called JAG (JML Annotation Generator). Correctness of the generated annotations ensures that the temporal property is established for the executions of the class in isolation

A B model for ensuring soundness of a large subset of the Java Card virtual machine

AbstractJava Cards are a new generation of smart cards that use the Java programming language. As smart cards are usually used to supply security to an information system, security requirements are very strong. The byte code interpreter and verifier are crucial components of such cards, and proving their safety can become a competitive advantage. Previous works have been done on methodology for proving the soundness of the byte code interpreter and verifier using the B method. It refines an abstract defensive interpreter into a byte code verifier and a byte code interpreter. However, this work had only been tested on a very small subset of the Java Card instruction set. This paper presents a work aiming at verifying the scalability of this previous work. The original instruction subset of about 10 instructions has been extended to a larger subset of more than one hundred instructions, and the additional cost of the proof has been managed by modifying the specification in order to group opcodes by properties

Formalizing non-interference for a simple bytecode language in Coq

In this paper, we describe the application of the interactive theorem prover Coq to the security analysis of bytecode as used in Java. We provide a generic specification and proof of non-interference for bytecode languages using the Coq module system. We illustrate the use of this formalization by applying it to a small subset of Java bytecode. The emphasis of the paper is on modularity of a language formalization and its analysis in a machine proof

Verification of class liveness properties with Java modeling language

International audienceStatic checking is key for the security of software components. As a component model, this paper considers a Java class enriched with annotations from the Java Modeling Language (JML). It defines a formal execution semantics for repetitive method invocations from this annotated class, called the class in isolation semantics. Afterwards, a pattern of liveness properties is defined, together with its formal semantics, providing a foundation for both static and runtime checking. This pattern is then inscribed in a complete language of temporal properties, called JTPL (Java Temporal Pattern Language), extending JML. We particularly address the verification of liveness properties by auto- matically translating the temporal properties into JML annotations for this class. This automatic translation is implemented in a tool called JAG (JML Annotation Generator). Correctness of the generated annotations ensures that the temporal property is established for the executions of the class in isolation

Formal Methods for the Verification of Safety Critical Applications using SPIN Model Checker

Security over the years has been a major concern for the organizations and companies.With the emergence of smart cards, industry has become more interested in methodologies which are used to establish the correctness and security of the applications developed with the acceptance of the use of smart cards in such domains.This paper provides a general introduction to the state-of-the-art of formal methods for the development of safety-critical systems. The idea is to combine two program verification approaches: the functional verification at the source code level and the verification of high level properties on a formal model built from the program and its specification. One of the important security systems in building security is door access control. The door access control is a physical security that assures the security of a building by limiting access to the building to specific people and by keeping records of such entries.In thispaper we employ a model checking method to verify the functional aspects of the smartcard operated door lock system which authenticates each person entering the building.PROMELA model for the proposed system Is presented. DOI: 10.17762/ijritcc2321-8169.150710

Formal analysis of security models for mobile devices, virtualization platforms and domain name systems

En esta tesis investigamos la seguridad de aplicaciones de seguridad criticas, es decir aplicaciones en las cuales una falla podria producir consecuencias inaceptables. Consideramos tres areas: dispositivos moviles, plataformas de virtualizacion y sistemas de nombres de dominio. La plataforma Java Micro Edition define el Perfil para Dispositivos de Informacion Moviles (MIDP) para facilitar el desarrollo de aplicaciones para dispositivos moviles, como telefonos celulares y asistentes digitales personales. En este trabajo primero estudiamos y comparamos formalmente diversas variantes del modelo de seguridad especificado por MIDP para acceder a recursos sensibles de un dispositivo movil. Los hipervisores permiten que multiples sistemas operativos se ejecuten en un hardware compartido y ofrecen un medio para establecer mejoras de seguridad y flexibilidad de sistemas de software. En esta tesis formalizamos un modelo de hipervisor y establecemos (formalmente) que el hipervisor asegura propiedades de aislamiento entre los diferentes sistemas operativos de la plataforma, y que las solicitudes de estos sistemas son atendidas siempre. Demostramos tambien que las plataformas virtualizadas son transparentes, es decir, que un sistema operativo no puede distinguir si ejecuta solo en la plataforma o si lo hace junto con otros sistemas operativos. Las Extensiones de Seguridad para el Sistema de Nombres de Dominio (DNSSEC) constituyen un conjunto de especificaciones que proporcionan servicios de aseguramiento de autenticacion e integridad de origen de datos DNS. Finalmente, presentamos una especificaci´on minimalista de un modelo de DNSSEC que proporciona los fundamentos necesarios para formalmente establecer y verificar propiedades de seguridad relacionadas con la cadena de confianza del arbol de DNSSEC. Desarrollamos todas nuestras formalizaciones en el C´alculo de Construccion