577 research outputs found
Applying Formal Methods to Networking: Theory, Techniques and Applications
Despite its great importance, modern network infrastructure is remarkable for
the lack of rigor in its engineering. The Internet which began as a research
experiment was never designed to handle the users and applications it hosts
today. The lack of formalization of the Internet architecture meant limited
abstractions and modularity, especially for the control and management planes,
thus requiring for every new need a new protocol built from scratch. This led
to an unwieldy ossified Internet architecture resistant to any attempts at
formal verification, and an Internet culture where expediency and pragmatism
are favored over formal correctness. Fortunately, recent work in the space of
clean slate Internet design---especially, the software defined networking (SDN)
paradigm---offers the Internet community another chance to develop the right
kind of architecture and abstractions. This has also led to a great resurgence
in interest of applying formal methods to specification, verification, and
synthesis of networking protocols and applications. In this paper, we present a
self-contained tutorial of the formidable amount of work that has been done in
formal methods, and present a survey of its applications to networking.Comment: 30 pages, submitted to IEEE Communications Surveys and Tutorial
Constraint-Based Abstraction of a Model Checker for Infinite State Systems
Abstract. Abstract interpretation-based model checking provides an approach to verifying properties of infinite-state systems. In practice, most previous work on abstract model checking is either restricted to verifying universal properties, or develops special techniques for temporal logics such as modal transition sys-tems or other dual transition systems. By contrast we apply completely standard techniques for constructing abstract interpretations to the abstraction of a CTL semantic function, without restricting the kind of properties that can be verified. Furthermore we show that this leads directly to implementation of abstract model checking algorithms for abstract domains based on constraints, making use of an SMT solver.
Verifying Mutable Systems
Model checking has had much success in the verification of single-process and multi-process programs. However, model checkers assume an immutable topology which limits the verification in several areas. Consider the security domain, model checkers have had success in the verification of unicast structurally static protocols, but struggle to verify dynamic multicast cryptographic protocols. We give a formulation of dynamic model checking which extends traditional model checking by allowing structural changes, mutations, to the topology of multi-process network models. We introduce new mutation models when the structural mutations take either a primitive, non-primitive, or a non-deterministic form, and analyze the general complexities of each. This extends traditional model checking and allows analysis in new areas. We provide a set of proof rules to verify safety properties on dynamic models and outline its automizability. We relate dynamic models to compositional reasoning, dynamic cutoffs, parametrized analysis, and previously established parametric assertions.We provide a proof of concept by analyzing a dynamic mutual exclusion protocol and a multicast cryptography protocol
Machine-Checkable Timed CSP
The correctness of safety-critical embedded software is crucial, whereas non-functional properties like deadlock-freedom and real-time constraints are particularly important. The real-time calculus Timed Communicating Sequential Processes (CSP) is capable of expressing such properties and can therefore be used to verify embedded software. In this paper, we present our formalization of Timed CSP in the Isabelle/HOL theorem prover, which we have formulated as an operational coalgebraic semantics together with bisimulation equivalences and coalgebraic invariants. Furthermore, we apply these techniques in an abstract specification with real-time constraints, which is the basis for current work in which we verify the components of a simple real-time operating system deployed on a satellite
Predicate Diagrams as Basis for the Verification of Reactive Systems
This thesis proposes a diagram-based formalism for verifying temporal properties of reactive systems. Diagrams integrate deductive and algorithmic verification techniques for the verification of finite and infinite-state systems, thus combining the expressive power and flexibility of deduction with the automation provided by algorithmic methods.
Our formal framework for the specification and verification of reactive systems includes the Generalized Temporal Logic of Actions (TLA*) from Merz for both mathematical modeling reactive systems and specifying temporal properties to be verified. As verification method we adopt a class of diagrams, the so-called predicate diagrams from Cansell et al.
We show that the concept of predicate diagrams can be used to verify not only discrete systems, but also some more complex classes of reactive systems such as real-time systems and parameterized systems. We define two variants of predicate diagrams, namely timed predicate diagrams and parameterized predicate diagrams, which can be used to verify real-time and parameterized systems.
We prove the completeness of predicate diagrams and study an approach for the generation of predicate diagrams. We develop prototype tools that can be used for supporting the generation of diagrams semi-automatically.In dieser Arbeit schlagen wir einen diagramm-basierten Formalismus
für die Verifikation reaktiver Systeme vor. Diagramme integrieren die deduktiven und algorithmischen Techniken zur Verifikation endlicher und unendlicher Systeme, dadurch kombinieren sie die Ausdrucksstärke und
die Flexibilität von Deduktion mit der von algoritmischen Methoden
unterstützten Automatisierung.
Unser Ansatz für Spezifikation und Verifikation reaktiver
Systeme schließt die Generalized Temporal Logic of
Actions (TLA*) von Merz ein, die für die mathematische
Modellierung sowohl reaktiver Systeme als auch ihrer Eigenschaften
benutzt wird. Als Methode zur Verifikation wenden wir
Prädikaten-diagramme von Cansell et al. an.
Wir zeigen, daß das Konzept von Prädikatendiagrammen
verwendet werden kann, um nicht nur diskrete Systeme zu
verifizieren, sondern auch kompliziertere Klassen von reaktiven
Systemen wie Realzeitsysteme und parametrisierte Systeme. Wir
definieren zwei Varianten von Prädikatendiagrammen, nämlich
gezeitete Prädikatendiagramme und parametrisierte
Prädikatendiagramme, die benutzt werden können, um die
Realzeit- und parametrisierten Systeme zu verifizieren.
Die Vollständigkeit der Prädikatendiagramme wird nachgewiesen
und ein Ansatz für die Generierung von Prädikatendiagrammen
wird studiert. Wir entwickeln prototypische Werkzeuge, die die
semi-automatische Generierung von Diagrammen unterstützen
- …