Formal Verification of Voting Schemes

Fundamental trust and credibility in democratic systems is commonly established through the existence and execution of democratic elections. The vote-counting of an election, usually formalised by a voting scheme, essentially boils down to a mechanism that aggregates individual preferences of the voters to reach a decision. For this matter, there are various differing voting schemes in use throughout the world, commonly based on high expectations and means to ensure a sensible democratic process. However, incidents such as the ruling by the German federal constitutional court which led to a change of the German legislation in 2013 manifest that it is difficult for a voting scheme to meet these legitimate expectations. In fact, there is no general notion of correctness for a voting scheme and thus no universal mechanism as shown in Kenneth J. Arrow’s Impossibility Theorem in 1951. As a consequence, designing a real-world voting scheme without flaws, which still gives significant democratic guarantees, is a difficult task as a trade-off between desirable properties is non-trivial and error-prone. The approach in this thesis is based on the idea to tackle this issue by proposing an incremental and iterative development process for voting schemes based on automated formal reasoning methods using program verification. We analyse two different forms of verification considering their role in this development process in order to achieve formal correctness of voting schemes. We perform a comprehensive set of case studies by applying ``medium-weight\u27\u27 and ``light-weight\u27\u27 verification techniques. The ``medium- weight\u27\u27 approach uses the annotation-based deductive verification tool VCC based on an auto-active methodology and the ``light-weight\u27\u27 technique is performed with the bounded model checking tool LLBMC. Our analysis covers a set of well-known voting schemes combined with a set of prominent voting scheme criteria. In addition to giving precise formalisations for these criteria adapted to the specific voting schemes and tools used, we advance the efficiency of the ``light-weight\u27\u27 approach by exploiting fundamental symmetric properties. Furthermore, we investigate on encountered challenges posed by the auto-active verification methodology, which lies in-between automatic and interactive verification methodologies, with respect to specific characteristics in voting schemes and also explore the potential of bounded verification techniques to produce precise counterexamples in order to enhance the capability of our envisioned development process to give early feedback. This thesis gives fundamental insights in general challenges and the potential of automated formal reasoning with the goal of correct voting schemes

Strategic (Timed) Computation Tree Logic

We define extensions of CTL and TCTL with strategic operators, called Strategic CTL (SCTL) and Strategic TCTL (STCTL), respectively. For each of the above logics we give a synchronous and asynchronous semantics, i.e., STCTL is interpreted over networks of extended Timed Automata (TA) that either make synchronous moves or synchronise via joint actions. We consider several semantics regarding information: imperfect (i) and perfect (I), and recall: imperfect (r) and perfect (R). We prove that SCTL is more expressive than ATL for all semantics, and this holds for the timed versions as well. Moreover, the model checking problem for SCTL[ir] is of the same complexity as for ATL[ir], the model checking problem for STCTL[ir] is of the same complexity as for TCTL, while for STCTL[iR] it is undecidable as for ATL[iR]. The above results suggest to use SCTL[ir] and STCTL[ir] in practical applications. Therefore, we use the tool IMITATOR to support model checking of STCTL[ir]

FuFaIR: a Fuzzy Farsi Information Retrieval System

Persian (Farsi) is one of the languages of Middle East. There are significant amount of Persian documents available in digital form and even more are created every day. Therefore, there is a necessity to implement Information Retrieval System with high precision for this language. This paper discusses the design, implementation and testing of a Fuzzy retrieval system for Persian called FuFaIR. This system also supports Fuzzy quantifiers in its query language. Tests have been conducted using a standard Persian test corpus called Hamshari. The performance results obtained from FuFaIR are positive and they indicate that the FuFaIR could notably outperform well known industry systems such as the vector space model

Automatic Target Recognition User Interface Tool

A computer tool to aid in selecting the best Automatic Target Recognition (ATR) algorithm is developed. The program considers many quantifiers, accepts user-defined parameters, allows for changes in the operational environment and presents results in a meaningful way. It is written for Microsoft Excel. An ATR algorithm assigns a class label to a recognized target. General designations can include Friend and Foe. The error of designating Friend as Foe as well as Foe as Friend comes with a high cost. Studying each algorithm\u27s error can minimize this cost. Receiver Operating Characteristic (ROC) curves provide only information on the probabilities given a system state of declaring up to three class labels: True, False or Unknown. Other quantifiers, including an alternate ROC curve, are developed in this study to provide information on the probability of a system state given any of multiple declarations, which is more useful to the user. Sensitivity to prior probabilities, suggestions for user-defined parameters and areas for future research are identified as the User Interface Tool is described in detail in this thesis