Comparative Study of Eight Formal Specifications of the Message Authenticator Algorithm

The Message Authenticator Algorithm (MAA) is one of the first cryptographic functions for computing a Message Authentication Code. Between 1987 and 2001, the MAA was adopted in international standards (ISO 8730 and ISO 8731-2) to ensure the authenticity and integrity of banking transactions. In 1990 and 1991, three formal, yet non-executable, specifications of the MAA (in VDM, Z, and LOTOS) were developed at NPL. Since then, five formal executable specifications of the MAA (in LOTOS, LNT, and term rewrite systems) have been designed at INRIA Grenoble. This article provides an overview of the MAA and compares its formal specifications with respect to common-sense criteria, such as conciseness, readability, and efficiency of code generation.Comment: In Proceedings MARS/VPT 2018, arXiv:1803.0866

Nested-unit Petri nets

International audiencePetri nets can express concurrency and nondeterminism but neither locality nor hierarchy. This article presents an extension of Petri nets, in which places can be grouped into so-called "units" expressing sequential components. Units can be recursively nested to reflect both the concurrent and hierarchical nature of complex systems. This model called NUPN (Nested-Unit Petri Nets) was originally developed for translating process calculi to Petri nets, but later found also useful beyond this setting. It allows significant savings in the memory representation of markings for both explicit-state and symbolic verification. Thirteen software tools already implement the NUPN model, which has also been adopted for the benchmarks of the Model Checking Contest (MCC) and the parallel problems of the Rigorous Examination of Reactive Systems (RERS) challenges

Proposal for Adding Useful Features to Petri-Net Model Checkers

Solutions proposed for the longstanding problem of automatic decomposition of Petri nets into concurrent processes, as well as methods developed in Grenoble for the automatic conversion of safe Petri nets to NUPNs (Nested-Unit Petri Nets), require certain properties to be computed on Petri nets. We notice that, although these properties are theoretically interesting and practically useful, they are not currently implemented in mainstream Petri net tools. Taking into account such properties would open fruitful research directions for tool developers, and new perspectives for the Model Checking Contest as well

On the Most Suitable Axiomatization of Signed Integers

Part 4: Regular PapersInternational audienceThe standard mathematical definition of signed integers, based on set theory, is not well-adapted to the needs of computer science. For this reason, many formal specification languages and theorem provers have designed alternative definitions of signed integers based on term algebras , by extending the Peano-style construction of unsigned naturals using "zero" and "succ" to the case of signed integers. We compare the various approaches used in CADP, CASL, Coq, Isabelle/HOL, KIV, Maude, mCRL2, PSF, SMT-LIB, TLA+, etc. according to objective criteria and suggest an "optimal" definition of signed integers

Revisiting sequential composition in process calculi

International audienceThe article reviews the various ways sequential composition is defined in traditional process calculi, and shows that such definitions are not optimal, thus limiting the dissemination of concurrency theory ideas among computer scientists. An alternative approach is proposed, based on a symmetric binary operator and write-many variables. This approach, which generalizes traditional process calculi, has been used to define the new LNT language implemented in the CADP toolbox. Feedback gained from university lectures and real-life case studies shows a high acceptance by computer-science students and industry engineers

Specification and Verification of various Distributed Leader Election Algorithm for Unidirectional Ring Networks

This report deals with the formal specification and verification of distributed leader election algorithms for a set of machines connected by a unidirectional ring network. Starting from an algorithm proposed by Le~Lann in 1977, and its variant proposed by Chang and Roberts in 1979, we study the robustness of this class of algorithms in presence of unreliable communication medium and/or unreliable machines. We suggest various improvements of these algorithms in order to obtain a fully fault-tolerant protocol. These algorithms are formally described using the ISO specification language LOTOS and verified (for a fixed number of machines) using the CADP (CÆSAR/ALDEBARAN) toolbox. Model-checking and bisimulation techniques allow the verification of these non-trivial algorithms to be carried out automatically

Le jeu de tests VLSAT-2

This report presents VLSAT-2 (an acronym for "Very Large Boolean SATisfiability problems"),the second part of a benchmark suite to be used in scientific experiments and softwarecompetitions addressing SAT-solving issues.VLSAT-2 contains 100 benchmarks (50 satisfiable and 50 unsatisfiable formulas)of increasing complexity, proposed in DIMACS CNF format undera permissive Creative Commons license.25% of these benchmarks have been used during the 2020 and 2021 editionsof the International SAT Competition.VLSAT-2 (acronyme anglais de "très grands problèmes de satisfaisabilité booléenne")est le second volet d'une suite de tests destinée aux expérimentations scientifiqueset aux compétitions de logiciels pour la résolution de problèmes SAT.VLSAT-2 contient 100 tests (50 formules satisfaisables et 50 insatisfaisables)de complexité croissante, fournis en format DIMACS CNF sous une licence Creative Commons permissive.25% de ces tests ont été utilisés lors des éditions 2020 et 2021 de la compétition internationale sur la résolution SAT

Preface Volume 66, Issue 2

AbstractForewordThe aim of the FMICS workshops is to provide a forum for researchers who are interested in the development and application of formal methods in industry. In particular, these workshops are intended to bring together scientists who are active in the area of formal methods and interested in exchanging their experiences in the industrial usage of these methods. These workshops also strive to promote research and development for the improvement of formal methods and tools for industrial applications. Topics include, but are not restricted to: •Tools for the design and development of formal descriptions•Verification and validation of complex, distributed, real-time systems and embedded systems•Verification and validation methods that aim at circumventing shortcomings of existing methods in respect to their industrial applicability•Formal methods based conformance, interoperability and performance testing•Case studies and project reports on formal methods related projects with industrial participation (e.g. safety critical systems, mobile systems, object-based distributed systems)•Application of formal methods in standardization and industrial forumsPrevious workshops of the ERCIM working group on Formal Methods for Industrial Critical Systems were held in Oxford (March 1996), Cesena (July 1997), Amsterdam (May 1998), Trento (July 1999), Berlin (April 2000), and Paris (July 2001).This year's workshop is organized at the University of Málaga, immediately after the ICALP 2002 conference. It includes five sessions of regular contributions. We are also pleased to welcome three invited presentations: Andreas Podelski, who discusses abstraction for software model checking, Andrew D. Gordon, who investigates in authenticity types for cryptographic protocols and Wang Yi, who addresses the issue of synthetizing verified real time software.The proceedings of FMICS 02 are published both physically, as a technical report of the University of Málaga, and electronically, in the ENTCS series (Electronic Notes in Theoretical Computer Science).We wish to thank the members of the programme committee and the additional reviewers for their careful evaluation of the submitted papers (13 papers have been selected out of 22 submitted). We are very grateful to the local organizers at the University of Málaga, and especially Pedro Merino, for their excellent assistance during the workshop preparation.Finally, we would like to thank ERCIM and ICALP for their financial and organizational support of FMICS 02. Our reviewing process benefited from the METAFrame Online Conference Service (courtesy of METAFrame Technologies, which we would like to thank also for their technical support in setting and running the service).Rance Cleaveland, Hubert GaravelJune 2002Further information about the FMICS working group: http://www.inrialpes.fr/vasy/fmicsProgramme Committee •T. Arts (Ericsson, S)•M. Bernardo (Univ. of Urbino, I)•R. Cleaveland, co-chair (SUNY and Reactive Systems, USA)•W.J. Fokkink(CWI, NL)•H. Garavel, co-chair (INRIA Rhone-Alpes, F)•S. Gnesi (CNR/IEI Pisa, I)•P. Godefroid (Bell Labs, USA)•H. Hermanns (Univ. Twente, NL)•T. Margaria (METAFrame Technologies, D)•P. Merino Gómez, local organization chair (Univ. Málaga, E)•I. Schieferdecker (GMD Berlin, D)•S. Schneider (Royal Holloway, University of London, UK)•M. Sighireanu (University of Paris-7 Jussieu, F)•R. de Simone (INRIA Sophia Antipolis, F)•U. Ultes-Nitsche (University of Southampton, UK)•A. Valmari (Tampere University of Technology, Fi)•W. Visser (RIACS/NASA Ames, USA)Additional Reviewers •Bahareh Badban•Clara Benac Earle•Tommaso Bolognesi•Antonio Cerone•Kousha Etessami•Alessandro Fantechi•Natalia Ioustinova•Frederic Lang•Izak van Langevelde•Michael Leuschel•Pablo Lopez•Cecilia Mascolo•Mieke Massink•Radu Mateescu•Simona Orzan•Jun Pang•Laurence Pierre•Simon St James•Laurent Thery•Mikko TiusanenLocal Organizing CommitteeSoftware Engineering Group, University of Málaga •M. del Mar Gallardo•P. López•J. Martínez•P. Merino, local organization chai

System Design of a CC-NUMA Multiprocessor Architecture Using Formal Specification, Model-Checking, Co-Simulation, and Test Generation

The application of formal methods to system-level design of hardware components is still an open issue for which concrete case-studies are needed. We present here an industrial experiment concerning the application of the process algebraic language Lotos (ISO standard 8807) to the design of Polykid, a CC-NUMA (Cache Coherent -- Non Uniform Memory Access) multiprocessor architecture developed by Bull. The formal descriptions developed for Polykid have served as a basis not only for model-checking verification using CADP (Caesar/Aldebaran Development Package), but also for hardware-software co-simulation using the Exec/Caesar tool, and for automatic generation of executable tests using the TGV tool