Retrenching the Purse: Finite Exception Logs, and Validating the Small

The Mondex Electronic Purse is an outstanding example of industrial scale formal refinement, and was the first verification to achieve ITSEC level E6 certification. A formal abstract model and a formal concrete model were developed, and a formal refinement was hand-proved between them. Nevertheless, certain requirements issues were set beyond the scope of the formal development, or handled in an unnatural manner. The retrenchment Tower Pattern is used to address one such issue in detail: the finiteness of the purse log (which records unsuccessful transactions). A retrenchment is constructed from the lowest level model of the purse system to a model in which logs are finite, and is then lifted to create two refinement developments of the purse, working at different levels of detail, and connected via retrenchments, forming the tower. The tower development is appropriately validated, vindicating the design used

Dynamic aspects of retrenchments through temporal logic

Refinement is used as a way to verify an implementation with respect to a specification. States of related systems are linked through a so called gluing invariant which remains always true during the synchronous execution of both systems. Refinement is a sufficient condition for this property. Retrenchment is a generalization of refinement which relax the constraints between both systems. This paper proposes a temporal logic counterpart for some specific forms of retrenchment

Exploring the Privacy Concerns in Permissionless Blockchain Networks and Potential Solutions

In recent years, permissionless blockchains have gained significant attention for their ability to secure and provide transparency in transactions. The development of blockchain technology has shifted from cryptocurrency to decentralized finance, benefiting millions of unbanked individuals, and serving as the foundation of Web3, which aims to provide the next generation of the internet with data ownership for users. The rise of NFTs has also helped artists and creative workers to protect their intellectual property and reap the benefits of their work. However, privacy risks associated with permissionless blockchains have become a major concern for individuals and institutions. The role of blockchain in the transition from Web2 to Web3 is crucial, as it is rapidly evolving. As more individuals, institutions, and organizations adopt this technology, it becomes increasingly important to closely monitor the new risks associated with permissionless blockchains and provide updated solutions to mitigate them. This paper endeavors to examine the privacy risks inherent in permissionless blockchains, including Remote Procedure Call (RPC) issues, Ethereum Name Service (ENS), miner extractable value (MEV) bots, on-chain data analysis, data breaches, transaction linking, transaction metadata, and others. The existing solutions to these privacy risks, such as zero-knowledge proofs, ring signatures, Hyperledger Fabric, and stealth addresses, shall be analyzed. Finally, suggestions for the future improvement of privacy solutions in the permissionless blockchain space shall be put forward.Comment: Accepted to be published in: 2023 IEEE International Conference on Smart Information Systems and Technologies (SIST). \c{opyright} 2023 IEE

Evaluation of bridge decks using non-destructive evaluation (NDE) at near highway speeds for effective asset management-implementation for routine inspection (Phase III)

This project focused on implementing the 3DOBS technology (developed under Phase I and Phase II) for successful detection, quantification, and visualization of concrete bridge deck distress features at near-highway speeds for routine MDOT inspections. The integration and further re-defining of the 3DOBS methods into MDOT practices was accomplished by assessing 11 bridge decks with an average size of 10,350 square feet. Distress features were categorized according to the Bridge Element Inspection Manual and compared to traditional (visual) element level inspection results. The Great Lakes Engineering Group, LLC worked with the research team to inspect, interpret, report results, and advise on current condition state reporting requirements. The project team also trained MDOT bridge inspectors in the use of the remote sensing equipment, data collection, data processing, and reporting through multiple different training sessions. A cost comparison between 3DOBS and traditional inspection methods was conducted, with 3DOBS costing an average of $92 per bridge, as compared to$39 for traditional methods. For producing standard element level condition state tables, 3DOBS cost more than a traditional inspector, but is still estimated to be less than $100 for an average bridge in this study

Requirements Validation by Lifting Retrenchments in B

Simple retrenchment is briefly reviewed in the B specification language of J.-R.Abrial (Abrial,1996) as a liberalization of classical refinement, for the formal description of application developments too demanding for refinement. The looser relationships allowed by retrenchment between adjacent models in the development process may capture some of the requirements information of the development. This can make requirements validation more difficult to understand since the locus of requirements should be the models, and not their interrelationships, as far as possible. Hence the universal construction of (Banach,2000), originally proposed for simple transition systems, is reformulated in B, in order to "lift" a given retrenchment conceptually, thus retracting such requirements information back to the level of abstraction of the abstract, ideal model. Examples demonstrate the cognitive value of retracting requirements to the abstract level, articulated in a well-understood formal language. This is also seen to yield a more understandable way of comparing alternative retrenchment designs. Some new B syntax in the pre- and postcondition style is presented to facilitate expression of the lifted requirements

Stochastic Analogues of Invariants: Martingales in Stochastic Event-B

Abstract: In conventional formal model based development frameworks, invariants play a key role in controlling the behaviour of the model (when they contribute to the definition of the model) or in verifying the model's properties (when the model, independently defined, is required to preserve the invariants). However, when variables take values distributed according to some probability distribution, the possibility of verifying that system behaviour is, in the long term, confined to some acceptable set of states can be severely diminished because the system might, in fact, with low probability fail to be thus confined. This short paper proposes martingales as suitable analogues of invariants for capturing suitable properties of non-terminating systems whose behaviour is with high probability good, yet where a small chance of poor behaviour remains. The idea is explored in the context of the well-known Event-B framework