Formal Specification and Verification of Fully Asynchronous Implementations of the Data Encryption Standard

This paper presents two formal models of the Data Encryption Standard (DES), a first using the international standard LOTOS, and a second using the more recent process calculus LNT. Both models encode the DES in the style of asynchronous circuits, i.e., the data-flow blocks of the DES algorithm are represented by processes communicating via rendezvous. To ensure correctness of the models, several techniques have been applied, including model checking, equivalence checking, and comparing the results produced by a prototype automatically generated from the formal model with those of existing implementations of the DES. The complete code of the models is provided as appendices and also available on the website of the CADP verification toolbox.Comment: In Proceedings MARS 2015, arXiv:1511.0252

Analyse formelle du protocole ACE : cohérence de caches des systèmes sur puce

National audienceLes architectures des systèmes sur puce (System-on-Chip, SoC) d'aujourd'hui intègrent de nombreux composants différents tels que les processeurs, les accélérateurs, les mémoires et les blocs d'entrée/sortie, certains pouvant contenir des caches. Etant donné que l'effort de validation basée sur la simulation, actuellement utilisée dans l'industrie, croît de façon exponentielle avec la complexité des SoCs, nous nous intéressons à des techniques de vérification formelle. Nous utilisons la boîte à outils CADP pour développer et valider un modèle formel d'un SoC générique conforme à la spécification ACE, récemment proposée par ARM dans le but de mettre en \oe uvre la cohérence de cache au niveau système

Analyse formelle du protocole ACE : cohérence de caches des systèmes sur puce

National audienceLes architectures des systèmes sur puce (System-on-Chip, SoC) d'aujourd'hui intègrent de nombreux composants différents tels que les processeurs, les accélérateurs, les mémoires et les blocs d'entrée/sortie, certains pouvant contenir des caches. Etant donné que l'effort de validation basée sur la simulation, actuellement utilisée dans l'industrie, croît de façon exponentielle avec la complexité des SoCs, nous nous intéressons à des techniques de vérification formelle. Nous utilisons la boîte à outils CADP pour développer et valider un modèle formel d'un SoC générique conforme à la spécification ACE, récemment proposée par ARM dans le but de mettre en \oe uvre la cohérence de cache au niveau système

A Study of Shared-Memory Mutual Exclusion Protocols using CADP

International audienceMutual exclusion protocols are an essential building block of concurrent systems: indeed, such a protocol is required whenever a shared resource has to be protected against concurrent non-atomic accesses. Hence, many variants of mutual exclusion protocols exist in the shared-memory setting, such as Peterson's or Dekker's well-known protocols. Although the functional correctness of these protocols has been studied extensively, relatively little attention has been paid to their nonfunctional aspects, such as their performance in the long run. In this paper, we report on experiments with the performance evaluation of mutual exclusion protocols using Interactive Markov Chains. Steady-state analysis provides an additional criterion for comparing protocols, which complements the verification of their functional properties. We also carefully re-examined the functional properties, whose accurate formulation as temporal logic formulas in the action-based setting turns out to be quite involved

Modeling an Asynchronous Circuit Dedicated to the Protection Against Physical Attacks

Asynchronous circuits have several advantages for security applications, in particular their good resistance to attacks. In this paper, we report on experiments with modeling, at various abstraction levels, a patented asynchronous circuit for detecting physical attacks, such as cutting wires or producing short-circuits.Comment: In Proceedings MARS 2020, arXiv:2004.1240

On the Semantics of Communicating Hardware Processes and their Translation into LOTOS for the Verification of Asynchronous Circuits with CADP

International audienceHardware process calculi, such as CHP (Communicating Hardware Processes), Balsa, or Haste (formerly Tangram), are a natural approach for the description of asynchronous hardware architectures. These calculi are extensions of standard process calculi with particular synchronisation features implemented using handshake protocols. In this article, we first give a structural operational semantics for value-passing CHP. Compared to the existing semantics of CHP defined by translation into Petri nets, our semantics is general enough to handle value-passing CHP with communication channels open to the environment, and is also independent of any particular (2- or 4-phase) handshake protocol used for circuit implementation. We then describe the translation of CHP into the process calculus LOTOS (ISO standard 8807), in order to allow asynchronous hardware architectures expressed in CHP to be verified using the CADP verification toolbox for LOTOS. A translator from CHP to LOTOS has been implemented and successfully used for the compositional verification of two industrial case studies, namely an asynchronous implementation of the DES (Data Encryption Standard) and an asynchronous interconnect of a NoC (Network on Chip)

Is CADP an Applicable Formal Method?

International audienceCADP is a comprehensive toolbox implementing results of concurrency theory. This paper addresses the question, whether CADP qualifies as an applicable formal method, based on the experience of the authors and feedback reported by users

Using LNT Formal Descriptions for Model-Based Diagnosis

International audienceProviding models for model-based diagnosis has always been a challenging task. There has never been an agreement on an underlying modeling language, making it almost impossible to share models within our community. In addition, there are other domains like formal methods or model-based testing relying on system models for formal verification and automated test case generation. Although, there we face the situation of different modeling languages as well, the question remains whether it is possible to re-use these models in the context of model-based diagnosis. In this paper , we elaborate on this question and show how models written in LNT can be used for fault local-ization only requiring simple modification. This allows re-using formal method's models for diagnosis directly. Besides discussing the underlying principles, we also present a use case showing the applicability of the methods

Model-checking Synthesizable SystemVerilog Descriptions of Asynchronous Circuits

International audienceAsynchronous circuits have key advantages in terms of low energy consumption, robustness, and security. However , the absence of a global clock makes the design prone to deadlock, livelock, synchronization, and resource-sharing errors. Formal verification is thus essential for designing such circuits, but it is not widespread enough, as many hardware designers are not familiar with it and few verification tools can cope with asyn-chrony on complex designs. This paper suggests how an industrial design flow for asynchronous circuits, based upon the standard HDL SystemVerilog, can be supplemented with formal verification capabilities rooted in concurrency theory and model-checking technology. We demonstrate the practicality of our approach on an industrial asynchronous circuit (4000 lines of SystemVerilog) implementing a memory protection unit

CADP: A Toolbox for the Construction and Analysis of Distributed Processes

International audienceAsynchronous concurrency is becoming increasingly present in a large spectrum of systems, spanning from the level of systems- and networks-on-chip, over multi-processor architectures, up to the level of grid and cloud computing. Due to the intrinsic complexity of asynchronous concurrency, the correct design of such systems is notoriously difficult, requiring the support of formal methods and verification tools. CADP (Construction and Analysis of Distributed Processes) is a toolbox for the design, functional verification, and performance evaluation of asynchronous concurrent systems. Currently, CADP consists of about fifty interconnected tools and software libraries. The toolbox is distributed free of charge to academia and public research institutes, and is already used by more than 440 research institutions and companies worldwide in many application domains. Given the increasing number of systems featuring asynchronous concurrency, CADP could be used still more widely in research, industry, and education (in particular for teaching the concepts of concurrency theory). This tutorial presents the architecture and main functionalities of CADP, with a twofold objective. On the one hand, the tutorial illustrates the application of CADP to the modeling, functional verification, and performance evaluation. On the other hand, the tutorial presents various input languages accepted as input by CADP, together with software libraries that enable users to develop their own analysis tools. The well-known, but fundamental problem of mutual exclusion will serve as support to illustrate the principal functionalities of CADP: formal modeling of protocols, compositional state space generation, graph visualization, interactive step-by-step simulation, formulation and verification of temporal logic properties, as well as performance evaluation by compositional insertion of latency constraints and transformation into interactive Markov chains