Dynamic Logic
The Java Language Specification
The Java Language Specification
Computer
KIV 3.0 for Provably Correct Systems
FM-Trends 98 Proceedings of the International Workshop on Current Trends in Applied Formal Method: Applied Formal Methods
Abstract State Machines: A Method for High-Level System Design and Analysis
Abstract State Machines: A Method for High-Level System Design and Analysis
An overview of JML tools and applications
International Journal on Software Tools for Technology Transfer (STTT) - Special section on formal methods for industrial critical systems
ASM Refinement and generalizations of forward simulation in data refinement: a comparison
Theoretical Computer Science - Abstract state machines and high-level system design and analysis
The verified software repository: a step towards the verifying compiler
Formal Aspects of Computing
Specification and verification challenges for sequential object-oriented programs
Formal Aspects of Computing
A Modeling Framework for the Development of Provably Secure E-Commerce Applications
ICSEA '07 Proceedings of the International Conference on Software Engineering Advances
Verifying the Mondex Case Study
SEFM '07 Proceedings of the Fifth IEEE International Conference on Software Engineering and Formal Methods
ASN1-light: A Verified Message Encoding for Security Protocols
SEFM '07 Proceedings of the Fifth IEEE International Conference on Software Engineering and Formal Methods
Verification of Mondex electronic purses with KIV: from transactions to a security protocol
Formal Aspects of Computing
Mondex, an electronic purse: specification and refinement checks with the Alloy model-finding method
Formal Aspects of Computing
Retrenching the Purse: The Balance Enquiry Quandary, and Generalised and (1,1) Forward Refinements
Fundamenta Informaticae - This is a SPECIAL ISSUE ON ASM'05
On the security of public key protocols
SFCS '81 Proceedings of the 22nd Annual Symposium on Foundations of Computer Science
Verifying smart card applications: an ASM approach
IFM'07 Proceedings of the 6th international conference on Integrated formal methods
Algebraic approaches to formal analysis of the Mondex electronic purse system
IFM'07 Proceedings of the 6th international conference on Integrated formal methods
A refinement method for Java programs
FMOODS'07 Proceedings of the 9th IFIP WG 6.1 international conference on Formal methods for open object-based distributed systems
Verification of object-oriented software: The KeY approach
Verification of object-oriented software: The KeY approach
Z/Eves and the mondex electronic purse
ICTAC'06 Proceedings of the Third international conference on Theoretical Aspects of Computing
The ideal of verified software
CAV'06 Proceedings of the 18th international conference on Computer Aided Verification
The mondex challenge: machine checked proofs for an electronic purse
FM'06 Proceedings of the 14th international conference on Formal Methods
Verification of Java Programs with Generics
AMAST 2008 Proceedings of the 12th international conference on Algebraic Methodology and Software Technology
A Concept-Driven Construction of the Mondex Protocol Using Three Refinements
ABZ '08 Proceedings of the 1st international conference on Abstract State Machines, B and Z
Abstract Specification of the UBIFS File System for Flash Memory
FM '09 Proceedings of the 2nd World Congress on Formal Methods
Formally based semi-automatic implementation of an open security protocol
Journal of Systems and Software
| Hi-index | 0.00 |
We present a verified JavaCard implementation for the Mondex Verification Challenge. This completes a series of verification efforts that we made to verify the Mondex case study starting at abstract transaction specifications, continuing with an introduction of a security protocol and now finally the refinement of this protocol to running source code. We show that current verification techniques and tool support are not only suitable to verify the original case study as stated in the Grand Challenge but also can cope with extensions of it resulting in verified and running code. The Mondex verification presented in this paper is the first one that carries security properties proven on an abstract level to an implementation level using refinement.