Service specification and protocol construction for the transport layer
SIGCOMM '88 Symposium proceedings on Communications architectures and protocols
A verified connection management protocol for the transport layer
SIGCOMM '87 Proceedings of the ACM workshop on Frontiers in computer communications technology
A structured TCP in standard ML.
SIGCOMM '94 Proceedings of the conference on Communications architectures, protocols and applications
Forward and backward simulations I.: untimed systems
Information and Computation
Generating efficient protocol code from an abstract specification
IEEE/ACM Transactions on Networking (TON)
A readable TCP in the Prolac protocol language
Proceedings of the conference on Applications, technologies, architectures, and protocols for computer communication
Formal specification and verification of safety and performance of TCP selective acknowledgment
IEEE/ACM Transactions on Networking (TON)
Timing UDP: Mechanized Semantics for Sockets, Threads, and Failures
ESOP '02 Proceedings of the 11th European Symposium on Programming Languages and Systems
The UDP Calculus: Rigorous Semantics for Real Networking
TACS '01 Proceedings of the 4th International Symposium on Theoretical Aspects of Computer Software
Abstraction of Communication Channels in Promela: A Case Study
Proceedings of the 7th International SPIN Workshop on SPIN Model Checking and Software Verification
Verifying Network Protocol Implementations by Symbolic Refinement Checking
CAV '01 Proceedings of the 13th International Conference on Computer Aided Verification
On defining the service provided by TCP
ACSC '03 Proceedings of the 26th Australasian computer science conference - Volume 16
A graph-model analysis of computer communications protocols.
A graph-model analysis of computer communications protocols.
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Engineering with logic: HOL specification and symbolic-evaluation testing for TCP implementations
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Rigour is good for you and feasible: reflections on formal treatments of C and UDP sockets
EW 10 Proceedings of the 10th workshop on ACM SIGOPS European workshop
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
Rigorous Protocol Design in Practice: An Optical Packet-Switch MAC in HOL
ICNP '06 Proceedings of the Proceedings of the 2006 IEEE International Conference on Network Protocols
Verification and improvement of the sliding window protocol
TACAS'03 Proceedings of the 9th international conference on Tools and algorithms for the construction and analysis of systems
Specification-driven monitoring of TCP/IP
EURO-PDP'00 Proceedings of the 8th Euromicro conference on Parallel and distributed processing
Verifying security properties of internet protocol stacks: The split verification approach
Journal of Systems Architecture: the EUROMICRO Journal
Lem: a lightweight tool for heavyweight semantics
ITP'11 Proceedings of the Second international conference on Interactive theorem proving
A mechanized model for CAN protocols
FASE'13 Proceedings of the 16th international conference on Fundamental Approaches to Software Engineering
| Hi-index | 0.00 |
Despite more then 30 years of research on protocol specification, the major protocols deployed in the Internet, such as TCP, are described only in informal prose RFCs and executable code. In part this is because the scale and complexity of these protocols makes them challenging targets for formalization.In this paper we show how these difficulties can be addressed. We develop a high-level specification for TCP and the Sockets API, expressed in the HOL proof assistant, describing the byte-stream service that TCP provides to users. This complements our previous low-level specification of the protocol internals, and makes it possible for the first time to state what it means for TCP to be correct: that the protocol implements the service. We define a precise abstraction function between the models and validate it by testing, using verified testing infrastructure within HOL. This is a pragmatic alternative to full proof, providing reasonable confidence at a relatively low entry cost.Together with our previous validation of the low-level model, this shows how one can rigorously tie together concrete implementations, low-level protocol models, and specifications of the services they claim to provide, dealing with the complexity of real-world protocols throughout.