The Z notation: a reference manual
The Z notation: a reference manual
In transition from global to modular temporal reasoning about programs
Logics and models of concurrent systems
Model checking vs. theorem proving: a manifesto
Artificial intelligence and mathematical theory of computation
Model checking, abstraction, and compositional verification
Model checking, abstraction, and compositional verification
Guarded commands, nondeterminacy and formal derivation of programs
Communications of the ACM
Slicing Software for Model Construction
Higher-Order and Symbolic Computation
System Design with SystemC
A Network Protocol Stack in Standard ML
Higher-Order and Symbolic Computation
Automated Software Engineering
A Structure Preserving Encoding of Z in Isabelle/HOL
TPHOLs '96 Proceedings of the 9th International Conference on Theorem Proving in Higher Order Logics
An Integration of Model Checking with Automated Proof Checking
Proceedings of the 7th International Conference on Computer Aided Verification
PVS: Combining Specification, Proof Checking, and Model Checking
CAV '96 Proceedings of the 8th International Conference on Computer Aided Verification
The Horus and Ensemble Projects: Accomplishments and Limitations
The Horus and Ensemble Projects: Accomplishments and Limitations
Model checking and theorem proving: a unified framework
Model checking and theorem proving: a unified framework
Melange: creating a "functional" internet
Proceedings of the 2nd ACM SIGOPS/EuroSys European Conference on Computer Systems 2007
Mechanising Mondex with Z/Eves
Formal Aspects of Computing
Principles of the Spin Model Checker
Principles of the Spin Model Checker
Cyber-Physical Systems: A New Frontier
SUTC '08 Proceedings of the 2008 IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (sutc 2008)
A Rigorous Approach to Networking: TCP, from Implementation to Protocol to Service
FM '08 Proceedings of the 15th international symposium on Formal Methods
POSIX file store in Z/Eves: An experiment in the verified software repository
Science of Computer Programming
Formal Verification of C Systems Code
Journal of Automated Reasoning
seL4: formal verification of an OS kernel
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
A Formally Verified Compiler Back-end
Journal of Automated Reasoning
Simpler Reasoning About System Properties: a Proof-by-Refinement Technique
Electronic Notes in Theoretical Computer Science (ENTCS)
Model checking z specifications using SAL
ZB'05 Proceedings of the 4th international conference on Formal Specification and Development in Z and B
Virtual private networks: an overview with performance evaluation
IEEE Communications Magazine
Hi-index | 0.00 |
We propose a novel method to construct user-space internet protocol stacks whose security properties can be formally explored and verified. The proposed method allows construction of protocol stacks using a C++ subset. We define a formal state-transformer representation of protocol stacks in which the protocol stack is specified in terms of three primary operations, which are constructed from sub-operations, in a compositional manner. We also define a Kripke model that captures the sequencing and attributes of stack operations. We propose a novel approach, called split verification, which combines theorem-proving and model-checking to establish properties for a protocol stack specification. In split verification, properties to be established for the stack are expressed as a combination of properties for primitive operations to be established via theorem-proving as well as temporal properties on operation sequencing, called promotion conditions, to be established via model-checking on the stack operations model. We use abstract Z specifications to represent operation properties and computational tree logic (CTL) formulae to represent promotion conditions. Operation properties are established by checking whether the operation(s) under consideration are correct refinements of the abstract Z specification(s). Our conclusion is that split verification: (a) avoids scalability issues caused by state-space explosion in model-checking and long unwieldy proofs in theorem-proving, and, (b) lowers cost of proof maintenance for localized changes in the stack.