Finding bugs in network protocols using simulation code and protocol-specific heuristics

Authors:
Ahmed Sobeih;Mahesh Viswanathan;Darko Marinov;Jennifer C. Hou
Affiliations:
Department of Computer Science, University of Illinois at Urbana-Champaign, Urbana, IL;Department of Computer Science, University of Illinois at Urbana-Champaign, Urbana, IL;Department of Computer Science, University of Illinois at Urbana-Champaign, Urbana, IL;Department of Computer Science, University of Illinois at Urbana-Champaign, Urbana, IL
Venue:
ICFEM'05 Proceedings of the 7th international conference on Formal Methods and Software Engineering
Year:
2005

Citing 24
Cited 4

Verification of communication protocols using data flow analysis

SIGSOFT '96 Proceedings of the 4th ACM SIGSOFT symposium on Foundations of software engineering
The Model Checker SPIN

IEEE Transactions on Software Engineering - Special issue on formal methods in software practice
Model checking for programming languages using VeriSoft

Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Validation with guided search of the state space

DAC '98 Proceedings of the 35th annual Design Automation Conference
Model checking

Model checking
Bandera: extracting finite-state models from Java source code

Proceedings of the 22nd international conference on Software engineering
Directed diffusion: a scalable and robust communication paradigm for sensor networks

MobiCom '00 Proceedings of the 6th annual international conference on Mobile computing and networking
Lazy abstraction

POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Symbolic Model Checking

Symbolic Model Checking
Formal verification of standards for distance vector routing protocols

Journal of the ACM (JACM)
Protocol Verification as a Hardware Design Aid

ICCD '92 Proceedings of the 1991 IEEE International Conference on Computer Design on VLSI in Computer & Processors
A Formal Approach for Passive Testing of Protocol Data Portions

ICNP '02 Proceedings of the 10th IEEE International Conference on Network Protocols
Java PathFinder, A Translator from Java to Promela

Proceedings of the 5th and 6th International SPIN Workshops on Theoretical and Practical Aspects of SPIN Model Checking
Exploring Very Large State Spaces Using Genetic Algorithms

TACAS '02 Proceedings of the 8th International Conference on Tools and Algorithms for the Construction and Analysis of Systems
The SLAM Toolkit

CAV '01 Proceedings of the 13th International Conference on Computer Aided Verification
Modular verification of software components in C

Proceedings of the 25th International Conference on Software Engineering
Java Model Checking

ASE '00 Proceedings of the 15th IEEE international conference on Automated software engineering
Model Checking Programs

ASE '00 Proceedings of the 15th IEEE international conference on Automated software engineering
Ad-hoc On-Demand Distance Vector Routing

WMCSA '99 Proceedings of the Second IEEE Workshop on Mobile Computer Systems and Applications
Directed explicit-state model checking in the validation of communication protocols

International Journal on Software Tools for Technology Transfer (STTT)
Heuristic-guided counterexample search in FLAVERS

Proceedings of the 12th ACM SIGSOFT twelfth international symposium on Foundations of software engineering
Dynamic partial-order reduction for model checking software

Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
CMC: a pragmatic approach to model checking real code

OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
Model checking large network protocol implementations

NSDI'04 Proceedings of the 1st conference on Symposium on Networked Systems Design and Implementation - Volume 1

Delta execution for efficient state-space exploration of object-oriented programs

Proceedings of the 2007 international symposium on Software testing and analysis
Delta execution for software reliability

HotDep'07 Proceedings of the 3rd workshop on on Hot Topics in System Dependability
Assertion Checking in J-Sim Simulation Models of Network Protocols

Simulation
Optimized execution of deterministic blocks in java pathfinder

ICFEM'06 Proceedings of the 8th international conference on Formal Methods and Software Engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

Traditional network simulators perform well in evaluating the performance of network protocols but lack the capability of verifying the correctness of protocols. To address this problem, we have extended the J-Sim network simulator with a model checking capability that explores the state space of a network protocol to find an execution that violates a safety invariant. In this paper, we demonstrate the usefulness of this integrated tool for verification and performance evaluation by analyzing two widely used and important network protocols: AODV and directed diffusion. Our analysis discovered a previously unknown bug in the J-Sim implementation of AODV. More importantly, we also discovered a serious deficiency in directed diffusion. To enable the analysis of these fairly complex protocols, we needed to develop protocol-specific search heuristics that guide state-space exploration. We report our findings on discovering good search heuristics to analyze network protocols similar to AODV and directed diffusion.