A systematic verification approach for mondex electronic purses using ASMs

Authors:
Gerhard Schellhorn;Holger Grandy;Dominik Haneberg;Nina Moebius;Wolfgang Reif
Affiliations:
Lehrstuhl für Softwaretechnik und Programmiersprachen, Universität Augsburg, Augsburg, Germany;Lehrstuhl für Softwaretechnik und Programmiersprachen, Universität Augsburg, Augsburg, Germany;Lehrstuhl für Softwaretechnik und Programmiersprachen, Universität Augsburg, Augsburg, Germany;Lehrstuhl für Softwaretechnik und Programmiersprachen, Universität Augsburg, Augsburg, Germany;Lehrstuhl für Softwaretechnik und Programmiersprachen, Universität Augsburg, Augsburg, Germany
Venue:
Rigorous Methods for Software Construction and Analysis
Year:
2009

Citing 13
Cited 5

Evolving algebras 1993: Lipari guide

Specification and validation methods
Dynamic Logic

Dynamic Logic
A Practical Method for Rigorously Controllable Hardware Design

ZUM '97 Proceedings of the 10th International Conference of Z Users on The Z Formal Specification Notation
Abstract State Machines: A Method for High-Level System Design and Analysis

Abstract State Machines: A Method for High-Level System Design and Analysis
ASM Refinement and generalizations of forward simulation in data refinement: a comparison

Theoretical Computer Science - Abstract state machines and high-level system design and analysis
First Steps in the Verified Software Grand Challenge

Computer
Verification of Mondex electronic purses with KIV: from transactions to a security protocol

Formal Aspects of Computing
Mondex, an electronic purse: specification and refinement checks with the Alloy model-finding method

Formal Aspects of Computing
Retrenching the Purse: The Balance Enquiry Quandary, and Generalised and (1,1) Forward Refinements

Fundamenta Informaticae - This is a SPECIAL ISSUE ON ASM'05
Using coupled simulations in non-atomic refinement

ZB'03 Proceedings of the 3rd international conference on Formal specification and development in Z and B
Verifying smart card applications: an ASM approach

IFM'07 Proceedings of the 6th international conference on Integrated formal methods
Z/Eves and the mondex electronic purse

ICTAC'06 Proceedings of the Third international conference on Theoretical Aspects of Computing
The mondex challenge: machine checked proofs for an electronic purse

FM'06 Proceedings of the 14th international conference on Formal Methods

Completeness of ASM Refinement

Electronic Notes in Theoretical Computer Science (ENTCS)
Refinement of State-Based Systems: ASMs and Big Commuting Diagrams (Abstract)

ABZ '08 Proceedings of the 1st international conference on Abstract State Machines, B and Z
Abstract Specification of the UBIFS File System for Flash Memory

FM '09 Proceedings of the 2nd World Congress on Formal Methods
Completeness of fair ASM refinement

Science of Computer Programming
Ten commandments ten years on: lessons for ASM, B, Z and VSR-net

Rigorous Methods for Software Construction and Analysis

Quantified Score

Hi-index	0.00

Visualization

Abstract

In previous work we solved the challenge to mechanically verify the Mondex challenge about the specification and refinement of an electronic purse, using the given data refinement framework. In this paper we show that using ASM refinement and generalized forward simulations instead of the original approach allows to find a more systematic proof. Our technique of past and future invariants and simulations avoids the need to define a lot of properties for intermediate states during protocol runs. The new proof can be better automated in KIV. The systematic development of a generalized forward simulation uncovered a weakness of the protocol that could be exploited in a denial of service attack. We show a modification of the protocol that avoids this weakness, and that is even slightly easier to verify.