Introduction to HOL: a theorem proving environment for higher order logic
Introduction to HOL: a theorem proving environment for higher order logic
A structured TCP in standard ML.
SIGCOMM '94 Proceedings of the conference on Communications architectures, protocols and applications
TCP/IP illustrated (vol. 2): the implementation
TCP/IP illustrated (vol. 2): the implementation
Forward and backward simulations II.: timing-based systems
Information and Computation
Generating efficient protocol code from an abstract specification
IEEE/ACM Transactions on Networking (TON)
Automated packet trace analysis of TCP implementations
SIGCOMM '97 Proceedings of the ACM SIGCOMM '97 conference on Applications, technologies, architectures, and protocols for computer communication
Formal verification of communication protocols
IFIP TC6/ 6.1 international conference on formal description techniques IX/protocol specification, testing and verification XVI on Formal description techniques IX : theory, application and tools: theory, application and tools
A readable TCP in the Prolac protocol language
Proceedings of the conference on Applications, technologies, architectures, and protocols for computer communication
What packets may come: automata for network monitoring
POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Formal specification and verification of safety and performance of TCP selective acknowledgment
IEEE/ACM Transactions on Networking (TON)
UNIX Network Programming: Networking APIs: Sockets and XTI
UNIX Network Programming: Networking APIs: Sockets and XTI
Formal verification of standards for distance vector routing protocols
Journal of the ACM (JACM)
Timing UDP: Mechanized Semantics for Sockets, Threads, and Failures
ESOP '02 Proceedings of the 11th European Symposium on Programming Languages and Systems
The UDP Calculus: Rigorous Semantics for Real Networking
TACS '01 Proceedings of the 4th International Symposium on Theoretical Aspects of Computer Software
CCS + Time = An Interleaving Model for Real Time Systems
ICALP '91 Proceedings of the 18th International Colloquium on Automata, Languages and Programming
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Stenning's protocol implemented in UDP and verified in Isabelle
CATS '05 Proceedings of the 2005 Australasian symposium on Theory of computing - Volume 41
Rigour is good for you and feasible: reflections on formal treatments of C and UDP sockets
EW 10 Proceedings of the 10th workshop on ACM SIGOPS European workshop
Model checking large network protocol implementations
NSDI'04 Proceedings of the 1st conference on Symposium on Networked Systems Design and Implementation - Volume 1
Midpoints Versus Endpoints: From Protocols to Firewalls
ACNS '07 Proceedings of the 5th international conference on Applied Cryptography and Network Security
A Rigorous Approach to Networking: TCP, from Implementation to Protocol to Service
FM '08 Proceedings of the 15th international symposium on Formal Methods
Model-Based Firewall Conformance Testing
TestCom '08 / FATES '08 Proceedings of the 20th IFIP TC 6/WG 6.1 international conference on Testing of Software and Communicating Systems: 8th International Workshop
Verifying distributed systems: the operational approach
Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
ACM Transactions on Programming Languages and Systems (TOPLAS)
Formal specification of MPI 2.0: Case study in specifying a practical concurrent programming API
Science of Computer Programming
Trace-based verification of imperative programs with I/O
Journal of Symbolic Computation
Towards formal verification of TLS network packet processing written in C
PLPV '13 Proceedings of the 7th workshop on Programming languages meets program verification
packetdrill: scriptable network stack testing, from sockets to packets
USENIX ATC'13 Proceedings of the 2013 USENIX conference on Annual Technical Conference
A trusted mechanised JavaScript specification
Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
| Hi-index | 0.00 |
The TCP/IP protocols and Sockets API underlie much of modern computation, but their semantics have historically been very complex and ill-defined. The real standard is the de facto one of the common implementations, including, for example, the 15,000--20,000 lines of C in the BSD implementation. Dealing rigorously with the behaviour of such bodies of code is challenging.We have recently developed a post-hoc specification of TCP, UDP, and Sockets that is rigorous, detailed, readable, has broad coverage, and is remarkably accurate. In this paper we describe the novel techniques that were required.Working within a general-purpose proof assistant (HOL), we developed language idioms (within higher-order logic) in which to write the specification: operational semantics with nondeterminism, time, system calls, monadic relational programming, etc. We followed an experimental semantics approach, validating the specification against several thousand traces captured from three implementations (FreeBSD, Linux, and WinXP). Many differences between these were identified, and a number of bugs. Validation was done using a special-purpose symbolic model checker programmed above HOL.We suggest that similar logic engineering techniques could be applied to future critical software infrastructure at design time, leading to cleaner designs and (via specification-based testing using a similar checker) more predictable implementations.