IEEE Transactions on Software Engineering - Special issue on formal methods in software practice
Model checking for programming languages using VeriSoft
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A practical method for verifying event-driven software
Proceedings of the 21st international conference on Software engineering
Model checking
Bandera: extracting finite-state models from Java source code
Proceedings of the 22nd international conference on Software engineering
Using encryption for authentication in large networks of computers
Communications of the ACM
System architecture directions for networked sensors
ASPLOS IX Proceedings of the ninth international conference on Architectural support for programming languages and operating systems
SPINS: security protocols for sensor networks
Proceedings of the 7th annual international conference on Mobile computing and networking
Symbolic Logic and Mechanical Theorem Proving
Symbolic Logic and Mechanical Theorem Proving
A key-management scheme for distributed sensor networks
Proceedings of the 9th ACM conference on Computer and communications security
The nesC language: A holistic approach to networked embedded systems
PLDI '03 Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
CMC: a pragmatic approach to model checking real code
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
Verified Interoperable Implementations of Security Protocols
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Cryptographic protocol analysis on real c code
VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
The changing environment for security protocols
IEEE Network: The Magazine of Global Internetworking
| Hi-index | 0.00 |
Finding flaws in security protocol implementations is hard. Finding flaws in the implementations of sensor network security protocols is even harder because they are designed to protect against more system failures compared to traditional protocols. Formal verification techniques such as model checking, theorem proving, etc, have been very successful in the past in detecting faults in security protocol specifications; however, they generally require a model. Developing these models is a non-trivial task for an average developer. This task is further complicated by the impedance mismatch between the implementation language and the modeling language. For example, while the dominant implementation language for sensor network applications (nesC) uses an event-based paradigm, the modeling language (Promela) uses message-driven paradigm. The key goal of this research is to ease the task of verifying sensor network security protocol implementations for the sensor network community by defining an approach for automatically extracting a model from the nesC implementations of a security protocol. We contribute the design and implementation of a verification framework that we call Slede which emulates our approach to extract a PROMELA model from nesC security protocol implementations. By significantly decreasing the cost of verification, we believe our approach will improve the overall quality of the nesC security protocol implementations.