SeVe: automatic tool for verification of security protocols

Security protocols play more and more important roles with wide use in many applications nowadays. Currently, there are many tools for specifying and verifying security protocols such as Casper/FDR, ProVerif, or AVISPA. In these tools, the intruder’s ability, which either needs to be specified explicitly or set by default, is not flexible in some circumstances. Moreover, whereas most of the existing tools focus on secrecy and authentication properties, few supports privacy properties like anonymity, receipt freeness, and coercion resistance, which are crucial in many applications such as in electronic voting systems or anonymous online transactions.     

PREPARE: a tool for knowledge base verification

The knowledge base is the most important component in a knowledge-based system. Because a knowledge base is often built in an incremental, piecemeal fashion, potential errors may be inadvertently brought into it. One of the critical issues in developing reliable knowledge-based systems is how to verify the correctness of a knowledge base. The paper describes an automated tool called PREPARE for detecting potential errors in a knowledge base. PREPARE is based on modeling a knowledge base by using a predicate/transition net representation. Inconsistent, redundant, subsumed, circular, and incomplete rules in a knowledge base are then defined as patterns of the predicate/transition net model, and are detected through a syntactic pattern recognition method. The research results to date have indicated that: the methodology ran be adopted in knowledge-based systems where logic is used as knowledge representation formalism; the tool can be invoked at any stage of the system's development, even without a fully functioning inference engine; the predicate/transition net model of knowledge bases is easy to implement and provides a clear and understandable display of the knowledge to be used by the system     

Biometrics: a tool for information security

Establishing identity is becoming critical in our vastly interconnected society. Questions such as "Is she really who she claims to be?," "Is this person authorized to use this facility?," or "Is he in the watchlist posted by the government?" are routinely being posed in a variety of scenarios ranging from issuing a driver's license to gaining entry into a country. The need for reliable user authentication techniques has increased in the wake of heightened concerns about security and rapid advancements in networking, communication, and mobility. Biometrics, described as the science of recognizing an individual based on his or her physical or behavioral traits, is beginning to gain acceptance as a legitimate method for determining an individual's identity. Biometric systems have now been deployed in various commercial, civilian, and forensic applications as a means of establishing identity. In this paper, we provide an overview of biometrics and discuss some of the salient research issues that need to be addressed for making biometric technology an effective tool for providing information security. The primary contribution of this overview includes: 1) examining applications where biometric scan solve issues pertaining to information security; 2) enumerating the fundamental challenges encountered by biometric systems in real-world applications; and 3) discussing solutions to address the problems of scalability and security in large-scale authentication systems.     

Compositional analysis for verification of parameterized systems

Many safety-critical systems that have been considered by the verification community are parameterized by the number of concurrent components in the system, and hence describe an infinite family of systems. Traditional model checking techniques can only be used to verify specific instances of this family. In this paper, we present a technique based on compositional model checking and program analysis for automatic verification of infinite families of systems. The technique views a parameterized system as an expression in a process algebra (CCS) and interprets this expression over a domain of formulas (modal mu-calculus), considering a process as a property transformer. The transformers are constructed using partial model checking techniques. At its core, our technique solves the verification problem by finding the limit of a chain of formulas. We present a widening operation to find such a limit for properties expressible in a subset of modal mu-calculus. We describe the verification of a number of parameterized systems using our technique to demonstrate its utility.     

NeVer: a tool for artificial neural networks verification

The adoption of Artificial Neural Networks (ANNs) in safety-related applications is often avoided because it is difficult to rule out possible misbehaviors with traditional analytical or probabilistic techniques. In this paper we present NeVer, our tool for checking safety of ANNs. NeVer encodes the problem of verifying safety of ANNs into the problem of satisfying corresponding Boolean combinations of linear arithmetic constraints. We describe the main verification algorithm and the structure of NeVer. We present also empirical results confirming the effectiveness of NeVer on realistic case studies.     

A verification tool for ERLANG

This paper presents an overview of the main results of the project Verification of ERLANG Programs , which is funded by the Swedish Business Development Agency (NUTEK) and by Ericsson within the ASTEC (Advanced Software TEChnology) initiative. Its main outcome is the ERLANG Verification Tool (EVT), a theorem prover which assists in obtaining proofs that ERLANG applications satisfy their correctness requirements formulated as behavioural properties in a modal logic with recursion. We give a summary of the verification framework as supported by EVT, discuss reasoning principles essential for successful proofs such as inductive and compositional reasoning, and an efficient treatment of side-effect-free code. The experiences of applying the tool in an industrial case study are summarised, and an approach for supporting verification in the presence of program libraries is outlined.EVT is essentially a classical proof assistant, or theorem-proving tool, requiring users to intervene in the proof process at crucial steps such as stating program invariants. However, the tool offers considerable support for automatic proof discovery through higher-level tactics tailored to the particular task of the verification of ERLANG programs. In addition, a graphical interface permits easy navigation through proof tableaux, proof reuse, and meaningful feedback about the current proof state, to assist users in taking informed proof decisions.     

Formal verification of security protocol implementations: a survey

Automated formal verification of security protocols has been mostly focused on analyzing high-level abstract models which, however, are significantly different from real protocol implementations written in programming languages. Recently, some researchers have started investigating techniques that bring automated formal proofs closer to real implementations. This paper surveys these attempts, focusing on approaches that target the application code that implements protocol logic, rather than the libraries that implement cryptography. According to these approaches, libraries are assumed to correctly implement some models. The aim is to derive formal proofs that, under this assumption, give assurance about the application code that implements the protocol logic. The two main approaches of model extraction and code generation are presented, along with the main techniques adopted for each approach.     

Hierarchical formal verification using a hybrid tool

We describe a hybrid formal hardware verification tool that links the HOL interactive proof system and the MDG automated hardware verification tool. It supports a hierarchical verification approach that mirrors the hierarchical structure of designs. We obtain the advantages of both verification paradigms. We illustrate its use by considering a component of a communications chip. Verification with the hybrid tool is significantly faster and more tractable than using either tool alone. Published online: 19 November 2002     

Oris: a tool for modeling, verification and evaluation of real-time systems

Oris is a tool for qualitative verification and quantitative evaluation of reactive timed systems, which supports modeling and analysis of various classes of timed extensions of Petri Nets. As most characterizing features, Oris implements symbolic state space analysis of preemptive Time Petri Nets, which enable schedulability analysis of real-time systems running under priority preemptive scheduling; and stochastic Time Petri Nets, which enable an integrated approach to qualitative verification and quantitative evaluation. In this paper, we present the current version of the tool and we illustrate its application to two different case studies in the areas of qualitative verification and quantitative evaluation, respectively.     

Managing Network Security: The seedy side of security

Over the last few years, computing has changed to an almost purely networked environment, but the technical aspects of information protection have not kept up. As a result, the success of information security programmes has increasingly become a function of our ability to make prudent management decisions about organizational activities. This series of articles takes a management view of protection and seeks to reconcile the need for security with the limitations of technology.     

The Design of a Multicore Extension of the SPIN Model Checker

We describe an extension of the SPIN model checker for use on multicore shared-memory systems and report on its performance. We show how, with proper load balancing, the time requirements of a verification run can, in some cases, be reduced close to N-fold when N processing cores are used. We also analyze the types of verification problems for which multicore algorithms cannot provide relief. The extensions discussed here require only relatively small changes in the SPIN source code and are compatible with most existing verification modes such as partial order reduction, the verification of temporal logic formulas, bitstate hashing, and hash-compact compression.     

Accessible privacy and security: a universally usable human-interaction proof tool

Despite growing interest in designing usable systems for managing privacy and security, recent efforts have generally failed to address the needs of users with disabilities. As security and privacy tools often rely upon subtle visual cues or other potentially inaccessible indicators, users with perceptual limitations might find such tools particularly challenging. To understand the needs of an important group of users with disabilities, a focus group was conducted with blind users to determine their perceptions of security-related challenges. Human-interaction proof (HIP) tools, commonly known as CAPTCHAs, are used by web pages to defeat robots and were identified in the focus group as a major concern. Therefore, a usability test was conducted to see how well blind users were able to use audio equivalents of these graphical tools. Finally, an accessible HIP tool was developed which combines audio and matching images, supporting both visual and audio output. Encouraging results from a small usability evaluation of the prototype with five sighted users and five blind users show that this new form of HIP is preferred by both blind and visual users to previous forms of text-based HIPs. Future directions for research are also discussed.     

Experience of improving the blast static verification tool

The BLAST static verification tool is one of the open-source verifiers of software written in C. The paper describes principles of BLAST implementation, the limitations revealed in the course of its practical use in the verification of the Linux operating system drivers, and an attempt to improve BLAST in the framework of the Linux Driver Verification (LDV) project [3].     

A SDR-based verification platform for 802.11 PHY layer security authentication

World Wide Web - The WiFi security authentication mechanism combined with the PHY layer information has become a hot spot of WiFi security research. The PHY layer contains rich information such as...     

Memory-efficient algorithms for the verification of temporal properties

This article addresses the problem of designing memory-efficient algorithms for the verification of temporal properties of finite-state programs. Both the programs and their desired temporal properties are modeled as automata on infinite words (Büchi automata). Verification is then reduced to checking the emptiness of the automaton resulting from the product of the program and the property. This problem is usually solved by computing the strongly connected components of the graph representing the product automaton. Here, we present algorithms that solve the emptiness problem without explicitly constructing the strongly connected components of the product graph. By allowing the algorithms to err with some probability, we can implement them with a randomly accessed memory of size O(n) bits, where n is the number of states of the graph, instead of O(n log n) bits that the presently known algorithms require.     

The stencil buffer sweep plane algorithm for 5-axis CNC tool path verification

A new algorithm based on the sweep plane approach to determine the machined part geometry in 5-axis machining with general APT tools is presented. Undercut and overcut can be determined. Collision detection between the toolholder, workpiece and workpiece fixture can also be detected. The subtraction of the removed material is obtained for each sweep plane by using a stencil buffer. A flat plane is swept through the blank part, fixture and tool swept volume geometry. The intersections of sweep planes and the swept tool volume are computed based on the canonical representation of a cone, torus and sphere. The necessary data to compute all the intersections is stored in a text file, here called the M-Plane file (Memory Plane). The equations of the intersections are approximated by a polygon with variable accuracy. The resulting APT tool intersection in each sweep plane is then clipped against the blank workpiece intersection with the current sweep plane. The stencil buffer provides automatically the union of all tool intersections and the subtraction from the blank workpiece. This algorithm provides a 3D geometric model of the tool swept volume. The display algorithm is based on the Painter's algorithm, but there is no time consuming sorting from back to front required, as the sweep proceeds from back to front. The accuracy of the algorithm can be varied as a function of the requirements by changing the polygon approximation and the distance between the sweep planes.     

Development of a test suite for the verification of implementations of the IPsec v2 security protocol

The paper is devoted to the design of a test suite for testing the conformance of implementations of Internet nodes to the specifications of the new security protocol IPsec v2 [1–7]. The test suite is generated using the automated testing technology UniTESK [8] and the package CTesK [9], which implements this technology. The work was performed in the Institute for System Programming of the Russian Academy of Sciences within the project “Verification of security functions for the new generation protocol IPsec v2.” Requirements for the implementations of IPsec v2 were systemized, and formal specifications and a prototype of the test suite for the verification of implementations of IPsec v2, including implementations of the automatic generation of security associations of IKEv2, were developed. A method used to formalize the requirements for IPsec v2, a procedure for generating the test suite, and testing results for some available implementations are described. The results show that the verification method proposed in this paper effectively automates the testing of such complex protocols as security protocols.     

Experimental evaluation of a tool for the verification and transformation of source code in event-driven systems

In event-driven systems, separating the reactive part of software (i.e., event-driven control) from the non-reactive part is a common design practice. The reactive part is typically structured according to the states and transitions of a system, whereas the non-reactive part is typically structured according to the concepts of the application domain (e.g., the services provided by the system). In such systems, the non-reactive part of software stimulates the reactive part with event calls. Whenever the non-reactive part is modified (e.g., during evolution), the existing event calls may become invalid, new event calls may become necessary, and the two parts of software may become incompatible. Manually finding and repairing these types of defects is a time-consuming and error-prone maintenance task. In this article, we present a solution that combines source code model checking and aspect-oriented programming techniques, to reduce the time spent by developers and to automatically find defects, while performing the maintenance task mentioned above. In addition, we present controlled experiments showing that the solution can reduce the time by 75%, and enable the prevention of one defect per 140 lines of source code.