Cones and foci: A mechanical framework for protocol verification

Fokkink, Wan; Pang, Jun; Pol, J.D. Van

doi:10.1007/s10703-006-0004-3

Cited by 16 publications

(7 citation statements)

References 42 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Yet, it seems worthwhile to also take inspiration from simulation and simulation distance approaches [1,29] in this matter. Another avenue that is worth exploring is to consider branching instead of weak bisimulation [28], not only because our notion of border states fits particularly well to that setting [12]. We conjecture that requiring the underlying weak bisimulations to be branching is enough to achieve the corresponding transitivity and compositional properties, as well as polynomial decision algorithms.…”

Section: Discussionmentioning

confidence: 91%

Cost Preserving Bisimulations for Probabilistic Automata

Turrini¹,

Hermanns²

2014

Logical Methods in Computer Science

View full text Add to dashboard Cite

Abstract. Probabilistic automata constitute a versatile and elegant model for concurrent probabilistic systems. They are equipped with a compositional theory supporting abstraction, enabled by weak probabilistic bisimulation serving as the reference notion for summarising the effect of abstraction.This paper considers probabilistic automata augmented with costs. It extends the notions of weak transitions in probabilistic automata in such a way that the costs incurred along a weak transition are captured. This gives rise to cost-preserving and cost-bounding variations of weak probabilistic bisimilarity, for which we establish compositionality properties with respect to parallel composition. Furthermore, polynomial-time decision algorithms are proposed, that can be effectively used to compute reward-bounding abstractions of Markov decision processes in a compositional manner.

show abstract

Section: Discussionmentioning

confidence: 91%

Cost Preserving Bisimulations for Probabilistic Automata

Turrini¹,

Hermanns²

2014

Logical Methods in Computer Science

View full text Add to dashboard Cite

show abstract

“…In the literature, a proof method for checking branching bisimilarity [19,20] is formalized in the theorem prover PVS. But this approach cannot be directly applied for security protocol analysis (see e.g., [34]) as it does not deal with message indistinguishability.…”

Section: Related Workmentioning

confidence: 99%

Formalizing provable anonymity in Isabelle/HOL

Pang

2015

Form. Asp. Comput.

Self Cite

View full text Add to dashboard Cite

We formalize in a theorem prover the notion of provable anonymity. Our formalization relies on inductive definitions of message distinguishing ability and observational equivalence on traces observed by the intruder. Our theory differs from its original proposal and essentially boils down to the inductive definition of distinguishing messages with respect to a knowledge set for the intruder. We build our theory in Isabelle/HOL to achieve a mechanical framework for the analysis of anonymity protocols. Its feasibility is illustrated through two case studies of the Crowds and Onion Routing protocols.

show abstract

“…We provided a sound and complete axiomatization for CNT terms with finite-state behaviors, modulo so-called rooted branching computed network bisimilarity. This axiomatization enables linearization of processes at the syntactic level to take advantage of symbolic verification [25,26], especially when the network is composed of similar nodes [27,28].…”

Section: Introductionmentioning

confidence: 99%

Reliable Restricted Process Theory

Ghassemi

Fokkink

2019

Self Cite

View full text Add to dashboard Cite

Malfunctions of a mobile ad hoc network (MANET) protocol caused by a conceptual mistake in the protocol design, rather than unreliable communication, can often be detected only by considering communication among the nodes in the network to be reliable. In Restricted Broadcast Process Theory, which was developed for the specification and verification of MANET protocols, the communication operator is lossy. Replacing unreliable with reliable communication invalidates existing results for this process theory. We examine the effects of this adaptation on the semantics of the framework with regard to the non-blocking property of communication in MANETs, the notion of behavioral equivalence relation and its axiomatization. We illustrate the applicability of our framework through a simple routing protocol. To prove its correctness, we introduce a novel proof process, based on a precongruence relation.Keywords: Mobile ad hoc network, restricted broadcast, process algebra, behavioral congruence, refinement.F. Ghassemi, W. Fokkink / Reliable Restricted Process TheoryThe set Loc is extended with the unknown address ? to represent the address of a node which is still not known or concealed from an external observer. For instance, the leader address of a node can be initialized to this value. Furthermore, to define the semantics of communicating nodes in terms of restrictions over the topology in a compositional way, the semantics of receive actions can be defined through an unknown sender, which will be replaced by a known address when the receive actions are composed with the corresponding send action at a specific node (see Section 4).A network constraint C is said to be well-formed if ∀ℓ, ℓ ′ ∈ Loc (ℓ ℓ ′ ∈ C ∨ ℓ ℓ ′ ∈ C). Let C v (Loc) denote the set of well-formed network constraints that can be defined over the network addresses in Loc. We define an ordering on network constraints. We say that C 1denotes the substitution of d 1 for d 2 in d; this can be extended to process terms. For instance, {B A} {? A} and {B A, B C} {B A}. Each well-formed network constraint C represents the set of network topologies that satisfy the (dis)connectivity pairs in C} extracts all one-hop (dis)connectivity information from γ. So the empty network constraint {} still denotes all possible topologies over Loc. The negation ¬ C of network constraint C is obtained by negating all its (dis)connectivity pairs. Clearly, if C is well-formed then so is ¬ C.Constrained labeled transition systems (CLTSs) provide a semantic model for the operational behavior of MANETs. Let Msg denote a set of messages communicated over a network and ranged over by m. Let Act be the network send and receive actions with signatures nsnd : Msg × Loc and nrcv : Msg, respectively. The send action nsnd (m, ℓ) denotes that the message m is transmitted from a node with the address ℓ, while the receive action nrcv (m) denotes that the message m is ready to be received. Let Act τ = Act ∪ {τ }, ranged over by η.Generally speaking, the transition s (C,η) − −−− → s ′ expresse...

show abstract

Cones and foci: A mechanical framework for protocol verification

Cited by 16 publications

References 42 publications

Cost Preserving Bisimulations for Probabilistic Automata

Cost Preserving Bisimulations for Probabilistic Automata

Formalizing provable anonymity in Isabelle/HOL

Reliable Restricted Process Theory

Contact Info

Product

Resources

About