Survey of Network Protocol Verification Techniques
Veena Bharti2012
Sign up for access to the world's latest research
checkGet notified about relevant papers
checkSave papers to use in your research
checkJoin the discussion with peers
checkTrack your impact
Abstract
In the world of designing network protocols, verification is a crucial step to eliminate weaknesses and inaccuracies of effective network protocols. There are many models and tools to verify network protocols, including, Finite State Machines (FSM), Colored Petri Nets (CP-Nets), Temporal Logic, Predicate Logic, Estelle Specification, Path based Approach etc. This paper presents a survey of various techniques for verifying correctness properties of communications protocol
Related papers
Algorithms for automated protocol validation
1990
This paper studies the four basic types of algorithm that, over the last ten years, have been developed for the automated validation of the logical consistency of data communication protocols. The algorithms are compared on memory usage, CPU time requirements, and the quality, or coverage, of the search for errors.
Protocol specification and verification by using computational logic
Dagli oggetti agli agnti, …, 2005
The aim of this paper is to report on some preliminary results obtained in the context of the MASSIVE research project (http://www.di.unito.it/massive/) relating the formal specification and verification of protocols in some different application field. A protocol is a way to express the right behavior of entities involved in a (possibly complex and distributed) process. The formalism to be used for protocol description should be as intuitive as possible, but it should be also formally defined, in order to allow formal checks both on the features of the protocol itself (e.g. termination), and also on the execution of it. To this purpose, we will show some results obtained by exploiting the SOCS − SI logic-based framework for the specification and the verification of protocols in various applicative fields such as electronic commerce, medicine and elearning. We will also present a new graphical notation to express medical guidelines, which could be automatically translated into the SOCS formalism.
Experiments in Theorem Proving and Model Checking for Protocol Verification
1996
Communication protocols pose interesting and difficult challenges for verification technologies. The state spaces of interesting protocols are either infinite or too large for finite-state verification techniques like model checking and state exploration. Theorem proving is also not effective since the formal correctness proofs of these protocols can be long and complicated. We describe a series of protocol verification experiments culminating in a methodology where theorem proving is used to abstract out the sources of unboundedness in the protocol to yield a skeletal protocol that can be verified using model checking. Our experiments focus on the Philips bounded retransmission protocol originally studied by Groote and van de Pol and by Helmink, Sellink, and Vaandrager. First, a scaled-down version of the protocol is analyzed using the Murø state exploration tool as a debugging aid and then translated into the PVS specification language. The PVS verification of the generalized protocol illustrates the difficulty of using theorem proving to verify infinite-state protocols. Some of this difficulty can be overcome by extracting a finite-state abstraction of the protocol that preserves the property of interest while being amenable to model checking. We compare the performance of Murø, SMV, and the PVS model checkers on this reduced protocol.
Predicate abstraction in protocol verification
Proceedings of the 8th International Conference on Telecommunications, 2005. ConTEL 2005., 2005
This paper presents how predicate abstraction can be applied to protocol verification. Predicate abstraction is a method for automatic construction of abstract state graph. Basic idea is to use n predicates φ1, . . . , φn defined on concrete state space to generate abstract state graph. Model checking is a formal verification technique which has been successfully applied to protocol verification. But model checking can only be applied to finite state systems. Many interesting systems are infinite state or number of states is so large that verification becomes infeasible. Predicate abstraction can be applied in verification of infinite state systems (or large finite state systems). Abstract state graph created by predicate abstraction can be used for verification of safety properties using a model checker. We provide simple examples of protocol verification using predicate abstraction.
FORMAL VERIFICATION TECHNIQUES FOR COMPUTER COMMUNICATION SECURITY PROTOCOLS
Rapid development of networks and communications makes security a more and more crucial problem. To provide security for diierent systems, many communication security protocols are proposed. Such protocols must be proved correct before they can be used in practice. Formal veriication techniques are promising methods to verify protocols and have been receiving a lot of attention recently. In this paper, we survey several security protocols and formal veriication techniques to verify the protocols.
A Theory for Protocol Validation
IEEE Transactions on Computers, 2000
This paper introduces a simple algebra for the validation of communication protocols in message passing systems. The behavior of each process participating in a communication is first modeled in a finite state machine. The symbol sequences that can be accepted by these machines are then expressed in 'protocol expressions,' which are defined as regular expressions extended with two new operators: division and multiplication. The interactions of the machines can be analyzed by combining protocol expressions via multiplication and algebraically manipulating the terms. The method allows for an arbitrary number of processes to participate in an interaction. In many cases an analysis can be performed manually, in other cases the analysis can be automated. The method has been applied to a number of realistic protocols with up to seven interacting processes.
Formal Verification of WiMAX Protocol Using Petri Nets
2019
WiMAX technology is growing rapidly and has much social influence on people (user) which offers high-speed internet service and also ignores Wi-Fi interrupts, therefore, it is assumed that it has some security issues like the man in the middle attack, DoS attack, Rouge Base attack etc. In this era of technology the reliability enhancement is very important and demand for user satisfaction. Formal methods are the mathematical language and identify the possible errors of the system at the conceptual modeling phase. These attacks can be identified at the conceptual modeling phase and the developed system maybe attack free and error free. Petri nets is the graphical representing language of the system which is under development and it also covers all the functionalities of the system. Petri nets is mostly used by the researchers for formalization purposes. In this research, the Diagram of WiMAX protocol will be first analysed and then its equivalent Petri net model will be developed which will cover all the working of the system. Finally, the model will be verified by designing a reachability tree. This will make the WiMAX system formally verified and we can then say the WiMAX system is formally verified.
A new method of verification of security protocols
Cornell University - arXiv, 2017
In the paper we introduce a process model of security protocols, where processes are graphs with edges labelled by actions, and present a new method of specification and verification of security protocols based on this model.
A scalable tool for efficient protocol validation and testing
Computer Communications, 2003
Reliable protocols require early-stage validation and testing. Due to the state explosion problem in validation methods such as model checking [IEEE Trans. Software Engng 19 (1993) 24], sometimes it is not possible to test all the system states. We apply our state-of-the-art algorithm in computing the most critical states and branches to be tested. We prioritize this information to guide the validation of the protocol. We implemented this technology in a tool that visualizes the specifications of protocols with their testing priorities. Such a tool can also be used to identify faulted place in the protocol when some tests failed. It provides information such as where in the protocol is most likely to have bugs. Our tool provides many benefits, including (1) early detection and recovery of protocol faults, (2) visualization and simulation of the protocol specifications, (3) quantification of the reliability confidence of protocols, (4) making code generation directly from protocol specifications more possible, and (5) reduction of the number of introduced faults. This paper considers the case when the specification of the protocol is given in Specification and Description Language (International Telecommunication Union standard). Our technology is based on both the control flow and the data flow of the specifications. It first generates a control flow diagram from the specification and then automatically analyses the coverage features of the diagram. It collects the corresponding flow data during the simulation time to be mapped to the control flow diagram. The coverage information for the original specification is then obtained from the coverage information of the flow diagram.
A Methodology for Protocol Verification
2018
The EMVCoorganisation (i.e. MasterCard, Visa, etc.) protocols facilitate worldwide interoperability of secure electronic payments. Despite recent advances, it has proved difficult for academia to provide an acceptable solution to construction of secure applications within industry’s constraints. In this paper, we describe a methodology we have applied to EMV1. It involves domain specific languages and verification tools targeting different analysis of interest. We are currently collaborating with EMVCo on their upcoming EMV R ©2nd Generation (EMV2) specifications.
Modeling and verification of a real life protocol using symbolic model checking
Lecture Notes in Computer Science, 1994
A Protocol Specification Language with a High-Level Petri Net Semantics
IFIP WG10.3 Publications, 1993
This paper deals with two important aspects of communicat ion protocols namely specification and verification. We present a new variant of the Formal Description Techni que Estelle called SSL which has the semantics of a High-level Petri net model. Such a semantics enables to apply efficient proof methods in order to automatically verify communication prot ocol properties. SSL is mainly
A Formal Validation Model for the Netconf Protocol
Utility Computing, 2004
Netconf is a protocol proposed by the IETF that defines a set of operations for network configuration. One of the main issues of Netconf is to define operations such as validate and commit, which currently lack a clear description and an information model. We propose in this paper a model for validation based on XML schema trees. By using an existing logical formalism called TQL, we express important dependencies between parameters that appear in those information models, and automatically check these dependencies on sample XML trees in reasonable time. We illustrate our claim by showing different rules and an example of validation on a Virtual Private Network.
Verification of Signaling Protocols for Telecommunication Services in Intelligent Network
The paper deals with verification of signaling protocols for telecommunication services. The model of signaling protocol synthesis based on elementary communicating processes and information flows they exchange is proposed. Elementary communicating processes represent basic service building blocks and exchange information by using process protocols. Service protocol is produced as a composition of process protocols for elementary processes involved. Verification problems related to elementary process protocols and service consistency are discussed. Some examples describing verification of signaling protocols for intelligent network services are included.
Approaches to Formal Verification of Security Protocols
Arxiv preprint arXiv:1101.1815, 2011
Abstract In recent times, many protocols have been proposed to provide security for various information and communication systems. Such protocols must be tested for their functional correctness before they are used in practice. Application of formal methods for verification of security ...
Rule-based Verification of Network Protocol Implementations using Symbolic Execution
2011
Abstract The secure and correct implementation of network protocols for resource discovery, device configuration and network management is complex and error-prone. Protocol specifications contain ambiguities, leading to implementation flaws and security vulnerabilities in network daemons. Such problems are hard to detect because they are often triggered by complex sequences of packets that occur only after prolonged operation. The goal of this work is to find semantic bugs in network daemons.
Towards a Hybrid Verification Methodology for Communication Protocols (Short Paper)
Formal Techniques for Distributed Objects, Components, and Systems, 2020
We present our preliminary work towards a comprehensive solution for the hybrid (static + dynamic) verification of open distributed systems, using session types. We automate a solution for binary sessions where one endpoint is statically checked, and the other endpoint is dynamically checked by a monitor acting as an intermediary between typed and untyped components. We outline our theory, and illustrate a tool that automatically synthesises type-checked session monitors, based on the Scala language and its session programming library (lchannels).
Stateful Security Protocol Verification
A long-standing research problem in security protocol design is how to efficiently verify security protocols with tamper-resistant global states. In this paper, we address this problem by first proposing a protocol specification framework, which explicitly represents protocol execution states and state transformations. Secondly, we develop an algorithm for verifying security properties by utilizing the key ingredients of the firstorder reasoning for reachability analysis, while tracking state transformation and checking the validity of newly generated states. Our verification algorithm is proven to be (partially) correct, if it terminates. We have implemented the proposed framework and verification algorithms in a tool named SSPA, and evaluate it using a number of stateful security protocols. The experimental results show that our approach is not only feasible but also practically efficient. In particular, we have found a security flaw on the digital envelope protocol, which could not be detected by existing security protocol verifiers.
Verifying the progress properties of a heterogeneous protocol system in an internetworking environment
Computer Communications, 1995
The rapid proliferation of computer networks has resulted in numerous homogeneous and heterogeneous networks co-existing today. To achieve interoperability between them, internetworking through the use of gateways has become a priority. The basic problem in designing a heterogeneous internetwork is the mismatch between the internal architectures of the component networks, known as protocol mismatch. An immediate solution is the incorporation of a protocol conversion mechanism into the gateway, giving rise to a heterogeneous protocol system consisting of two incompatible peer processes communicating via a converter sited between them. Verification of this system is necessary to ensure the proper design of the converter and the progress properties of the heterogeneous protocol. Using a communicating finite state machine (CFSM) model, we have studied the dynamics of a general heterogeneous protocol system, and we present a formal procedure to perform a fast reachability analysis of the system for the purposes of its verification. Performing a reachability analysis of a heterogeneous protocol system is a new dimension in protocol converter design, and the verification algorithm presented in this paper-a remarkable improvement upon the conventional technique ~ employs the reduction approach of a state transition graph representation of the CFSMs involved, hence the name reduced reachability analysis.
Verification of Secure Network Protocols in Uncertain Environments
International Journal of Wireless Information Networks, 2006
Abstract In this paper, we present a method for protocol checking and verification using discrete event control. By protocol checking and verification, we mean verifying that a protocol is logically correct, that it does not cause deadlocks, and that it has been defined to respond to uncontrollable events that may occur in a system implementing it. Our approach differs from those previously suggested in two key ways. We extend the elementary theory of discrete event control to allow us to model more complicated protocols, including ...
Related topics
Loading Preview
Sorry, preview is currently unavailable. You can download the paper by clicking the button above.