“…Attempts to apply formal verification to security protocols using formal state-based development methods such as Z [6,16], B [9], VDM, and Ina Jo [15] are rare and have not analysed protocols with complex message formats susceptible to implementation-dependent attacks. We have already demonstrated the value of a Z based approach for formal verification of security protocols [16]. However, our abstract model did not cater for verification of implementation-dependent attacks such as type flaw attacks, which require messages to be interpreted in more than one way.…”