Verification of a sliding window protocol in
            <i>μ</i>
            CRL and PVS

Badban, Bahareh; Fokkink, Wan; Groote, Jan Friso; Pang, Jun; Pol, Jaco van de

doi:10.1007/s00165-005-0070-0

Cited by 29 publications

(20 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…For the window scaling to be non-trivial, we believe that the size of the window should be at least 2 2 with a scale factor of 2 1 . If a window size of 2 1 with a scale factor of 2 1 would be chosen, the size of the window is either two or zero, meaning that the sending instance can either send its entire window at once, or nothing at all.…”

Section: Resultsmentioning

confidence: 99%

See 1 more Smart Citation

Formal specification and verification of TCP extended with the Window Scale Option

Lockefeer

Williams

Fokkink

2016

Science of Computer Programming

Self Cite

View full text Add to dashboard Cite

The Transmission Control Protocol (TCP) aims to provide a reliable transport service between two parties that communicate over a possibly faulty network. The responsibilities of TCP can roughly be divided into two categories: connection management and data transmission. Connection management sets up the connections, manages the byte streams and their corresponding states and ensures that connections are closed in a safe manner. Data transmission involves the transfer of segments from the sender to the receiver.The specification of TCP is far from formal and very complex. The original protocol was only specified in natural language in RFC 793. As TCP was implemented on a large scale, several ambiguities and other issues surfaced. RFC 1122 clarified some of these ambiguities and proposed solutions for many issues. Moreover, the networks that TCP operates over have changed remarkably over the years, and have now reached a bandwidth and speed that had never been envisioned at the time that the protocol was originally defined. To ensure reliable and efficient operation of TCP over these modern networks, RFC 1323 proposes the Window Scale Option that enables the use of windows larger than 2 16 .For complex systems, formal specification and verification can be used to manage their complexity. The approach is twofold: first, the system is modelled using formal techniques that have mathematical underpinnings, to obtain a specification. To this specification, verification techniques are then applied to verify the correctness of the system.In this work, we give a formal specification of TCP extended with the Window Scale Option using the process algebra µCRL. Due to the complexity of the protocol, our specification focuses on the data transfer phase and connection teardown. From this specification, we obtain a model of unidirectional data transfer and show that its external behaviour is branching bisimilar to a FIFO Queue. In addition, we obtain a model for the connection teardown phase and prove several properties that represent its correctness.1

show abstract

Section: Resultsmentioning

confidence: 99%

“…In their specification, the communication media may only lose messages and have a capacity of one. This work was later extended [1] to consider the bidirectional case in which acknowledgements are piggybacked onto data that is sent in the other direction.…”

Section: Window Mediummentioning

confidence: 99%

Formal specification and verification of TCP extended with the Window Scale Option

Lockefeer

Williams

Fokkink

2016

Science of Computer Programming

Self Cite

View full text Add to dashboard Cite

show abstract

“…-SWP_m_n: the Sliding Window Protocol [1] on m data items, with window size n. This specifies a onedirectional version of the sliding window protocol. n subsequent data items can be sent and acknowledged in arbitrary order.…”

Section: Designmentioning

confidence: 99%

Multi-core symbolic bisimulation minimisation

Dijk

Pol

2017

Int J Softw Tools Technol Transfer

View full text Add to dashboard Cite

We introduce parallel symbolic algorithms for bisimulation minimisation, to combat the combinatorial state space explosion along three different paths. Bisimulation minimisation reduces a transition system to the smallest system with equivalent behaviour. We consider strong and branching bisimilarity for interactive Markov chains, which combine labelled transition systems and continuoustime Markov chains. Large state spaces can be represented concisely by symbolic techniques, based on binary decision diagrams. We present specialised BDD operations to compute the maximal bisimulation using signature-based partition refinement. We also study the symbolic representation of the quotient system and suggest an encoding based on representative states, rather than block numbers. Our implementation extends the parallel, shared memory, BDD library Sylvan, to obtain a significant speedup on multi-core machines. We propose the usage of partial signatures and of disjunctively partitioned transition relations, to increase the parallelisation opportunities. Also our new parallel data structure for block assignments increases scalability. We provide SigrefMC, a versatile tool that can be customised for bisimulation minimisation in various contexts. In particular, it supports models generated by the high-performance Work funded by the NWO Grant 612.001.101 (MaDriD) and by FWF, NFN Grant S11408-N23 (RiSE). model checker LTSmin, providing access to specifications in multiple formalisms, including process algebra. The extensive experimental evaluation is based on various benchmarks from the literature. We demonstrate a speedup up to 95× for computing the maximal bisimulation on one processor. In addition, we find parallel speedups on a 48-core machine of another 17× for partition refinement and 24× for quotient computation. Our new encoding of the reduced state space leads to smaller BDD representations, with up to a 5162-fold reduction.

show abstract

“…В одной из первых работ [9] о протоколе SWP содержится лишь неформальное доказательство корректности. Формализованная верификация протокола была да-на в [3] с использованием алгебры процессов, а доказательство корректности было автоматизировано с помощью PVS. Однако данное доказательство нельзя считать полным, так как оно использует несколько сложных результатов об алгебрах про-цессов, которые не были доказаны в PVS.…”

Section: заключениеunclassified

Deductive verification of the Sliding Window Protocol

Chkliaev

Nepomniaschy

2013

Aut. Control Comp. Sci.

View full text Add to dashboard Cite

получена 22 июля 2012Ключевые слова: коммуникационные протоколы, протокол скользящего окна, отказоустойчивость, формальная спецификация, автоматизированная верификация, интерактивное доказательство теорем, PVS Рассматривается известный протокол скользящего окна, который обеспе-чивает надёжную и эффективную передачу данных по ненадёжным каналам. Формальное доказательство корректности этого протокола требует преодоле-ния существенных трудностей, связанных с высокой степенью параллелизма, которая создаёт значительные возможности для ошибок. Здесь рассматрива-ется версия данного протокола, основанная на выборочном повторе кадров. На языке системы верификации PVS описаны спецификация этого протокола с помощью машины состояний и его свойство безопасности. С помощью си-стемы PVS проведено в интерактивном режиме доказательство этого свойства протокола скользящего окна. ВведениеОдним из известных протоколов для надёжной передачи данных по ненадёжным каналам является протокол скользящего окна (Sliding Window Protocol, SWP) [9,2]. На нём основаны практически важные коммуникационные протоколы, такие как TCP и HDLC.Корректность протокола SWP далеко не очевидна, потому что для него харак-терно тонкое взаимодействие нескольких распределённых компонент, а степень па-раллелизма в нём весьма высока. Поэтому были попытки верифицировать этот про-токол формально, представляя его на некотором языке спецификаций. Эти попытки верификации нередко были поддержаны методом проверки моделей или интерак-тивным доказательством теорем. Однако оказалось, что формальная верификация SWP является трудной задачей, и к настоящему времени ещё не достигнут кон-сенсус по поводу того, какие формальные модели и методы наиболее подходят для 57

show abstract

Verification of a sliding window protocol in μ CRL and PVS

Cited by 29 publications

References 7 publications

Formal specification and verification of TCP extended with the Window Scale Option

Formal specification and verification of TCP extended with the Window Scale Option

Multi-core symbolic bisimulation minimisation

Deductive verification of the Sliding Window Protocol

Contact Info

Product

Resources

About