Verification of Mondex Electronic Purses with KIV: From a Security Protocol to Verified Code

Grandy, Holger; Bischof, Markus; Stenzel, Kurt H.; Schellhorn, Gerhard; Reif, Wolfgang

doi:10.1007/978-3-540-68237-0_13

Cited by 12 publications

(10 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…At first glance perhaps, the idea of high-level (i.e., abstract) models may appear to exclude the use of model execution, which, after all, requires sufficient detail to be specified to make it executable. However, modeling tools such as ObjecTime Developer, 21 developed in the early 1990s, demonstrated the feasibility and practicality of executing abstract and incomplete models. Such models typically have a minimum of their core behavior specified, only what is sufficient to make them partially executable.…”

Section: Ability To Execute Abstract (High-level) and Incomplete Modelsmentioning

confidence: 99%

“…In other words, what is needed is viewpoint-driven observability. Clearly, the technology needed to support 21 https://en.wikipedia.org/wiki/ObjecTime_Developer. this is going to be sophisticated-particularly in the online case-involving inverse transformations of runtime data into desired concern-specific formats.…”

Section: Enhanced Observability Of Executing Modelsmentioning

confidence: 99%

See 1 more Smart Citation

Execution of UML models: a systematic review of research and practice

Ciccozzi

Malavolta

Selić³

2018

Softw Syst Model

View full text Add to dashboard Cite

Several research efforts from different areas have focused on the execution of UML models, resulting in a diverse and complex scientific body of knowledge. With this work, we aim at identifying, classifying, and evaluating existing solutions for the execution of UML models. We conducted a systematic review in which we selected 63 research studies and 19 tools among over 5400 entries by applying a systematic search and selection process. We defined a classification framework for characterizing solutions for UML model execution, and we applied it to the 82 selected entries. Finally, we analyzed and discussed the obtained data. From the analyzed data, we drew the following conclusions: (i) There is a growing scientific interest on UML model execution; (ii) solutions providing translational execution clearly outnumber interpretive solutions; (iii) model-level debugging is supported in very few cases; (iv) only a few research studies provide evidence of industrial use, with very limited empirical evaluations; (v) the most common limitation deals with coverage of the UML language. Based on these observations, we discuss potential research challenges and implications for the future of UML model execution. Our results provide a concise overview of states of the art and practice for UML model execution intended for use by both researchers and practitioners.

show abstract

Section: Ability To Execute Abstract (High-level) and Incomplete Modelsmentioning

confidence: 99%

Section: Enhanced Observability Of Executing Modelsmentioning

confidence: 99%

Execution of UML models: a systematic review of research and practice

Ciccozzi

Malavolta

Selić³

2018

Softw Syst Model

View full text Add to dashboard Cite

show abstract

“…In summary, we think that the development of a verified flash file system will need a lot more effort than our previous contribution to the Grand Challenge with the Mondex case study ([12], [25], [24], [10]).…”

Section: Discussionmentioning

confidence: 95%

“…In KIV wp(α,ϕ) is written as |α| ϕ 10. We suppress standard parameters FS, RI and LOG in all predicates and procedure calls for better readability.…”

mentioning

confidence: 99%

Abstract Specification of the UBIFS File System for Flash Memory

Schierl

Schellhorn

Haneberg

et al. 2009

FM 2009: Formal Methods

Self Cite

View full text Add to dashboard Cite

Today we see an increasing demand for flash memory because it has certain advantages like resistance against kinetic shock. However, reliable data storage also requires a specialized file system knowing and handling the limitations of flash memory. This paper develops a formal, abstract model for the UBIFS flash file system, which has recently been included in the Linux kernel. We develop formal specifications for the core components of the file system: the inode-based file store, the flash index, its cached copy in the RAM and the journal to save the differences. Based on these data structures we give an abstract specification of the interface operations of UBIFS and prove some of the most important properties using the interactive verification system KIV.

show abstract

“…The fourth was absent in the original Mondex work: the Mondex concrete level assumes that suitable cryptography can be used to protect messages. Elsewhere [21], we have shown that suitable cryptography can indeed be added using another refinement, and that as an instance of a model-driven approach [22] the resulting ASM can be implemented using Java [23], so we do not repeat this here.…”

Section: Introductionmentioning

confidence: 99%

A Concept-Driven Construction of the Mondex Protocol Using Three Refinements

Schellhorn

Banach

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Abstract. The Mondex case study concerns the formal development and verification of an electronic purse protocol. Several groups have worked on its specification and mechanical verification, their solutions being (as were ours previously), either one big step or several steps motivated by the task's complexity. A new solution is presented that is structured into three refinements, motivated by the three concepts underlying Mondex: a message protocol to transfer money over a lossy medium, protection against replay attacks, and uniqueness of transfers using sequence numbers. We also give an improved proof technique based on our theoretical results on verifying interleaved systems.

show abstract

Verification of Mondex Electronic Purses with KIV: From a Security Protocol to Verified Code

Cited by 12 publications

References 20 publications

Execution of UML models: a systematic review of research and practice

Execution of UML models: a systematic review of research and practice

Abstract Specification of the UBIFS File System for Flash Memory

A Concept-Driven Construction of the Mondex Protocol Using Three Refinements

Contact Info

Product

Resources

About