Results 1 
8 of
8
Generalized discrete timed automata: decidable approximations for safety verification
 Theoretical Computer Science
"... Abstract. We consider generalized discrete timed automata with general linearrelations over clocks and parameterized constants as clock constraints and with parameterized durations. We look at three approximation techniques (i.e., the rresetbounded approximation, the Bbounded approximation, and t ..."
Abstract

Cited by 4 (4 self)
 Add to MetaCart
Abstract. We consider generalized discrete timed automata with general linearrelations over clocks and parameterized constants as clock constraints and with parameterized durations. We look at three approximation techniques (i.e., the rresetbounded approximation, the Bbounded approximation, and the hB; ricrossingbounded approximation), and derive automatatheoretic characterizations of the binary reachability under these approximations. The characterizations allow us to show that the safety analysis problem is decidable for generalized discrete timed automata with unit durations and for deterministic generalizeddiscrete timed automata with parameterized durations. An example specification written in ASTRAL is used to run a number of experiments using one of theapproximation techniques. 1 Introduction As a standard model for analyzing realtime systems, timed automata [3] have receivedenormous attention during the past decade. A timed automaton can be considered as a finite automaton augmented with a finite number of clocks. The clocks can be reset orprogress at the same rate, and can be tested against clock constraints in the form of clock regions (i.e., comparisons of a clock or the difference of two clocks against an integerconstant, e.g.,
Proof Assistance for RealTime Systems Using an Interactive Theorem Prover
 5th International AMAST Workshop on RealTime and Probabilistic Systems, LNCS
"... . This paper discusses the adaptation of the PVS theorem prover for performing analysis of realtime systems written in the ASTRAL formal specification language. A number of issues were encountered during the encoding of ASTRAL that are relevant to the encoding of many realtime specification la ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
. This paper discusses the adaptation of the PVS theorem prover for performing analysis of realtime systems written in the ASTRAL formal specification language. A number of issues were encountered during the encoding of ASTRAL that are relevant to the encoding of many realtime specification languages. These issues are presented as well as how they were handled in the ASTRAL encoding. A translator has been written that translates any ASTRAL specification into its corresponding PVS encoding. After performing the proofs of several systems using the encoding, PVS strategies have been developed to automate the proofs of certain types of properties. In addition, the encoding has been used as the basis for a transition sequence generator tool. 1 Introduction A realtime system is a system that must perform its actions within specified time bounds. With the advent of cheap processing power and increasingly sophisticated consumer demands, realtime systems have become commonplace ...
Formal Specification and Analysis of an eVoting System. In:
 The 5th International Conference on Availability Reliability and Security, IEEE
, 2010
"... AbstractElectronic voting systems are a perfect example of securitycritical computing. One of the critical and complex parts of such systems is the voting process, which is responsible for correctly and securely storing intentions and actions of the voters. Unfortunately, recent studies revealed ..."
Abstract

Cited by 3 (2 self)
 Add to MetaCart
(Show Context)
AbstractElectronic voting systems are a perfect example of securitycritical computing. One of the critical and complex parts of such systems is the voting process, which is responsible for correctly and securely storing intentions and actions of the voters. Unfortunately, recent studies revealed that various evoting systems show serious specification, design, and implementation flaws. The application of formal specification and verification can greatly help to better understand the system requirements of evoting systems by thoroughly specifying and analyzing the underlying assumptions and the security specific properties. This paper presents the specification and verification of the electronic voting process for the Election Systems & Software (ES&S) system. We used the ASTRAL language to specify the voting process of ES&S machines and the critical security requirements for the system. Proof obligations that verify that the specified system meets the critical requirements were automatically generated by the ASTRAL Software Development Environment (SDE). The PVS interactive theorem prover was then used to apply the appropriate proof strategies and discharge the proof obligations.
Decidable Approximations on Generalized and Parameterized Discrete Timed Automata
 COCOON'01, LNCS 2108
"... . We consider generalized discrete timed automata with general linear relations over clocks and parameterized constants as clock constraints and with parameterized durations. We look at three approximation techniques (i.e., the rresetbounded approximation, the Bbounded approximation, and the hB ..."
Abstract

Cited by 2 (2 self)
 Add to MetaCart
(Show Context)
. We consider generalized discrete timed automata with general linear relations over clocks and parameterized constants as clock constraints and with parameterized durations. We look at three approximation techniques (i.e., the rresetbounded approximation, the Bbounded approximation, and the hB; ricrossingbounded approximation), and derive automatatheoretic characterizations of the binary reachability under these approximations. The characterizations allow us to show that the safety analysis problem is decidable for generalized discrete timed automata with unit durations and for deterministic generalized discrete timed automata with parameterized durations. An example specification written in ASTRAL is used to run a number of experiments using one of the approximation techniques. 1
Formal analysis of attacks for evoting system
 In CRiSIS ’09: Fourth international
, 2009
"... AbstractRecently, the use of formal methods to specify and verify properties of electronic voting (evoting) systems, with particular interest in security, verifiability, and anonymity, is getting much attention. Formal specification and verification of such systems can greatly help to better unde ..."
Abstract

Cited by 2 (2 self)
 Add to MetaCart
(Show Context)
AbstractRecently, the use of formal methods to specify and verify properties of electronic voting (evoting) systems, with particular interest in security, verifiability, and anonymity, is getting much attention. Formal specification and verification of such systems can greatly help to better understand the system requirements by thoroughly specifying and analyzing the underlying assumptions and security specific properties. Unfortunately, even though these systems have been formally verified to satisfy the desired system security requirements, they are still vulnerable to attack. In this paper we extend a formal specification of the ES&S voting system by specifying attacks that have been shown to successfully compromise the system. We believe that performing such analysis is important for two reasons: first, it allows us to discover some missing critical requirements for the specification and/or assumptions that were not met. Second, it allows us to derive mitigation or countermeasure strategies when the system behaves differently than it should. We used the ASTRAL language for the specification, and the verification is performed using the PVS tool.
Parallel Refinement Mechanisms
"... Refinement is a fundamental design technique that has often challenged the "formal methods" community. In most cases, mathematical elegance and proof manageability have been chosen over flexibility and freedom, which are often needed in practice to deal with unexpected or critical situatio ..."
Abstract
 Add to MetaCart
Refinement is a fundamental design technique that has often challenged the "formal methods" community. In most cases, mathematical elegance and proof manageability have been chosen over flexibility and freedom, which are often needed in practice to deal with unexpected or critical situations. The issue of refinement becomes even more critical when dealing with realtime systems where time analysis is a crucial factor. In this case, the literature exhibits only a few, fairly limited proposals. In this paper, we propose general refinement mechanisms for realtime systems that allow several types of implementation strategies to be specified in a fairly natural way. Not surprisingly, generality has a price in terms of complexity. In our approach, however, this price is paid only when necessary. Furthermore, the proof system is amenable both for traditional handproofs, based on human ingenuity and only partially formalized, and for fully formalized, toolsupported proofs. The following is...
Parallel Refinement Mechanisms for RealTime Systems
 PROC. 3RD INT. CONF. ON FUNDAMENTAL APPROACHES TO SOFTWARE ENGINEERING
, 2000
"... Refinement is a fundamental design technique that has often challenged the "formal methods" community. In most cases, mathematical elegance and proof manageability have exhibited a deep tradeoff with the flexibility and freedom that are often needed in practice to deal with unexpected ..."
Abstract
 Add to MetaCart
(Show Context)
Refinement is a fundamental design technique that has often challenged the "formal methods" community. In most cases, mathematical elegance and proof manageability have exhibited a deep tradeoff with the flexibility and freedom that are often needed in practice to deal with unexpected or critical situations. The issue of refinement becomes even more critical when dealing with realtime systems where time analysis is a crucial factor. In this case, the literature exhibits only a few, fairly limited proposals. In this paper, we propose highly general refinement mechanisms for realtime systems that allow several types of implementation strategies to be specified in a fairly natural way. Not surprisingly, generality has a price in terms of complexity. In our approach, however, this price is paid only when necessary. Furthermore, the proof system is amenable both for traditional handproofs, based on human ingenuity and only partially formalized, and for fully formalized, t...
Classification Schemes to Aid in the Analysis of RealTime Systems
, 2000
"... This paper presents three sets of classification schemes for processes, properties, and transitions that can be used to assist in the analysis of realtime systems. These classification schemes are discussed in the context of ASTRAL, which is a formal specification language for realtime systems. Ei ..."
Abstract
 Add to MetaCart
This paper presents three sets of classification schemes for processes, properties, and transitions that can be used to assist in the analysis of realtime systems. These classification schemes are discussed in the context of ASTRAL, which is a formal specification language for realtime systems. Eight testbed systems were specified in ASTRAL, and their proofs were performed to determine proof patterns that occur most often. The specifications were then examined in an attempt to derive specific characteristics that could be used to statically identify each pattern within a specification. Once the classifications were obtained, they were then used to provide systematic guidance for analyzing realtime systems by directing the prover to the proof techniques most applicable to each proof pattern. This paper presents the set of classification schemes that were developed and discusses how they can be used to assist the proof process.