Verification experiments on the MASCARA protocol

In this paper, we describe a case study on the verification of a real industrial protocol for wireless ATM, called MASCARA. Several tools have been used: SDL has been chosen as the specification language and the commercial tool ObjectGEODE has been used for creating and maintaining SDL descriptions. The IF tool-set has been used for generation, minimization and comparison of system models and verification of expected properties. All specification and verification tools are connected via the IF language, which has been defined as an intermediate representation for timed asynchronous systems as well as an open validation environment. Due to the complexity of the protocol, static analysis techniques, such as live variable analysis and program slicing, were the key to the success of this case study. The results obtained give some hints concerning a methodology for the formal verification of real systems.

[1]  Marius Bozga,et al.  IF: A Validation Environment for Timed Asynchronous Systems , 2000, CAV.

[2]  Thierry Jéron,et al.  On-Line Model Checking for Finite Linear Temporal Logic Specifications , 1989, Automatic Verification Methods for Finite State Systems.

[3]  Wojciech Penczek,et al.  A partial order approach to branching time logic model checking , 1995, Proceedings Third Israel Symposium on the Theory of Computing and Systems.

[4]  Iulian Ober,et al.  Timed Extensions for SDL , 2001, SDL Forum.

[5]  Joseph Sifakis,et al.  Modeling Urgency in Timed Systems , 1997, COMPOS.

[6]  Kenneth L. McMillan,et al.  Symbolic model checking: an approach to the state explosion problem , 1992 .

[7]  Joseph Sifakis,et al.  Safety for Branching Time Semantics , 1991, ICALP.

[8]  Robert P. Kurshan,et al.  Computer-Aided Verification of Coordinating Processes: The Automata-Theoretic Approach , 2014 .

[9]  Robin Milner,et al.  A Calculus of Communicating Systems , 1980, Lecture Notes in Computer Science.

[10]  Thierry Jéron,et al.  Verification and test generation for the SSCOP protocol , 2000, Sci. Comput. Program..

[11]  A. EmersonE.,et al.  Utilizing symmetry when model-checking under fairness assumptions , 1997 .

[12]  David Harel,et al.  LSCs: Breathing Life into Message Sequence Charts , 1999, Formal Methods Syst. Des..

[13]  Dexter Kozen,et al.  Results on the Propositional µ-Calculus , 1982, ICALP.

[14]  Dragan Bosnacki,et al.  Model Checking SDL with Spin , 2000, TACAS.

[15]  Sergio Yovine,et al.  KRONOS: a verification tool for real-time systems , 1997, International Journal on Software Tools for Technology Transfer.

[16]  Tommaso Bolognesi,et al.  Tableau methods to describe strong bisimilarity on LOTOS processes involving pure interleaving and enabling , 1994, FORTE.

[17]  Raymond R. Devillers,et al.  Partial-order Methods for the Veriication of Concurrent Systems an Approach to the State-explosion Problem Th Ese Pr Esent Ee Par , 1995 .

[18]  Marius Bozga,et al.  IF: An Intermediate Representation and Validation Environment for Timed Asynchronous Systems , 1999, World Congress on Formal Methods.

[19]  Martin Peschke,et al.  Design and Validation of Computer Protocols , 2003 .

[20]  Thierry Jéron,et al.  An Experiment in Automatic Generation of Test Suites for Protocols with Verification Technology , 1997, Sci. Comput. Program..

[21]  Edmund M. Clarke,et al.  Symbolic Model Checking: 10^20 States and Beyond , 1990, Inf. Comput..

[22]  Gerard J. Holzmann Algorithms for automated protocol verification , 1990, AT&T Technical Journal.

[23]  Edmund M. Clarke,et al.  Model checking and abstraction , 1994, TOPL.

[24]  Bernhard Steffen,et al.  Compositional Minimization of Finite State Systems , 1990, CAV.

[25]  Laurent Mounier,et al.  "On the Fly" Verification of Behavioural Equivalences and Preorders , 1991, CAV.

[26]  Zohar Manna,et al.  The Temporal Logic of Reactive and Concurrent Systems , 1991, Springer New York.

[27]  J. Davenport Editor , 1960 .

[28]  A. Prasad Sistla,et al.  Utilizing Symmetry when Model Checking under Fairness Assumptions: An Automata-theoretic Approach , 1995, CAV.

[29]  Gerard J. Holzmann,et al.  Algorithms for Automated Protocol Validation , 1988 .

[30]  Kenneth L. McMillan,et al.  Symbolic model checking , 1992 .

[31]  Dexter Kozen,et al.  RESULTS ON THE PROPOSITIONAL’p-CALCULUS , 2001 .

[32]  Marius Bozga,et al.  Using Static Analysis to Improve Automatic Test Generation , 2000, TACAS.

[33]  Joseph Sifakis,et al.  IF: An intermediate representation for SDL and its applications , 1999, SDL Forum.

[34]  Alain Kerbrat,et al.  CADP - A Protocol Validation and Verification Toolbox , 1996, CAV.

[35]  Joseph Sifakis,et al.  Property preserving abstractions for the verification of concurrent systems , 1995, Formal Methods Syst. Des..

[36]  Patrice Godefroid,et al.  Partial-Order Methods for the Verification of Concurrent Systems , 1996, Lecture Notes in Computer Science.

[37]  Edmund M. Clarke,et al.  Model Checking , 1999, Handbook of Automated Reasoning.

[38]  Yassine Lakhnech,et al.  Computing Abstractions of Infinite State Systems Compositionally and Automatically , 1998, CAV.

[39]  Marius Bozga,et al.  Model-Checking Ariane-5 Flight Program , 2001 .

[40]  Itu-T Specification and Description Language (SDL) , 1999 .

[41]  Laurent Mounier,et al.  Compositional State Space Generation with Partial Order Reductions for Asynchronous Communicating Systems , 2000, TACAS.

[42]  Edmund M. Clarke,et al.  Design and Synthesis of Synchronization Skeletons Using Branching-Time Temporal Logic , 1981, Logic of Programs.