Automating Invariant Verification of Behavioral Specifications

We describe a method of automating invariant verification of behavioral specifications, which are algebraic specifications of abstract machines. The proposed method is based on fixed-point computation, which is one of the standard techniques for automatic (invariant) verification. One notable feature of the proposed method is to find and use as lemmas state predicates whose invariant proofs may (even mutually) depend on other state predicates whose invariant proofs may not be completed. Creme is a tool based on the proposed method. We also report on a case study in which Creme proves fully automatically that the NSLPK authentication protocol satisfies the secrecy property

[1]  Zohar Manna,et al.  Temporal verification of reactive systems - safety , 1995 .

[2]  Kazuhiro Ogata,et al.  Formal Analysis of the iKP Electronic Payment Protocols , 2002, ISSS.

[3]  Narciso Martí-Oliet,et al.  Maude: specification and programming in rewriting logic , 2002, Theor. Comput. Sci..

[4]  Paul C. van Oorschot,et al.  Authentication and authenticated key exchanges , 1992, Des. Codes Cryptogr..

[5]  Hassen Saïdi,et al.  Verifying Invariants Using theorem Proving , 1996, CAV.

[6]  Gavin Lowe,et al.  Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR , 1996, Softw. Concepts Tools.

[7]  Zohar Manna,et al.  Temporal Verification of Reactive Systems , 1995, Springer New York.

[8]  Kazuhiro Ogata,et al.  Proof Scores in the OTS/CafeOBJ Method , 2003, FMOODS.

[9]  Owen Rees,et al.  Efficient and timely mutual authentication , 1987, OPSR.

[10]  Ashish Tiwari,et al.  A Technique for Invariant Generation , 2001, TACAS.

[11]  Razvan Diaconescu,et al.  Behavioural Coherence in Object-Oriented Algebraic Specification , 2000, J. Univers. Comput. Sci..

[12]  K. Ogata,et al.  Equational approach to formal verification of SET , 2004, Fourth International Conference onQuality Software, 2004. QSIC 2004. Proceedings..

[13]  Kazuhiro Ogata,et al.  Equational Approach to Formal Analysis of TLS , 2005, 25th IEEE International Conference on Distributed Computing Systems (ICDCS'05).

[14]  Jonathan K. Millen,et al.  Proving secrecy is easy enough , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[15]  Yassine Lakhnech,et al.  Automatic Generation of Invariants , 1999, Formal Methods Syst. Des..

[16]  Joseph A. Goguen,et al.  Behavioral verification of distributed concurrent systems with BOBJ , 2003, Third International Conference on Quality Software, 2003. Proceedings..