FSMC+, a tool for the generation of Java code from statecharts

ProVotE is a two-phase project aiming at actuating art. 84 of law 2 -- 5/3/2003 of the Autonomous Province of Trento (Italy), which promotes the introduction of e-voting systems for the next provincial elections in Trentino (Nov. 2008). During the first phase of the ProVotE project we built jprovote, a Java/Linux e-voting system. The jprovote system has been used with experimental value by more than 11000 voters during local elections held in various municipalities of Trentino (Italy). A critical component of jprovote is its core logic, that is responsible of controlling the overall behavior of the e-voting machine during an election. In order to simplify its development and to allow for formal verification of this critical component we developed FSMC+. FSMC+ is a compiler that takes as input a subset of UML Statecharts and produces the corresponding Java and NuSMV code (NuSMV is a model checker developed at ITC-irst). Support for parameters in events, complex expressions in guards, and support to nested states are some of the distinguishing features of FSMC+. In this paper we present FSMC+ and we show how we used it for the development and the verification of the ProVotE e-voting machine. Even though FSMC+ has been specifically created to ease the development of jprovote, we believe the approach and the tool we developed to be general enough to be used in other applications.

[1]  David Chaum,et al.  Secret-ballot receipts: True voter-verifiable elections , 2004, IEEE Security & Privacy Magazine.

[2]  Volker Gruhn,et al.  Model-Driven Software Development , 2005 .

[3]  David Harel,et al.  Statecharts: A Visual Formalism for Complex Systems , 1987, Sci. Comput. Program..

[4]  John Paul Gibson,et al.  Electronic Voting: A Safety Critical System , 2003 .

[5]  Adolfo Villafiorita,et al.  Transitioning to Evoting: the Provote Project and the Trentino's Experience , 2006 .

[6]  Letizia Caporusso,et al.  Transition to Electronic Voting and Citizen Participation , 2006, Electronic Voting.

[7]  Edmund M. Clarke,et al.  Model Checking , 1999, Handbook of Automated Reasoning.

[8]  Jeannette M. Wing A specifier's introduction to formal methods , 1990, Computer.

[9]  Fausto Giunchiglia,et al.  NUSMV: a new symbolic model checker , 2000, International Journal on Software Tools for Technology Transfer.

[10]  Heather Goldsby,et al.  A visualization framework for the modeling and formal analysis of high assurance systems , 2006, MoDELS'06.

[11]  Stephan Merz,et al.  Model checking UML state machines and collaborations , 2001, Workshop on Software Model Checking @ CAV.

[12]  Alexander Prosser,et al.  Security Assets in E-Voting , 2004, Electronic Voting in Europe.

[13]  Rebecca T. Mercuri A better ballot box , 2002 .

[14]  es Manuel Barrio-Solórzano UML Automatic Verification Tool ( TABU ) , 2004 .

[15]  Edmund M. Clarke,et al.  Modular Translation of Statecharts to SMV , 2000 .

[16]  Peter van den Besselaar,et al.  Security as belief user's perceptions on the security of electronic voting systems , 2004 .

[17]  Dan S. Wallach,et al.  Analysis of an electronic voting system , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[18]  George S. Avrunin,et al.  Patterns in property specifications for finite-state verification , 1999, Proceedings of the 1999 International Conference on Software Engineering (IEEE Cat. No.99CB37002).

[19]  Bernard van Acker Remote e-Voting and Coercion: a Risk-Assessment Model and Solutions , 2004, Electronic Voting in Europe.