This paper presents an algorithmic procedure for checking logical correctness of communication protocols and discusses its application to the Q.931 Integrated Services Digital Network (ISDN) network layer protocol. A protocol is specified as a collection of communicating finite-state machines (FSMs). The procedure described here consists of two steps. In the first step, the FSMs in the protocol are composed into a global FSM using the incremental composition and reduction (ICR) method. This method minimizes the state explosion problem by reducing the number of states in the global FSM by approximately one to two orders of magnitude while maintaining its observational equivalence. The second step checks whether the behavior of the service FSM, an FSM that models the services expected from the protocol, is a subset of the global FSM's behavior. A software tool, called APROVE (A Protocol Verifier), implements this procedure. We present the formal specification of Q.931 as a collection of 14 communicating FSMs. The results of its verification using APROVE are also reported. Several cases of incompleteness in the English language specification of Q.931 were detected in this exercise.
[1]
Colin H. West.
An Automated Technique of Communications Protocol Validation
,
1978,
IEEE Trans. Commun..
[2]
A. Udaya Shankar,et al.
Protocol Verification via Projections
,
1984,
IEEE Transactions on Software Engineering.
[3]
C. A. R. Hoare,et al.
Communicating Sequential Processes (Reprint)
,
1983,
Commun. ACM.
[4]
Krishan K. Sabnani,et al.
An algorithmic procedure for checking safety properties of protocols
,
1989,
IEEE Trans. Commun..
[5]
Brent Hailpern,et al.
Modular Verification of Computer Communication Protocols
,
1983,
IEEE Trans. Commun..
[6]
Gregor von Bochmann,et al.
A Survey of Formal Methods
,
1982
.
[7]
Gerard J. Holzmann,et al.
On Limits and Possibilities of Automated Protocol Analysis
,
1987,
PSTV.
[8]
Krishan K. Sabnani.
An algorithmic technique for protocol verification
,
1988,
IEEE Trans. Commun..