Combining Model Learning and Model Checking to Analyze TCP Implementations

We combine model learning and model checking in a challenging case study involving Linux, Windows and FreeBSD implementations of TCP. We use model learning to infer models of different software components and then apply model checking to fully explore what may happen when these components (e.g. a Linux client and a Windows server) interact. Our analysis reveals several instances in which TCP implementations do not conform to their RFC specifications.

[1]  Tiziana Margaria,et al.  LearnLib: a framework for extrapolating behavioral models , 2009, International Journal on Software Tools for Technology Transfer.

[2]  Karl Meinke,et al.  Incremental Learning-Based Testing for Reactive Systems , 2011, TAP@TOOLS.

[3]  Nicolae Goga,et al.  Founding FireWire bridges through Promela prototyping , 2003, Proceedings International Parallel and Distributed Processing Symposium.

[4]  Joseph Sifakis,et al.  Property preserving abstractions for the verification of concurrent systems , 1995, Formal Methods Syst. Des..

[5]  William C. Fenner,et al.  Known TCP Implementation Problems , 1999, RFC.

[6]  Christel Baier,et al.  Principles of model checking , 2008 .

[7]  David Lee,et al.  Principles and methods of testing finite state machines-a survey , 1996, Proc. IEEE.

[8]  Alastair F. Donaldson,et al.  Software Model Checking , 2014, Computing Handbook, 3rd ed..

[9]  Ramon Janssen,et al.  Learning Fragments of the TCP Network Protocol , 2014, FMICS.

[10]  Fides Aarts,et al.  Tomte : bridging the gap between active learning and real-world systems , 2014 .

[11]  Gerard J. Holzmann,et al.  The SPIN Model Checker - primer and reference manual , 2003 .

[12]  Dana Angluin,et al.  Learning Regular Sets from Queries and Counterexamples , 1987, Inf. Comput..

[13]  Helmut Veith,et al.  Counterexample-guided abstraction refinement for symbolic model checking , 2003, JACM.

[14]  Hendrik Brinksma,et al.  On Verification Modelling of Embedded Systems , 2004 .

[15]  Sofia Cassel Learning Component Behavior from Tests : Theory and Algorithms for Automata with Data , 2015 .

[16]  Joeri de Ruiter,et al.  Protocol State Fuzzing of TLS Implementations , 2015, USENIX Security Symposium.

[17]  Robert T. Braden,et al.  Requirements for Internet Hosts - Communication Layers , 1989, RFC.

[18]  Glenn Bruns,et al.  Applying Formal Methods to a Protocol Standard and its Implementations , 1998, PDSE.

[19]  Bogdan M. Wilamowski,et al.  The Transmission Control Protocol , 2005, The Industrial Information Technology Handbook.

[20]  Jan Tretmans,et al.  Active Learning of Nondeterministic Systems from an ioco Perspective , 2014, ISoLA.

[21]  Malte Isberner,et al.  Foundations of active automata learning: an algorithmic perspective , 2015 .

[22]  Mihalis Yannakakis,et al.  Black Box Checking , 1999, FORTE.

[23]  Jasper Berendsen,et al.  Formal Specification and Analysis of Zeroconf using Uppaal , 2007 .

[24]  Dawson R. Engler,et al.  Proceedings of the 5th Symposium on Operating Systems Design and Implementation Cmc: a Pragmatic Approach to Model Checking Real Code , 2022 .

[25]  Wan Fokkink,et al.  Formal specification and verification of TCP extended with the Window Scale Option , 2014, Sci. Comput. Program..

[26]  Frits W. Vaandrager,et al.  Learning I/O Automata , 2010, CONCUR.

[27]  Joeri de Ruiter,et al.  Automated Reverse Engineering using Lego® , 2014, WOOT.

[28]  James C. King,et al.  Symbolic execution and program testing , 1976, CACM.

[29]  Frits W. Vaandrager,et al.  Learning Register Automata with Fresh Value Generation , 2015, ICTAC.

[30]  Stephan Merz,et al.  Model Checking , 2000 .

[31]  Frits W. Vaandrager,et al.  Applying Automata Learning to Embedded Control Software , 2015, ICFEM.

[32]  Bengt Jonsson,et al.  Learning of event-recording automata , 2010, Theor. Comput. Sci..

[33]  Sicco Verwer Efficient Identification of Timed Automata: Theory and practice , 2010 .

[34]  Mariëlle Stoelinga Fun with FireWire: A Comparative Study of Formal Verification Methods Applied to the IEEE 1394 Root Contention Protocol , 2003, Formal Aspects of Computing.

[35]  Dawson R. Engler,et al.  Model Checking Large Network Protocol Implementations , 2004, NSDI.

[36]  Orna Grumberg,et al.  Model checking and modular verification , 1994, TOPL.

[37]  Bernhard Steffen,et al.  Introduction to Active Automata Learning from a Practical Perspective , 2011, SFM.

[38]  Marco Pistore,et al.  NuSMV 2: An OpenSource Tool for Symbolic Model Checking , 2002, CAV.

[39]  W. Marsden I and J , 2012 .

[40]  Bengt Jonsson,et al.  Generating models of infinite-state communication protocols using regular inference with abstraction , 2015, Formal Methods Syst. Des..