Specifying and Verifying Hysteresis Signature System with HOL-Z

We report on a case-study in using the data-oriented modeling language Z to formalize a security architecture for administering digital signatures and its architectural security requirements. Within an embedding of Z in the higher-order logic Isabelle/HOL, we provide formal machine-checked proofs of the correctness of the architecture with respect to its requirements. A formalization and verification of the same architecture has been previously carried out using the process-oriented modeling language PROMELA and the SPIN model checker. We use this as a basis for comparing these two different approaches to formalization (infinite state with rich data types versus finite state) and verification (theorem proving versus model checking).

[1]  David Basin,et al.  The Boyer-Moore Prover and Nuprl: an experimental comparison , 1991 .

[2]  Lawrence Charles Paulson,et al.  Isabelle: A Generic Theorem Prover , 1994 .

[3]  Achim D. Brucker,et al.  A verification approach to applied system security , 2004, International Journal on Software Tools for Technology Transfer.

[4]  Gerard J. Holzmann,et al.  The Model Checker SPIN , 1997, IEEE Trans. Software Eng..

[5]  Jonathan Jacky The way of Z , 1996 .

[6]  Kunihiko Miyazaki,et al.  A Formal Analysis of a Digital Signature Architecture , 2003, IICIS.

[7]  J. Michael Spivey,et al.  The Z notation - a reference manual , 1992, Prentice Hall International Series in Computer Science.

[8]  Achim D. Brucker,et al.  A Proof Environment for Z-Specifications , 2003 .