VDM at Large: Modelling the EMV® 2^nd 2 nd Generation Kernel

The EMV® (EMV® is a registered trademark or trademark of EMVCo, LLC in the US and other countries.) organisation specify payment protocols to facilitate worldwide interoperability of secure electronic payments. This paper is about the application and scalability of formal methods to a current and complex industry application. We describe the use of VDM to model EMV® \(2^{nd}\) Generation Kernel (A preliminary version of this paper was presented at the \(16^{th}\) Overture Workshop, Oxford July 2018, where papers became a Newcastle Technical Report.). VDM is useful for both formal specification, as well as simulation, test coverage, and proof obligation generation for functional correctness.

[1]  Martin Emms,et al.  A Methodology for Protocol Verification Applied to EMV® 1 , 2018, SBMF.

[2]  Jim Woodcock,et al.  Taking Our Own Medicine: Applying the Refinement Calculus to State-Rich Refinement Model Checking , 2006, ICFEM.

[3]  Cliff B. Jones,et al.  Systematic software development using VDM , 1986, Prentice Hall International Series in Computer Science.

[4]  Jim Woodcock,et al.  Mechanising Mondex with Z/Eves , 2007, Formal Aspects of Computing.

[5]  Steven J. Murdoch,et al.  Keep Your Enemies Close: Distance Bounding Against Smartcard Relay Attacks , 2007, USENIX Security Symposium.

[6]  Jeremy Dick,et al.  Automating the Generation and Sequencing of Test Cases from Model-Based Specifications , 1993, FME.

[7]  Budi Arief,et al.  Harvesting High Value Foreign Currency Transactions from EMV Contactless Credit Cards Without the PIN , 2014, CCS.

[8]  Budi Arief,et al.  Risks of Offline Verify PIN on Contactless Cards , 2013, Financial Cryptography.

[9]  Mike Bond,et al.  Chip and Skim: Cloning EMV Cards with the Pre-play Attack , 2012, 2014 IEEE Symposium on Security and Privacy.

[10]  Paolo Modesti,et al.  Efficient Java Code Generation of Security Protocols Specified in AnB/AnBx , 2014, STM.

[11]  Paolo Modesti AnBx: Automatic Generation and Verification of Security Protocols Implementations , 2015, FPS.

[12]  Nick Battle,et al.  Combinatorial Testing for VDM , 2010, 2010 8th IEEE International Conference on Software Engineering and Formal Methods.