scholarly journals E-ACSL, a Runtime Verification Tool for Safety and Security of C Programs (tool paper)

10.29007/fpdh ◽  
2018 ◽  
Author(s):  
Julien Signoles ◽  
Nikolai Kosmatov ◽  
Kostyantyn Vorobyov
Keyword(s):  
Formal Specification ◽  
Runtime Verification ◽  
Specification Language ◽  
Formal Specifications ◽  
C Programs ◽  
Verification Tool ◽  
Security Properties ◽  
C Program ◽  
Formal Properties ◽  
Formal Specification Language

This tool paper presents E-ACSL, a runtime verification tool for C programs capable of checking a broad range of safety and security properties expressed using a formal specification language. E-ACSL consumes a C program annotated with formal specifications and generates a new C program that behaves similarly to the original if the formal properties are satisfied, or aborts its execution whenever a property does not hold. This paper presents an overview of E-ACSL and its specification language.

Formal Modeling and Verification of Security Property in Handel C Program

2012 ◽  
Vol 3 (3) ◽  
pp. 50-65
Author(s):  
Yujian Fu ◽  
Jeffery Kulick ◽  
Lok K. Yan ◽  
Steven Drager
Keyword(s):  
Model Checking ◽  
Petri Nets ◽  
Formal Specification ◽  
Critical Systems ◽  
Formal Approach ◽  
C Programs ◽  
Translation Rule ◽  
Security Properties ◽  
C Program ◽  
Security Property

Multi-million gate system-on-chip (SoC) designs easily fit into today’s Field Programmable Gate Arrays (FPGAs). As FPGAs become more common in safety-critical and mission-critical systems, researchers and designers require information flow guarantees for the FPGAs. Tools for designing a secure system of chips (SOCs) using FPGAs and new techniques to manage and analyze the security properties precisely are desirable. In this work we propose a formal approach to model, analyze and verify a typical set of security properties – noninterference – of Handel C programs using Petri Nets and model checking. This paper presents a method to model Handel C programs using Predicate Transition Nets, a type of Petri Net, and define security properties on the model, plus a verification approach where security properties are checked. Three steps are used. First, a formal specification on the Handel C description using Petri Nets is extracted. Second, the dynamic noninterference properties with respect to the Handel C program statements are defined on the model. To assist in verification, a translation rule from the Petri Nets specification to the Maude programming language is also defined. Thus, the formal specification can be verified against the system properties using model checking. A case study of the pipeline multiplier is discussed to illustrate the concept and validate the approach.

Extending Linear Temporal Logic with Clocks to Object-Z

2014 ◽  
Vol 513-517 ◽  
pp. 927-930
Author(s):  
Zhi Cheng Wen ◽  
Zhi Gang Chen
Keyword(s):  
Real Time ◽  
Temporal Logic ◽  
Formal Specification ◽  
Large Scale ◽  
Linear Temporal Logic ◽  
Specification Language ◽  
Continuous Variables ◽  
Real Time System ◽  
Software Specification ◽  
Formal Specification Language

Object-Z, an extension to formal specification language Z, is good for describing large scale Object-Oriented software specification. While Object-Z has found application in a number of areas, its utility is limited by its inability to specify continuous variables and real-time constraints. Linear temporal logic can describe real-time system, but it can not deal with time variables well and also can not describe formal specification modularly. This paper extends linear temporal logic with clocks (LTLC) and presents an approach to adding linear temporal logic with clocks to Object-Z. Extended Object-Z with LTLC, a modular formal specification language, is a minimum extension of the syntax and semantics of Object-Z. The main advantage of this extension lies in that it is convenient to describe and verify the complex real-time software specification.

Caste-Centric Development of Agent-Oriented Information Systems

2007 ◽  
pp. 692-707 ◽  
Author(s):  
L. Shan ◽  
R. Shen ◽  
J. Wang
Keyword(s):  
Information Systems ◽  
Formal Specification ◽  
Process Model ◽  
Formal Specifications ◽  
Multi Agent Systems ◽  
Collaborative Development ◽  
Analysis And Design ◽  
Agent Systems ◽  
Multi Agent ◽  
Formal Specification Language

Based on the meta-model of information systems presented in Zhu (2006), this chapter presents a caste-centric agent-oriented methodology for evolutionary and collaborative development of information systems. It consists of a process model called growth model, and a set of agent-oriented languages and software tools that support various development activities in the process. At the requirements analysis phase, a modelling language and environment called CAMLE supports the analysis and design of information systems. The semi-formal models in CAMLE can be automatically transformed into formal specifications in SLABS, which is a formal specification language designed for formal engineering of multi-agent systems. At implementation, agent-oriented information systems are implemented directly in an agent-oriented programming language called SLABSp. The features of agent-oriented information systems in general and our methodology in particular are illustrated by an example throughout the chapter.

Sign in / Sign up

Export Citation Format

Share Document