A Formal Analysis of the Mimblewimble Cryptocurrency Protocol

Mimblewimble (MW) is a privacy-oriented cryptocurrency technology that provides security and scalability properties that distinguish it from other protocols of its kind. We present and discuss those properties and outline the basis of a model-driven verification approach to address the certification of the correctness of the protocol implementations. In particular, we propose an idealized model that is key in the described verification process, and identify and precisely state [Review 2]sufficientthe conditions for our model to ensure the verification of the relevant security properties of MW. Since MW is built on top of a consensus protocol, we develop a Z specification of one such protocol and present an excerpt of the prototype after its Z specification. This prototype can be used as an executable model. [Review 3]where simulations can be run This allows us to analyze the behavior of the protocol without having to implement it in a low level programming language. Finally, we analyze the Grin and Beam implementations of MW in their current state of development.

Download Full-text

Modelling, verification, and formal analysis of security properties in a P2P system

2010 International Symposium on Collaborative Technologies and Systems ◽

10.1109/cts.2010.5478474 ◽

2010 ◽

Cited By ~ 9

Author(s):

Sam B. Sanjabi ◽

Franck Pommereau

Keyword(s):

Formal Analysis ◽

Security Properties ◽

P2p System

Download Full-text

Formal Analysis of Security Properties of Cyber-Physical System Based on Timed Automata

2017 IEEE Second International Conference on Data Science in Cyberspace (DSC) ◽

10.1109/dsc.2017.44 ◽

2017 ◽

Cited By ~ 1

Author(s):

Ting Wang ◽

Qi Su ◽

Tieming Chen

Keyword(s):

Physical System ◽

Timed Automata ◽

Formal Analysis ◽

Cyber Physical System ◽

Security Properties

Download Full-text

Industrial hardware and software verification with ACL2

Philosophical Transactions of The Royal Society A Mathematical Physical and Engineering Sciences ◽

10.1098/rsta.2015.0399 ◽

2017 ◽

Vol 375 (2104) ◽

pp. 20150399 ◽

Cited By ~ 13

Author(s):

Warren A. Hunt ◽

Matt Kaufmann ◽

J Strother Moore ◽

Anna Slobodova

Keyword(s):

Programming Language ◽

Software Verification ◽

Formal Analysis ◽

Shared Vision ◽

Theorem Prover ◽

Software Systems ◽

Levels Of Abstraction ◽

Quarter Century ◽

Industrial Use ◽

Technical Features

The ACL2 theorem prover has seen sustained industrial use since the mid-1990s. Companies that have used ACL2 regularly include AMD, Centaur Technology, IBM, Intel, Kestrel Institute, Motorola/Freescale, Oracle and Rockwell Collins. This paper introduces ACL2 and focuses on how and why ACL2 is used in industry. ACL2 is well-suited to its industrial application to numerous software and hardware systems, because it is an integrated programming/proof environment supporting a subset of the ANSI standard Common Lisp programming language. As a programming language ACL2 permits the coding of efficient and robust programs; as a prover ACL2 can be fully automatic but provides many features permitting domain-specific human-supplied guidance at various levels of abstraction. ACL2 specifications and models often serve as efficient execution engines for the modelled artefacts while permitting formal analysis and proof of properties. Crucially, ACL2 also provides support for the development and verification of other formal analysis tools. However, ACL2 did not find its way into industrial use merely because of its technical features. The core ACL2 user/development community has a shared vision of making mechanized verification routine when appropriate and has been committed to this vision for the quarter century since the Computational Logic, Inc., Verified Stack. The community has focused on demonstrating the viability of the tool by taking on industrial projects (often at the expense of not being able to publish much). This article is part of the themed issue ‘Verified trustworthy software systems’.

Download Full-text

The attitude of the population to the development of palliative care in our country

10.33920/med-03-2101-04 ◽

2021 ◽

pp. 52-58

Author(s):

E. E. Fokina

Keyword(s):

Palliative Care ◽

Medical Care ◽

Questionnaire Survey ◽

Public Awareness ◽

Terminal State ◽

Place Of Residence ◽

Low Level ◽

Current State

The article analyzes the respondents ‘attitude to the current state and development of palliative care in Russia. The study was carried out on the basis of a questionnaire survey. The author concludes that there is a low level of public awareness about the availability of palliative care and a low level of interest in this topic. At the same time, the majority of respondents consider it necessary to improve the provision of medical care to patients in a terminal state at the place of residence.

Download Full-text

Migrating JAVA to Mobile Platforms through HAXE

Modern Software Engineering Methodologies for Mobile and Cloud Environments - Advances in Systems Analysis, Software Engineering, and High Performance Computing ◽

10.4018/978-1-4666-9916-8.ch013 ◽

2016 ◽

pp. 240-268 ◽

Cited By ~ 6

Author(s):

Pablo Nicolás Díaz Bilotto ◽

Liliana Favre

Keyword(s):

Programming Language ◽

Mobile Applications ◽

Software Evolution ◽

Wide Spectrum ◽

The Other ◽

Model Transformations ◽

Mobile Platforms ◽

Model Driven ◽

Definition Of ◽

High Level

Software developers face several challenges in deploying mobile applications. One of them is the high cost and technical complexity of targeting development to a wide spectrum of platforms. The chapter proposes to combine techniques based on MDA (Model Driven Architecture) with the HaXe language. The outstanding ideas behind MDA are separating the specification of the system functionality from its implementation on specific platforms, managing the software evolution, increasing the degree of automation of model transformations, and achieving interoperability with multiple platforms. On the other hand, HaXe is a very modern high level programming language that allows us to generate mobile applications that target all major mobile platforms. The main contributions of this chapter are the definition of a HaXe metamodel, the specification of a model-to-model transformation between Java and HaXe and, the definition of an MDA migration process from Java to mobile platforms.

Download Full-text

Behavior-Driven Development Using Specification by Example

Advances in Systems Analysis, Software Engineering, and High Performance Computing - Emerging Innovations in Agile Software Development ◽

10.4018/978-1-4666-9858-1.ch013 ◽

2016 ◽

pp. 237-282

Author(s):

Praveen Ramachandra Menon

Keyword(s):

Software Development ◽

Programming Language ◽

English Language ◽

Effective Communication ◽

Project Managers ◽

Software Specification ◽

Technical Language ◽

Current State ◽

Crucial Problem ◽

The Right

This chapter highlights a crucial problem seen often in software development that is bridging the communication gap between business and technical language and that it can be addressed with “Behavior Driven Development” (BDD) methodology supplemented with “Specification By Example” approach of delivering the right software that matters. Effective communication has always been a challenge between clients, business stakeholders, project managers, developers, testers and business analysts because a “ubiquitous” language that every one can easily understand and use does not exist. Specification By Example serves as that ubiquitous language for all, helps build right software that matters through effective communication. Specifications are written in plain English language using the Gherkin syntax to describe various behaviors of software. BDD tools help write software specification using gherkin language and also create a living documentation that is automatically generated by programming language reflecting the current state of software at any given point of time.

Download Full-text

Secure Data Dissemination

Information Security and Ethics ◽

10.4018/978-1-59904-937-3.ch127 ◽

2008 ◽

pp. 1839-1864

Author(s):

Elisa Bertino ◽

Barbara Carminati ◽

Elena Ferrari

Keyword(s):

Digital Signature ◽

Data Exchange ◽

Data Dissemination ◽

Third Party ◽

New Paradigm ◽

Security Issues ◽

Security Properties ◽

Verification Process ◽

The Web ◽

User Queries

In this chapter, we present the main security issues related to the selective dissemination of information (SDI system). More precisely, after provided an overview of the work carried out in this field, we have focused on the security properties that a secure SDI system (SSDI system) must satisfy and on some of the strategies and mechanisms that can be used to ensure them. Indeed, since XML is the today emerging standard for data exchange over the Web, we have casted our attention on Secure and Selective XML data dissemination (SSXD). As a result, we have presented a SSXD system providing a comprehensive solution to XML documents. In the proposed chapter, we also consider innovative architecture for the data dissemination, by suggesting a SSXD system exploiting the third-party architecture, since this architecture is receiving growing attention as a new paradigm for data dissemination over the web. In a third-party architecture, there is a distinction between the Owner and the Publisher of information. The Owner is the producer of the information, whereas Publishers are responsible for managing (a portion of) the Owner information and for answering user queries. A relevant issue in this architecture is how the Owner can ensure a secure dissemination of its data, even if the data are managed by a third-party. Such scenario requires a redefinition of dissemination mechanisms developed for the traditional SSXD system. Indeed, the traditional techniques cannot be exploited in a third party scenario. For instance, let us consider the traditional digital signature techniques, used to ensure data integrity and authenticity. In a third party scenario, that is, a scenario where a third party may prune some of the nodes of the original document based on user queries, the traditional digital signature is not applicable, since its correctness is based on the requirement that the signing and verification process are performed on exactly the same bits.

Download Full-text

Formal Analysis for Network Security Properties on a Trace Semantics

2008 International Conference on Advanced Computer Theory and Engineering ◽

10.1109/icacte.2008.31 ◽

2008 ◽

Cited By ~ 2

Author(s):

Yun Jiang ◽

Xifa Liu

Keyword(s):

Network Security ◽

Formal Analysis ◽

Trace Semantics ◽

Security Properties

Download Full-text

Formal Analysis of SET and NSL Protocols Using the Interpretation Functions-Based Method

Journal of Computer Networks and Communications ◽

10.1155/2012/254942 ◽

2012 ◽

Vol 2012 ◽

pp. 1-18 ◽

Cited By ~ 6

Author(s):

Hanane Houmani ◽

Mohamed Mejri

Keyword(s):

Communication Channel ◽

Formal Analysis ◽

Sufficient Conditions ◽

Main Idea ◽

The Internet ◽

Cryptographic Protocol ◽

Cryptographic Primitives ◽

Algebraic Properties ◽

Security Properties ◽

Set Protocol

Most applications in the Internet such as e-banking and e-commerce use the SET and the NSL protocols to protect the communication channel between the client and the server. Then, it is crucial to ensure that these protocols respect some security properties such as confidentiality, authentication, and integrity. In this paper, we analyze the SET and the NSL protocols with respect to the confidentiality (secrecy) property. To perform this analysis, we use the interpretation functions-based method. The main idea behind the interpretation functions-based technique is to give sufficient conditions that allow to guarantee that a cryptographic protocol respects the secrecy property. The flexibility of the proposed conditions allows the verification of daily-life protocols such as SET and NSL. Also, this method could be used under different assumptions such as a variety of intruder abilities including algebraic properties of cryptographic primitives. The NSL protocol, for instance, is analyzed with and without the homomorphism property. We show also, using the SET protocol, the usefulness of this approach to correct weaknesses and problems discovered during the analysis.

Download Full-text

αCheck: A mechanized metatheory model checker

Theory and Practice of Logic Programming ◽

10.1017/s1471068417000035 ◽

2017 ◽

Vol 17 (3) ◽

pp. 311-352 ◽

Cited By ~ 2

Author(s):

JAMES CHENEY ◽

ALBERTO MOMIGLIANO

Keyword(s):

Programming Language ◽

Dual Problem ◽

State Of The Art ◽

Operational Semantics ◽

Type Systems ◽

Model Checker ◽

Formal Systems ◽

Current State ◽

Fully Automatic ◽

Nominal Logic

AbstractThe problem of mechanically formalizing and proving metatheoretic properties of programming language calculi, type systems, operational semantics, and related formal systems has received considerable attention recently. However, the dual problem of searching for errors in such formalizations has attracted comparatively little attention. In this article, we present αCheck, a bounded model checker for metatheoretic properties of formal systems specified using nominal logic. In contrast to the current state of the art for metatheory verification, our approach is fully automatic, does not require expertise in theorem proving on the part of the user, and produces counterexamples in the case that a flaw is detected. We present two implementations of this technique, one based onnegation-as-failureand one based onnegation elimination, along with experimental results showing that these techniques are fast enough to be used interactively to debug systems as they are developed.

Download Full-text