Interference Analysis for Dependable Systems Using Refinement and Abstraction

  • Claus Pahl
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2391)


A common requirement for modern distributed and reactive systems is a high dependability guaranteeing reliability and security. The rigorous analysis of dependable systems specifications is of paramount importance for the reliability and security of these systems. A two-layered modal specification notation will allow the specification of services and protocols for distributed dependable systems and their properties. Refinement and its dual — abstraction — will play the key roles in an integrated development and analysis framework. Refinement and abstraction form the basis for an interference analysis method for security properties and for automated test case generation.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    IETF PKIX Working Group. Internet X.509 Public Key Infrastructure, 2000.
  2. [2]
    C. Morgan. Programming from Specifications 2e. Addison-Wesley, 1994.Google Scholar
  3. [3]
    R.J.R. Back and J. von Wright. The Refinement Calculus: A Systematic Introduction. Springer-Verlag, 1998.Google Scholar
  4. [4]
    Dexter Kozen and Jerzy Tiuryn. Logics of programs. In J. van Leeuwen, editor, Handbook of Theoretical Computer Science, Vol. B, pages 789–840. Elsevier Science Publishers, 1990.Google Scholar
  5. [5]
    E.A. Emerson. Temporal and Modal Logic. In J. van Leeuwen, editor, Handbook of Theoretical Computer Science, Vol. B, pages 995–1072. Elsevier Science Publishers, 1990.Google Scholar
  6. [6]
    L. Lamport. The Temporal Logic of Actions. ACM Transactions on Programming Languages and Systems, 16(3):872–923, May 1994.Google Scholar
  7. [7]
    K.M. Chandy and J. Misra. Parallel Program Design. Addison-Wesley, 1988.Google Scholar
  8. [8]
    N.A. Durgin and J.C. Mitchell. Analysis of Security Protocols. In M. Broy and R. Steinbruggen, editors, Calculational System Design, pages 369–395. IOS Press, 1999.Google Scholar
  9. [9]
    G.T. Leavens and A.L. Baker. Enhancing the Pre-and Postcondition Technique for More Expressive Specifications. In R. France and B. Rumpe, editors, Proceedings 2nd Int. Conference UML’ 99-The Unified Modeling Language. Springer Verlag, LNCS 1723, 1999.Google Scholar
  10. [10]
    Bertrand Meyer. Applying Design by Contract. Computer, pages 40–51, October 1992.Google Scholar
  11. [11]
    J.B. Warmer and A.G. Kleppe. The Object Constraint Language-Precise Modeling With UML. Addison-Wesley, 1998.Google Scholar
  12. [12]
    M. Büchi and E. Sekerinski. Formal Methods for Component Software: The Refinement Calculus Perspective. In Proceedings 2nd International Workshop on Component-Oriented Programming WCOP’ 97. Turku Center for Computer Science, General Publication No.5-97, Turku University, Finland, 1997.Google Scholar
  13. [13]
    C. Pahl. Components, Contracts and Connectors for the Unified Modelling Language. In Proc. Symposium Formal Methods Europe 2001, Berlin, Germany. Springer-Verlag, LNCS-Series, 2001.Google Scholar
  14. [14]
    B. Mermet and D. Méry. Incremental Specification of Telecommunication Services. In M. Hinchey, editor, International Conference on Formal Engineering Methods ICFEM. IEEE Press, 1997.Google Scholar
  15. [15]
    J.-P. Gibson, G. Hamilton, and D. Méry. Integration Problems in Telephone Feature Requirements. In A. Galloway and K. Taguchi, editors, Proc. IFM’99 Integrated Formal Methods. Springer-Verlag, 1999.Google Scholar
  16. [16]
    R. Milner. Communicating and Mobile Systems: the π-Calculus. Cambridge University Press, 1999.Google Scholar
  17. [17]
    R.M. Needham and M.D. Schroeder. Using Encryption for Authentication in Large Networks of Computers. Communications of the ACM, 21(12):993–999, 1978.MATHCrossRefGoogle Scholar
  18. [18]
    W. Stallings. Cryptography and Network Security. Prentice Hall, 1999.Google Scholar
  19. [19]
    B.K. Aichernig. Test-case calculation through abstraction. In J.N. Oliveira and P. Zave, editors, Proc. FME’2001 Symposium Formal Methods Europe. Springer-Verlag, LNCS Series No. 2021, 2001.Google Scholar
  20. [20]
    M. Abadi and A. Gordon. A Calculus for Cryptographic Protocols: the spi Calculus. Information and Computation, 148:1–70, 1999.MATHCrossRefMathSciNetGoogle Scholar
  21. [21]
    L.C. Paulson. Proving Properties of Security Protocols by Induction. In 10th IEEE Computer Security Foundations Workshop, pages 70–83. 1997.Google Scholar
  22. [22]
    D. Dolev and A. Yao. On the Security of Public-key Protocols. IEEE Transactions on Information Theory, 29(2), 1983.Google Scholar
  23. [23]
    G. Lowe. An attack on the Needham-Schroeder public-key protocol. Information Processing Letters, 56:131–133, 1995.MATHCrossRefGoogle Scholar
  24. [24]
    R. Focardi, A. Ghelli, and R. Gorrieri. Using non interference for the analysis of security protocols. In H. Orman and C. Meadows, editors, DIMACS Workshop on Design and Formal Verification of Security Protocols. DIMACS, Rutgers University, 1997.
  25. [25]
    M. Butler. On the Use of Data Refinement in the Development of Secure Communications Systems. Technical Report DSSE-TR-2001-1, University of Southampton Declarative Systems and Software Engineering, 2001.Google Scholar
  26. [26]
    I. Zakiuddin, J. Woodcock, M. Goldsmith, and J. Hulance. Formal Verification for Survivable Key Management Systems. In Proc. IEEE Information Survivability Workshop., 2000.
  27. [27]
    J. Peleska. Test automation for safety-critical systems: Industrial applications and future developments. In M.-C. Gaudel and J. Woodcock, editors, Proc. FME’96 Symposium Formal Methods Europe. Springer-Verlag, LNCS Series, 1996.Google Scholar
  28. [28]
    R. Back, A. Mikhajlova, and J. von Wright. Reasoning about interactive systems. In J.M. Wing, J. Woodcock, and J. Davies, editors, Proc. FME’99 Symposium Formal Methods Europe. Springer-Verlag, LNCS Series No. 1709, 1999.Google Scholar
  29. [29]
    J. Derrick and E. Boiten. Testing Refinements of State-based Formal Specifications. Software Testing, Verification and Reliability, 9:27–50, 1999.CrossRefGoogle Scholar
  30. [30]
    C. Pahl. Analysing Security Properties using Refinement. In Proc. International Workshop on Refinement of Critical Systems RCS’02, 2002. (to appear).Google Scholar
  31. [31]
    D. Kozen. Results on the propositional mu-calculus. Theoretical Computer Science, 27:333–354, 1983.MATHCrossRefMathSciNetGoogle Scholar
  32. [32]
    M. Müller-Olm, D. Schmidt, and B. Steffen. Model Checking-a Tutorial Introduction. In Proc. 6th Static Analysis Symposium. Springer-Verlag, LNCS 1694, 1999.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • Claus Pahl
    • 1
  1. 1.School of Computer ApplicationsDublin City UniversityDublin 9Ireland

Personalised recommendations