Automated Formal Verification of Application-specific Security Properties

  • Piergiuseppe Bettassa Copet
  • Riccardo Sisto
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8364)


In the past, formal verification of security properties of distributed applications has been mostly targeted to security protocols and generic security properties, like confidentiality and authenticity.

At ESSOS 2010, Moebius et. al. presented an approach for developing Java applications with formally verified application-specific security properties. That method, however, is based on an interactive theorem prover, which is not automatic and requires considerable expertise. This paper shows that a similar result can be achieved in a fully automated way, using a different model-driven approach and state-of-the-art automated verification tools. The proposed method splits the verification problem into two independent sub-problems using compositional verification techniques and exploits one tool for analyzing the security protocol under active attackers and another tool for verifying the application logic. The same case study that was verified in the previous work is used here in order to show how the new approach works.


Model Checker Smart Card Security Protocol Security Property Application Logic 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Patel, R., Borisaniya, B., Patel, A., Patel, D., Rajarajan, M., Zisman, A.: Comparative analysis of formal model checking tools for security protocol verification. In: Meghanathan, N., Boumerdassi, S., Chaki, N., Nagamalai, D. (eds.) CNSA 2010. CCIS, vol. 89, pp. 152–163. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  2. 2.
    Visser, W., Havelund, K., Brat, G., Park, S., Lerda, F.: Model checking programs. Automated Software Engg. 10(2), 203–232 (2003)CrossRefGoogle Scholar
  3. 3.
    Moebius, N., Stenzel, K., Reif, W.: Formal verification of application-specific security properties in a model-driven approach. In: Massacci, F., Wallach, D., Zannone, N. (eds.) ESSoS 2010. LNCS, vol. 5965, pp. 166–181. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  4. 4.
    Blanchet, B.: An Efficient Cryptographic Protocol Verifier Based on Prolog Rules. In: 14th IEEE workshop on Computer Security Foundations, p. 82 (2001)Google Scholar
  5. 5.
    Avalle, M., Pironti, A., Sisto, R., Pozza, D.: The Java SPI framework for security protocol implementation. In: Sixth International Conference on Availability, Reliability and Security (ARES), pp. 746–751 (2011)Google Scholar
  6. 6.
    Avalle, M., Pironti, A., Sisto, R.: Formal verification of security protocol implementations: a survey. In: Formal Aspects of Computing (to appear)Google Scholar
  7. 7.
    Bella, G., Massacci, F., Paulson, L.C.: Verifying the SET purchase protocols. J. Autom. Reason. 36(1-2), 5–37 (2006)CrossRefMATHGoogle Scholar
  8. 8.
    Nipkow, T., Paulson, L.C., Wenzel, M.T.: Isabelle/HOL. LNCS, vol. 2283. Springer, Heidelberg (2002)CrossRefMATHGoogle Scholar
  9. 9.
    Borek, M., Moebius, N., Stenzel, K., Reif, W.: Model-driven development of secure service applications. In: Proceedings of the 35th Annual IEEE Software Engineering Workshop (SEW), pp. 62–71. IEEE (2012)Google Scholar
  10. 10.
    Borek, M., Moebius, N., Stenzel, K., Reif, W.: Model checking of security-critical applications in a model-driven approach. In: Hierons, R.M., Merayo, M.G., Bravetti, M. (eds.) SEFM 2013. LNCS, vol. 8137, pp. 76–90. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  11. 11.
    Armando, A., et al.: The AVANTSSAR platform for the automated validation of trust and security of service-oriented architectures. In: Flanagan, C., König, B. (eds.) TACAS 2012. LNCS, vol. 7214, pp. 267–282. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  12. 12.
    Jürjens, J.: Developing high-assurance secure systems with UML: a smartcard-based purchase protocol. In: 8th IEEE International Conference on High Assurance Systems Engineering, pp. 231–240 (2004)Google Scholar
  13. 13.
    Gunawan, L.A., Kraemer, F.A., Herrmann, P.: A tool-supported method for the design and implementation of secure distributed applications. In: Erlingsson, Ú., Wieringa, R., Zannone, N. (eds.) ESSoS 2011. LNCS, vol. 6542, pp. 142–155. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  14. 14.
    Gunawan, L.A., Herrmann, P.: Compositional verification of application-level security properties. In: Jürjens, J., Livshits, B., Scandariato, R. (eds.) ESSoS 2013. LNCS, vol. 7781, pp. 75–90. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  15. 15.
    Dolev, D., Yao, A.C.C.: On the security of public key protocols. IEEE Transactions on Information Theory 29(2), 198–207 (1983)CrossRefMATHMathSciNetGoogle Scholar
  16. 16.
    Pozza, D., Sisto, R., Durante, L.: Spi2Java: automatic cryptographic protocol Java code generation from spi calculus. In: 18th International Conference on Advanced Information Networking and Applications, 2004, vol. 1, pp. 400–405 (2004)Google Scholar
  17. 17.
    Pironti, A., Sisto, R.: Provably correct Java implementations of Spi Calculus security protocols specifications. Computers & Security 29, 302–314 (2010)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Piergiuseppe Bettassa Copet
    • 1
  • Riccardo Sisto
    • 1
  1. 1.Dipartimento di Automatica e InformaticaPolitecnico di TorinoItaly

Personalised recommendations