Title :
Reactive system validation using automated reasoning over a fragment library
Author_Institution :
AT&T Labs. Res., Florham Park, NJ, USA
Abstract :
While a user might be able to confidently validate a generalized fragment by inspection, since calling an off-hook user should result in a busy signal (when the system only has one line per user), more complex behavior can be impractical to validate by inspection. This is particularly true when the fragment describes an intermediate protocol step, for example, because correctness is often stated in terms of all possible protocol outcomes. The paper illustrates this problem with a fragment describing a step in the CS-NC protocol used by the personal channel agent (PCA), the paper´s primary case study. An example correctness property proved in the paper is Property V: given two properly initialized PCAs, CS-NC correctly transmits the new channel from one to the other, and an eavesdropper´s action(s) will be detected by at least one of the PCAs, assuming (1) every protocol message sent is eventually received, and (2) only an eavesdropper can discover keys or channel identifiers (with significant probability)
Keywords :
formal specification; program testing; program verification; software libraries; software tools; CS-NC protocol; automated reasoning; channel identifiers; correctness; eavesdropper actions; fragment library; intermediate protocol step; keys; personal channel agent; protocol message; protocol outcomes; reactive system validation; Automatic control; Concrete; HTML; Inspection; Principal component analysis; Protocols; Software libraries; Switches; Telephony; World Wide Web;
Conference_Titel :
Automated Software Engineering, 1997. Proceedings., 12th IEEE International Conference
Conference_Location :
Incline Village, NV
Print_ISBN :
0-8186-7961-1
DOI :
10.1109/ASE.1997.632854
