• DocumentCode
    3143853
  • Title

    Retrenching the Purse: Hashing Injective CLEAR Codes, and Security Properties

  • Author

    Banach, Richard ; Poppleton, Michael ; Jeske, Czeslaw ; Stepney, Susan

  • Author_Institution
    Univ. of Manchester, Manchester
  • fYear
    2006
  • fDate
    15-19 Nov. 2006
  • Firstpage
    82
  • Lastpage
    90
  • Abstract
    The Mondex Electronic Purse is an outstanding example of industrial scale formal refinement, and was the first verification to achieve ITSEC level E6 certification. A formal abstract model and a formal concrete model were developed, and a formal refinement was hand-proved between them. Nevertheless, certain requirements issues were set beyond the scope of the formal development, or handled in an unnatural manner. The retrenchment tower pattern is used to address one such issue in detail: the use of a hash function rather than a total injective function when clearing the highly constrained purse logs. A retrenchment is constructed from the lowest level model to a model using a hash, and is then lifted to create two refinement developments, working at different levels of detail, and connected via retrenchments. The tower development is appropriately validated, vindicating the design used.
  • Keywords
    codes; cryptography; electronic money; file organisation; formal verification; ITSEC level E6 certification; Mondex Electronic Purse; formal abstract model; formal concrete model; formal refinement; hash function; industrial scale formal refinement; injective CLEAR codes; purse retrenching; retrenchment tower pattern; security properties; Application software; Computer industry; Computer science; Computer security; Concrete; Electronics industry; Industrial electronics; Poles and towers; Refining; Robustness;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Leveraging Applications of Formal Methods, Verification and Validation, 2006. ISoLA 2006. Second International Symposium on
  • Conference_Location
    Paphos
  • Print_ISBN
    978-0-7695-3071-0
  • Type

    conf

  • DOI
    10.1109/ISoLA.2006.17
  • Filename
    4463698