Paving the way for faster and more secure Internet transactions
A key area of computer science research is the automatic verification of large practical systems, and towards this goal, several different formal methods have been developed and applied. As such, model checking normally used in industry may automatically establish the correctness of finite-state systems, including descriptions of hardware and protocols. Nevertheless, most practical system descriptions involve large or infinite state spaces whose flaws may not be easily identified by finite-state verification methods. In this case, theorem proving constitutes an alternative solution; however, it requires a lot of manual effort from the user and sophisticated mathematics to employ. To address all these problems, an innovative protocol analysis tool for the automated verification of infinite state systems (AVISS) has been designed, implemented and tested. This push-button technology effectively combines three techniques namely the on-the-fly model checking using lazy data types, constrained theorem-proving and model checking via propositional satisfiability checking. Each of these emerging techniques is working independently while the system allows their systematic and quantitative comparison as well as their effective interaction. Moreover, the easy-of-use model checkers and the power of the theorem proving method are integrated in a fully automated way leading to a robust, flexible, reliable, fast and cost-effective system. Applying this breakthrough development to the Clark/Jakob library that includes 51 protocol verification problems, the AVISS tool has shown a better coverage and/or performance than potentially any other analysis tool. For instance, unlike most other tools, this novelty could detect various subtle attacks such as typing ambiguities. The AVISS tool may be used for validation of security-sensitive protocols in various fields including telecommunications, multimedia and other applications. Furthermore, it may significantly contribute to the acceleration of the next generation of network protocols development and to the standardisation and regulation processes in eCommerce, eGovernment, and other Internet applications. For more info, click: http://www.informatik.uni-freiburg.de/~softech/research/projects/aviss/(odnośnik otworzy się w nowym oknie)
