Dependability Engineering in Isabelle

12/08/2021
by   Florian Kammüller, et al.
0

In this paper, we introduce a process of formal system development supported by interactive theorem proving in a dedicated Isabelle framework. This Isabelle Infrastructure framework implements specification and verification in a cyclic process supported by attack tree analysis closely inter-connected with formal refinement of the specification. The process is cyclic: in a repeated iteration the refinement adds more detail to the system specification. It is a known hard problem how to find the next refinement step: this problem is addressed by the attack based analysis using Kripke structures and CTL logic. We call this cyclic process the Refinement-Risk cycle (RR-cycle). It has been developed for security and privacy of IoT healthcare systems initially but is more generally applicable for safety as well, that is, dependability in general. In this paper, we present the extensions to the Isabelle Infrastructure framework implementing a formal notion of property preserving refinement interleaved with attack tree analysis for the RR-cycle. The process is illustrated on the specification development and privacy analysis of the mobile Corona-virus warning app.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
01/04/2020

A Formal Development Cycle for Security Engineering in Isabelle

In this paper, we show a security engineering process based on a formal ...
research
12/29/2021

Explanation by Automated Reasoning Using the Isabelle Infrastructure Framework

In this paper, we propose the use of interactive theorem proving for exp...
research
10/20/2018

Proceedings 18th Refinement Workshop

Refinement is one of the cornerstones of a formal approach to software e...
research
02/11/2021

Validation Obligations: A Novel Approach to Check Compliance between Requirements and their Formal Specification

Traditionally, practitioners use formal methods pre-dominately for one h...
research
03/17/2018

Attack Trees in Isabelle

In this paper, we present a proof theory for attack trees. Attack trees ...
research
03/27/2018

A Formal TLS Handshake Model in LNT

Testing of network services represents one of the biggest challenges in ...
research
01/23/2020

SAT-hard Cyclic Logic Obfuscation for Protecting the IP in the Manufacturing Supply Chain

State-of-the-art attacks against cyclic logic obfuscation use satisfiabi...

Please sign up or login with your details

Forgot password? Click here to reset