skip to main content
research-article

Formal specification and analysis of zeroconf using uppaalS

Published:05 May 2011Publication History
Skip Abstract Section

Abstract

The model checker Uppaal is used to formally model and analyze parts of Zeroconf, a protocol for dynamic configuration of IPv4 link-local addresses that has been defined in RFC 3927 of the IETF. Our goal has been to construct a model that (a) is easy to understand by engineers, (b) comes as close as possible to the informal text (for each transition in the model there should be a corresponding piece of text in the RFC), and (c) may serve as a basis for formal verification. Our modeling efforts revealed several errors (or at least ambiguities) in the RFC that no one else spotted before. We present two proofs of the mutual exclusion property for Zeroconf (for an arbitrary number of hosts and IP addresses): a manual, operational proof, and a proof that combines model checking with the application of a new abstraction relation that is compositional with respect to committed locations. The model checking problem has been solved using Uppaal and the abstractions have been checked by hand.

References

  1. Abadi, M. and Lamport, L. 1994. An old-fashioned recipe for real time. ACM Trans. Program. Lang. Syst. 16, 5, 1543--1571. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Alur, R. and Dill, D. 1994. A theory of timed automata. Theoret. Comp. Sci. 126, 183--235. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Bauer, J. 2006. Analysis of communication topologies by partner abstraction. Ph.D. dissertation. Universität des Saarlandes, Saarbrücken, Germany.Google ScholarGoogle Scholar
  4. Behrmann, G., David, A., and Larsen, K. 2004. A tutorial on Uppaal. In Formal Methods for the Design of Real-Time Systems, International School on Formal Methods for the Design of Computer, Communication and Software Systems, Revised Lectures, M. Bernardo and F. Corradini, Eds., Lecture Notes in Computer Science, vol. 3185. Springer, Berlin, Germany, 200--236.Google ScholarGoogle Scholar
  5. Behrmann, G., David, A., Larsen, K. G., Håkansson, J., Pettersson, P., Yi, W., and Hendriks, M. 2006. Uppaal 4.0. In Proceedings of the 3rd International Conference on the Quantitative Evaluation of SysTems. IEEE Computer Society, Press, Los Alamitos, CA, 125--126. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Berendsen, J. and Vaandrager, F. 2008. Compositional abstraction in real-time model checking. In Proceedings of the 6th International Conference on Formal Modeling and Analysis of Timed Systems. Lecture Notes in Computer Science, vol. 5215. Springer Berlin/Heidelberg, Germany, 233--249. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Berry, G. and Gonthier, G. 1992. The Esterel synchronous programming language: Design, semantics, implementation. Sci. Comput. Program. 19, 2, 87--152. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Bohnenkamp, H., Stok, P. V. D., Hermanss, H., and Vaandrager, F. 2003. Cost-optimisation of the IPv4 zeroconf protocol. In Proceedings of the International Conference on Dependable Systems and Networks. IEEE Computer Society, Press, Los Alamitos, CA, 531--540.Google ScholarGoogle Scholar
  9. Brinksma, E. and Mader, A. 2004. On verification modelling of embedded systems. Tech. rep. TR-CTIT-04-03. Centre for Telematics and Information Technology, University of Twente, Twente, The Netherlands.Google ScholarGoogle Scholar
  10. Bruns, G. and Staskauskas, M. 1998. Applying formal methods to a protocol standard and its implementations. In Proceedings of the International Symposium on Software Engineering for Parallel and Distributed Systems. IEEE Computer Society Press, 198--205. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Cassez, F., David, A., Fleury, E., Larsen, K., and Lime, D. 2005. Efficient on-the-fly algorithms for the analysis of timed games. In Proceedings of the 16th International Conference on Concurrency Theory, M. Abadi and L. de Alfaro, Eds., Lecture Notes in Computer Science, vol. 3653. Springer, Berlin, Germany, 66--80. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Cheshire, S. 2006. Personal communication.Google ScholarGoogle Scholar
  13. Cheshire, S., Aboba, B., and Guttman, E. 2005. Dynamic configuration of IPv4 link-local addresses (RFC 3927). http://www.ietf.org/rfc/rfc3927.txt.Google ScholarGoogle Scholar
  14. Cheshire, S. and Steinberg, D. 2005. Zero Configuration Networking: The Definite Guide. O'Reilly Media, Inc., San Francisco, CA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Chkliaev, D., Hooman, J., and de Vink, E. 2003. Verification and improvement of the sliding window protocol. In Proceedings of the Workshop on Tools and Algorithmes for the Construction and Analysis of Systems. Lecture Notes in Computer Science, vol. 2619. Springer-Verlag, Berlin, Germany, 113--127. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Clarke, E. M., Grumberg, O., Hiraishi, H., Jha, S., Long, D. E., McMillan, K. L., and Ness, L. A. 1993. Verification of the Futurebus+ cache coherence protocol. In Proceedings of the International Conference on Computer Hardware Description Languages and there Application. 15--30. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Devillers, M., Griffioen, W., Romijn, J., and Vaandrager, F. 2000. Verification of a leader election protocol: Formal methods applied to IEEE 1394. Form. Meth. Syst. Des. 16, 3, 307--320. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Gebremichael, B. and Vaandrager, F. 2005. Specifying urgency in timed I/O automata. In Proceedings of the 3rd IEEE International Conference on Software Engineering and Formal Methods. IEEE Computer Society Press, Los Alamitos, CA, 64--73. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Gebremichael, B., Vaandrager, F., and Zhang, M. 2006. Analysis of the Zeroconf protocol using Uppaal. In Proceedings of the 6th Annual ACM & IEEE Conference on Embedded Software. ACM Press, New York, NY, 242--251. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Hendriks, M., Behrmann, G., Larsen, K., Niebert, P., and Vaandrager, F. 2004. Adding symmetry reduction to Uppaal. In Proceedings of the 1st International Workshop on Formal Modeling and Analysis of Timed Systems. Lecture Notes in Computer Science, vol. 2791. Springer-Verlag, Berlin, Germany.Google ScholarGoogle Scholar
  21. Hoare, C. 1985. Communicating Sequential Processes. Prentice-Hall International, Englewood Cliffs, NJ. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. Holzmann, G. 2004. The SPIN Model Checker: Primer and Reference Manual. Addison Wesley, Readings, MA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Ip, C. and Dill, D. 1993. Better verification through symmetry. In Proceedings of the 11th IFIP WG10.2 International Conference on Computer Hardware Description Languages and their Applications, D. Agnew, L. J. M. Claesen, and R. Camposano, Eds., IFIP Transactions, vol. A-32. North-Holland, Amsterdam, The Netherlands, 97--111. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Jensen, H., Larsen, K., and Skou, A. 2000. Scaling up Uppaal: Automatic verification of real-time systems using compositionality and abstraction. In Proceedings of the 6th Annual Symposium Formal Techniques in Real-Time and Fault-Tolerant Systems, M. Joseph, Ed., Lecture Notes in Computer Science, vol. 1926. Springer, Berlin, Germany, 19--30. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Kwiatkowska, M., Norman, G., and Parker, D. 2004. PRISM 2.0: A tool for probabilistic model checking. In Proceedings of the 1st International Conference on Quantitative Evaluation of Systems. IEEE Computer Society Press, Los Alamitos, CA, 322--323. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Kwiatkowska, M., Norman, G., Parker, D., and Sproston, J. 2003. Performance analysis of probabilistic timed automata using digital clocks. In Proceedings of the Conference on Formal Modeling and Analysis of Timed Systems, K. Larsen and P. Niebert, Eds., Lecture Notes in Computer Science, vol. 2791. Springer-Verlag, Berlin, Germany, 105--120.Google ScholarGoogle Scholar
  27. Langevelde, I. V., Romijn, J., and Goga, N. 2003. Founding FireWire bridges through Promela prototyping. In Proceedings of the 8<sup>th</sup> International Workshop on Formal Methods for Parallel Programming: Theory and Applications. IEEE Computer Society Press, Los Alamitos, CA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. Larsen, K., Mikucionis, M., and Nielsen, B. 2005. Testing real-time embedded software using UPPAAL-TRON: An industrial case study. In Proceedings of the 5th ACM International Conference on Embedded Software. ACM Press New York, NY, 299--306. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Lynch, N. 1996. Distributed Algorithms. Morgan Kaufmann, San Fransisco, CA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. Milner, R. 1989. Communication and Concurrency. Prentice-Hall International, Englewood Cliffs, NJ. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Plummer, D. 1982. An Ethernet address resolution protocol (RFC 826). http://www.ietf.org/rfc/rfc826.txt.Google ScholarGoogle Scholar
  32. Romijn, J. 2004. Improving the quality of protocol standards: Correcting IEEE 1394.1 FireWire net update. Nieuwsbrief Nederland. Verenig. Theoret. Informatica 8, 23--30. http://www.win.tue.nl/oas/index.html?iqps/.Google ScholarGoogle Scholar
  33. Sifakis, J. 1999. The compositional specification of timed systems&amp;#8212;a tutorial. In Proceedings of the 11th International Conference on Computer Aided Verification, N. Halbwachs and D. Peled, Eds., Lecture Notes in Computer Science, vol. 1633. Springer-Verlag, Berlin, Germany, 2--7. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Sifakis, J. and Yovine, S. 1996. Compositional specification of timed systems (extended abstract). In Proceedings of the Annual Symposium on Theoretical Aspects of Computer Science, C. Puech and R. Reischuk, Eds. Lecture Notes in Computer Science, vol. 1046. Springer, Berlin, Germany, 347--359. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Stoelinga, M. 2003. Fun with FireWire: A comparative study of formal verification methods applied to the IEEE 1394 root contention protocol. Form. Aspects Comp. J. 14, 3, 328--337.Google ScholarGoogle ScholarCross RefCross Ref
  36. Vaandrager, F. and Groot, A. D. 2006. Analysis of a biphase mark protocol with Uppaal and PVS. Form. Aspects Comp. J. 18, 4, 433--458. Google ScholarGoogle ScholarCross RefCross Ref
  37. Yorav, K. 2000. Exploiting syntactic structure for automatic verification. Ph.D. dissertation, The Technion, Israel Insitute of Technology, Haifa, Israel.Google ScholarGoogle Scholar

Index Terms

  1. Formal specification and analysis of zeroconf using uppaalS

                              Recommendations

                              Comments

                              Login options

                              Check if you have access through your login credentials or your institution to get full access on this article.

                              Sign in

                              Full Access

                              PDF Format

                              View or Download as a PDF file.

                              PDF

                              eReader

                              View online with eReader.

                              eReader
                              About Cookies On This Site

                              We use cookies to ensure that we give you the best experience on our website.

                              Learn more

                              Got it!