第八讲模型检验演示课件.pptVIP

第八讲 模型检验 主要考虑如何发现设计缺陷！ 精选编制 一、例子 二、模型检测概述 三、模型检测算法概览 四、模型检测工具 内 容 精选编制 Needham-Schroeder 身份认证协议 [N, S1]Z [S1, S2]N [S2]Z 通信过程可能被窃听！加密可以防止窃听！如何约定加密数字？ 每人 有自己的标识：N 每人 公布自己的公钥: 只有N才能解开的消息： [****]N 每个对话过程 用一对数字对内容加密: S1, S2 每次对话前 需要首先建立这对数字 该协议于1978年被提出并得到广泛应用 N Z 一、例子 精选编制 [N, S1]W [S1, S2]N [S2]W [N, S1]Z [S1, S2]N [S2]Z 1996年，发现该协议存在设计缺陷： 攻击者可以伪装一方的身份 利用模型检测方法！ 被欺骗！ 不可信！ 开始伪装 Z W N 精选编制 In 1992 Clarke and his students at CMU used SMV to verify the IEEE Future+ cache coherence protocol. ? They found a number of previously undetected errors in the design of the protocol. ? This was the first time that formal methods have been used to find errors in an IEEE standard. ? Although the development of the protocol began in 1988, all previous attempts to validate it were based entirely on informal techniques. 精选编制 In 1992 Dill and his students at Stanford used Murphito verify the cache coherence protocol of the IEEE Scalable Coherent Interface. ? They found several errors, ranging from uninitialized variables to subtle logical errors. ? The errors also existed in the complete protocol, although it had been extensively discussed, simulated, and even implemented. 精选编制 In 1995 researchers from Bull and Verimag used LOTOS to describe the processors, memory controller, and bus Arbiter of the Power Scale multiprocessor architecture. ? They identified four correctness requirements for proper functioning of the arbiter. ? The properties were formalized using bisimulation relations between finite labeled transition systems. ? Correctness was established automatically in a few minutes using the C?SAR/ ALDéBARAN toolbox. 精选编制 A High-level Data Link Controller was being designed at ATT in Madrid in 1996 ? Researchers at Bell Labs offered to check some properties of the design using the Formal Check verifier. ? Within five hours, six properties were specified and five were verified. ? The sixth property failed, uncovering a bug that would have reduced throu