A Practical Approach to Formal Methods: An Eclipse Integrated Development Environment (IDE) for Security Protocols
Abstract
:1. Introduction
1.1. Research Contribution
- A simple and intuitive language for the lightweight [27,28] formal specification of security protocols. This addresses the problem of complexity in formal methods by helping users familiarise themselves with system design from a high-level perspective, before delving into verification. The expected benefit is that users, especially non-experts, can engage with formal methods more easily and develop a better understanding of protocol design without being overwhelmed by technical details [29].
- A Model-Driven Development (MDD) strategy for the automatic generation of programs from formally verified abstract models. This eliminates the need for users to prototype at multiple abstraction levels, ensuring consistent and rigorous translation from model to implementation. The benefit is a reduction in development time and errors, as the MDD approach streamlines the workflow, allowing users to focus on design correctness rather than manual coding at each layer [30,31].
- An Integrated Development Environment (IDE) with the push-button integration of existing tools and real-time modelling/verification feedback. This addresses the issue of tool complexity and integration. By providing a seamless environment for developers, it automates significant parts of the workflow and offers real-time feedback, thus improving both the clarity of the specification process and control over the verification stage.
- Code generation: The AnBx Compiler and Code Generator [25] automatically generates ProVerif specifications and Java implementations, among other targets, from the AnB and AnBx models.
1.2. Outline of the Paper
2. Motivation
2.1. Challenges in the Usability and Adoption of Formal Methods
- Complexity: The inherent complexity of these methods often requires users to possess a good understanding of mathematical concepts and logic, resulting in a high learning curve that can be deterring for practitioners without a formal background or knowledge of a specific verification framework.
- Limited Tool Integration: The limited availability of well-integrated tools can create inefficiencies in workflow, hindering the effective utilisation of formal methods. In particular, a majority of criticisms pointed out that research is not oriented enough towards the consolidation of existing results to make them available to a wider audience.
- Unfamiliar Interfaces: Specialised, unusual, and inconsistent user interfaces across different tools may lead to confusion, making it challenging for users to navigate various applications.
- Interpretability of Results: The interpretability of results is often compromised due to complex output formats and cryptic error messages, making it difficult for users to derive actionable insights.
- Scalability Issues: Many formal verification tools struggle to handle complex systems efficiently, resulting in long processing times and significant resource consumption.
- Limited Documentation: Limited or hard-to-find documentation and community support exacerbate these challenges, leaving users without sufficient guidance.
2.2. The Benefits of Integrated Development Environments
2.3. Identification of Potential Cryptographic Misconceptions
3. Background
3.1. XText
3.2. AnBx Language
3.3. AnBx Compiler and Code Generator
3.4. Security Protocol Verifiers
4. Methodology
5. AnBx IDE Features and Components
5.1. Editing Security Protocol Models in Different Specification Languages
5.1.1. Getting Started with Wizards
5.1.2. Syntax Highlighting and Outline
5.1.3. Formatting
5.1.4. Autocomplete and Scoping
5.1.5. Validation: Type, Arity, and Semantics Checking with Quickfixes
5.2. Running the Verification Tasks and Generating Code
5.2.1. Configuration Dialogs with Options and Help
5.2.2. Supporting Users in Their Workflow
5.2.3. Verifying Single or Multiple Security Goals in Parallel
5.2.4. Java Code Generation and Run of Dockerised Applications
- docker compose lastBuildFile down: This command stops and removes the containers defined in the specified Docker Compose file, which represents the last built project. This ensures that any previously running instances of the application are halted before starting a new one.
- docker container prune: This command removes all stopped containers, helping to free up system resources and reduce clutter in the Docker environment.
- docker network prune: This command cleans up unused networks, ensuring that only necessary connections are maintained within the Docker ecosystem.
- docker compose currentBuildFile up: This command starts the containers defined in the current Docker Compose file, effectively launching the application in its new environment.
5.2.5. Console Output and Logging
5.2.6. Displaying Verification Results in an Eclipse View
5.2.7. Scheduling with Priorities and Task Manager
Algorithm 1: Task Scheduling with Priority Queue |
5.2.8. Attack Trace Reconstruction
- The AnBx protocol is exported to AnB.
- OFMC is executed on the generated AnB.
- If an attack is found, the compiler is called again on the AnBx protocol, using the trace for interpretation.
5.3. Environment Customisation and Other Functionalities
6. Evaluation
6.1. Addressing Core Challenges for Formal Methods Adoption
- Complexity: The IDE simplifies the use of complex tools that can be employed to formalise models through high-level and standard languages. The user experience (UX) of the IDE is designed to allow the manipulation of tools without requiring an in-depth understanding of the underlying theories or the precise workings of each tool. Overall, the IDE reduces the usability barrier and facilitates the work of novice users who are unfamiliar with formal method tools and techniques, with general editing support (Section 5.1).
- Limited Tool Integration: We identify and integrate relevant state-of-the-art tools, providing the user with the option to run all of them from a single protocol standpoint, achieving an end-to-end workflow. This aligns with the demand for the consolidation of existing tools and methods [14].
- Unfamiliar Interfaces: We integrate several tools that have different and very specific command-line interfaces. The IDE offers a uniform access point to these tools in a common Eclipse environment for consistency, limiting back-and-forth actions and making them more accessible to the public without hindering more specialised usage.
- Interpretability of Results: Several features of the IDE are designed to improve the way tool results are presented to the user, making them easier to interpret: console colouring (Section 5.2.5), verification result views (Section 5.2.6), single-goal handling (Section 5.2.3), and attack trace reconstruction (Section 5.2.8).
- Scalability Issues: By supporting two verification tools, we can overcome some individual limitations and provide comparative results for a finer understanding of verification. The task manager, scheduler, concurrent threads cap, and timeout (Section 5.2.7) help to prevent resource exhaustion and confusion with numerous running tasks.
- Limited Documentation: We provide immediate access to documentation about the tools, reducing the need to search for it (Figure 9). Overall, the UX of the IDE minimises the need to consult documentation in order to perform tasks.
6.2. User Evaluation
- Operating system usage;
- Types of projects where the tools were used;
- Usefulness of specific IDE functionalities;
- Overall ratings of the IDE (functionality, stability, performance, usability);
- Importance of the tools in completing their projects;
- Frequency of usage;
- Technical background in computing, programming, cybersecurity, cryptography, and formal/mathematical methods for security.
- Operating System Usage Multiple responses were allowed. The majority of participants used Windows (94.29%), with a small proportion using Linux (14.29%) or MacOS (8.57%).
- Project Types Most participants used the IDE and supported tools for their MSc projects (60%), while 31.43% used it for advanced practice activities, a project-based module taken by MSc students. The remaining participants employed it for other university work (e.g., lab activities and other projects).
- IDE Functionality Participants rated several functionalities, with the following response options: Very useful, Somewhat useful, Not useful, Not useful at all, and Never used this function. The results show that:
- 68.57% found the visualisation and editing of AnBx/AnB files Very useful, 17.14% Somewhat useful, 11.43% Never used this function.
- 54.29% found the same functionality Very useful for ProVerif files, 17.14% Somewhat useful, with 25.71% reporting never using it.
- The generation of Java code with the AnBx Compiler was highly appreciated, with 88.57% finding it Very useful, with just 2.86% having never used it.
- The generation of AnB and ProVerif files also had high utility, with 82.86% and 60% of participants respectively, rating it Very useful. Again, the Never used this function was higher for ProVerif (22.86%) than AnB (5.71%).
- 77.14% found Very useful the IDE support for running the generated Java code, with just 8.57% not having used the feature.
- Verification Tasks Verification tasks were among the most common features utilised by the sampled population.
- 62.86% found OFMC verification of AnB files Very useful, and 22.86% found it Somewhat useful. 5.71% Never used this function.
- 40% found ProVerif verification Very useful, with 31.43% finding it Somewhat useful. 22.86% Never used this function.
- Single goal generation for ProVerif and AnB files has been described as useful for those who used the functionality, though it had lower usage compared to other features: 40% Very useful for ProVerif, 51.43% for AnB. 22.86% Never used this function for AnB, 37.14% for ProVerif.
- Logging, Task Monitoring, and Configuration These features attracted high interests and they were considered overall very useful.
- Tool output logging was considered Very useful by 71.43% of respondents, as it allows to archive results for further analysis. 8.57% Never used this function.
- Monitoring task progress (verification, code generation) was rated Very useful by 74.29%, with only 5.71% never using this functionality.
- Configuring code generation parameters and concurrent task numbers was also appreciated, with 71.43% finding configuration Very useful. 8.57% Never used this function.
- General Tool Rating Overall, participants rated the AnBx IDE highly in terms of user experience. The options for the responses were: Very good, Good, Acceptable, Poor, and Very poor.
- Functionality: 57.14% rated it Very good, 37.14% Good.
- Stability: 40% rated it Very good, and 48.57% Good.
- Performance: 57.14% found the performance Very good, and 34.29% rated it Good.
- Usability: 45.71% rated usability Very good, and 40% Good.
- Importance of Tools in participants’ activities We also asked how important the tools were in order to complete the technical part of their projects or activities. The options offered for the responses were:
- 65.71% of students considered the tools Very important for completing their projects, and 20% rated them Important.
- Regarding usage frequency, 57.14% used the tools Most of the time, and 22.86% used them Often during their projects.
- Technical Background For the self-assessment of technical skills, we offered the following options: High, Moderately high, Average, Low, and None. The results showed that:
- 48.57% rated themselves Moderately high in computing, 28.57% Average and 22.86% High.
- 40% rated themselves Average in programming, with 25.71% having low programming skills. Only 8.57% rated themselves High.
- 51.43% rated themselves Moderately high in cybersecurity, with 31.43% having High proficiency.
- Cryptography knowledge was more varied: 14.29% High, 31.43% Moderately high, and 42.86% Average.
- Formal/mathematical methods for security were less familiar, with only 17.14% having High proficiency, 28.57% Moderately high, 37.14% Average and 11.43% reporting no experience.
6.3. Usage Statistics
6.4. Assumptions and Limitations
7. Related Work
8. Conclusions and Future Work
Author Contributions
Funding
Data Availability Statement
Acknowledgments
Conflicts of Interest
References
- Vanhoef, M.; Piessens, F. Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, Dallas, TX, USA, 30 October–3 November 2017; Thuraisingham, B., Evans, D., Malkin, T., Xu, D., Eds.; ACM: New York, NY, USA, 2017; pp. 1313–1328. [Google Scholar] [CrossRef]
- Cassidy, S. Diagnosis of the OpenSSL Heartbleed Bug. 2014. Available online: https://www.seancassidy.me/diagnosis-of-the-openssl-heartbleed-bug.html (accessed on 20 November 2024).
- Fogel, B.; Farmer, S.; Alkofahi, H.; Skjellum, A.; Hafiz, M. POODLEs, More POODLEs, FREAK Attacks Too: How Server Administrators Responded to Three Serious Web Vulnerabilities. In Engineering Secure Software and Systems; Springer International Publishing: Berlin/Heidelberg, Germany, 2016; pp. 122–137. [Google Scholar] [CrossRef]
- Alashwali, E.S.; Rasmussen, K. What’s in a Downgrade? A Taxonomy of Downgrade Attacks in the TLS Protocol and Application Protocols Using TLS. In Security and Privacy in Communication Networks; Springer International Publishing: Berlin/Heidelberg, Germany, 2018; pp. 468–487. [Google Scholar] [CrossRef]
- Cremers, C.; Horvat, M.; Scott, S.; van der Merwe, T. Automated Analysis and Verification of TLS 1.3: 0-RTT, Resumption and Delayed Authentication. In Proceedings of the 2016 IEEE Symposium on Security and Privacy (SP), San Jose, CA, USA, 22–26 May 2016; IEEE: Piscataway, NJ, USA, 2016. [Google Scholar] [CrossRef]
- Bhargavan, K.; Blanchet, B.; Kobeissi, N. Verified Models and Reference Implementations for the TLS 1.3 Standard Candidate. In Proceedings of the 2017 IEEE Symposium on Security and Privacy, SP 2017, San Jose, CA, USA, 22–26 May 2017; IEEE Computer Society: Washington, DC, USA, 2017; pp. 483–502. [Google Scholar] [CrossRef]
- Blanchet, B. Composition theorems for cryptoverif and application to TLS 1.3. In Proceedings of the 2018 IEEE 31st Computer Security Foundations Symposium (CSF), Oxford, UK, 9–12 July 2018; pp. 16–30. [Google Scholar] [CrossRef]
- Cohn-Gordon, K.; Cremers, C.; Dowling, B.; Garratt, L.; Stebila, D. A Formal Security Analysis of the Signal Messaging Protocol. J. Cryptol. 2020, 33, 1914–1983. [Google Scholar] [CrossRef]
- Blanchet, B. An efficient cryptographic protocol verifier based on Prolog rules. In Proceedings of the Computer Security Foundations Workshop, Cape Breton, NS, Canada, 11–13 June 2001; IEEE: Piscataway, NJ, USA; IEEE Computer Society: Washington, DC, USA, 2001; p. 0082. [Google Scholar]
- Meier, S.; Schmidt, B.; Cremers, C.; Basin, D.A. The TAMARIN Prover for the Symbolic Analysis of Security Protocols. In Proceedings of the Computer Aided Verification—25th International Conference, CAV 2013, Saint Petersburg, Russia, 13–19 July 2013; Proceedings; Lecture Notes in Computer Science. Sharygina, N., Veith, H., Eds.; Springer: Berlin/Heidelberg, Germany, 2013; Volume 8044, pp. 696–701. [Google Scholar] [CrossRef]
- Basin, D.; Mödersheim, S.; Viganò, L. OFMC: A symbolic model checker for security protocols. Int. J. Inf. Secur. 2005, 4, 181–208. [Google Scholar] [CrossRef]
- Dark, M.; Belcher, S.; Bishop, M.; Ngambeki, I. Practice, Practice, Practice... Secure Programmer! In Proceedings of the 19th Colloquium for Information System Security Education, Las Vegas, NV, USA, 15–17 June 2015. [Google Scholar]
- NIST. CVE-2020-13777; NIST: Gaithersburg, MD, USA, 2020. Available online: https://nvd.nist.gov/vuln/detail/CVE-2020-13777/ (accessed on 20 November 2024).
- Garavel, H.; ter Beek, M.H.; van de Pol, J. The 2020 Expert Survey on Formal Methods. In Proceedings of the Formal Methods for Industrial Critical Systems—25th International Conference, FMICS 2020, Vienna, Austria, 2–3 September 2020; Proceedings; Lecture Notes in Computer Science. ter Beek, M.H., Nickovic, D., Eds.; Springer: Berlin/Heidelberg, Germany, 2020; Volume 12327, pp. 3–69. [Google Scholar] [CrossRef]
- Kulik, T.; Dongol, B.; Larsen, P.G.; Macedo, H.D.; Schneider, S.; Tran-Jørgensen, P.W.V.; Woodcock, J. A Survey of Practical Formal Methods for Security. Form. Asp. Comput. 2022, 34, 1–39. [Google Scholar] [CrossRef]
- Dolev, D.; Yao, A. On the Security of Public-Key Protocols. IEEE Trans. Inf. Theory 1983, 2, 198–208. [Google Scholar] [CrossRef]
- Sommerville, I. Software Engineering, 9th ed.; Addison-Wesley: San Francisco, CA, USA, 2010. [Google Scholar]
- Bugliesi, M.; Focardi, R. Language Based Secure Communication. In Proceedings of the Computer Security Foundations Symposium, 2008, CSF’08, IEEE 21st, Pittsburgh, PA, USA, 23–25 June 2008; pp. 3–16. [Google Scholar] [CrossRef]
- Avalle, M.; Pironti, A.; Sisto, R. Formal verification of security protocol implementations: A survey. Form. Asp. Comput. 2014, 26, 99–123. [Google Scholar] [CrossRef]
- Davis, J.A.; Clark, M.; Cofer, D.; Fifarek, A.; Hinchman, J.; Hoffman, J.; Hulbert, B.; Miller, S.P.; Wagner, L. Study on the Barriers to the Industrial Adoption of Formal Methods. In Formal Methods for Industrial Critical Systems; Springer: Berlin/Heidelberg, Germany, 2013; pp. 63–77. [Google Scholar] [CrossRef]
- Skevoulis, S.; Makarov, V. Integrating Formal Methods Tools Into Undergraduate Computer Science Curriculum. In Proceedings of the Frontiers in Education, 36th Annual Conference, Aarhus, Denmark, 24–8 June 2002; IEEE: Piscataway, NJ, USA, 2006; pp. 1–6. [Google Scholar] [CrossRef]
- Scheurer, T. Formal Methods: The Problem Is Education. In Computer Safety, Reliability and Security; Springer: Berlin/Heidelberg, Germany, 2000; pp. 198–210. [Google Scholar] [CrossRef]
- Pomorova, O.; Lysenko, S. Formal and Intelligent Methods for Security and Resilience: Education and Training Issues. Inf. Secur. Int. J. 2016, 35, 133–150. [Google Scholar] [CrossRef]
- Avalle, M.; Pironti, A.; Pozza, D.; Sisto, R. JavaSPI: A Framework for Security Protocol Implementation. Int. J. Secur. Softw. Eng. 2011, 2, 34–48. [Google Scholar] [CrossRef]
- Modesti, P. AnBx: Automatic Generation and Verification of Security Protocols Implementations. In Proceedings of the 8th International Symposium on Foundations & Practice of Security, Clermont-Ferrand, France, 26–28 October 2015; LNCS. Springer: Berlin/Heidelberg, Germany, 2015; Volume 9482, pp. 156–173. [Google Scholar] [CrossRef]
- Almousa, O.; Mödersheim, S.; Viganò, L. Alice and Bob: Reconciling Formal Models and Implementation. In Programming Languages with Applications to Biology and Security: Essays Dedicated to Pierpaolo Degano on the Occasion of His 65th Birthday; Lecture Notes in Computer Science; Bodei, C., Ferrari, G.L., Priami, C., Eds.; Springer International Publishing: Berlin/Heidelberg, Germany, 2015; Volume 9465, pp. 66–85. [Google Scholar] [CrossRef]
- Wing, D.J.J. Lightweight formal methods. In An Invitation to Formal Methods; Saiedian, H., Ed.; IEEE Computer: Washington, DC, USA, 1996. [Google Scholar] [CrossRef]
- Zamansky, A.; Spichkova, M.; Rodríguez-Navas, G.; Herrmann, P.; Blech, J.O. Towards Classification of Lightweight Formal Methods. In Proceedings of the 13th International Conference on Evaluation of Novel Approaches to Software Engineering, ENASE 2018, Funchal, Portugal, 23–24 March 2018; Damiani, E., Spanoudakis, G., Maciaszek, L.A., Eds.; SciTePress: Setúbal, Portugal, 2018; pp. 305–313. [Google Scholar] [CrossRef]
- Brucker, A.D.; Marmsoler, D. Teaching Formal Methods in Application Domains: A Case Study in Computer and Network Security. In Formal Methods Teaching; Springer Nature: Cham, Switzerland, 2024; pp. 124–140. [Google Scholar] [CrossRef]
- Brambilla, M.; Cabot, J.; Wimmer, M. Model-Driven Software Engineering in Practice, 2nd ed.; Synthesis Lectures on Software Engineering; Morgan & Claypool Publishers: San Rafael, CA, USA, 2017. [Google Scholar] [CrossRef]
- Nguyen, P.H.; Kramer, M.E.; Klein, J.; Traon, Y.L. An extensive systematic review on the Model-Driven Development of secure systems. Inf. Softw. Technol. 2015, 68, 62–81. [Google Scholar] [CrossRef]
- Garcia, R.; and Modesti, P. An IDE for the Design, Verification and Implementation of Security Protocols. In Proceedings of the International Symposium on Software Reliability Engineering Workshops, ISSRE, Toulouse, France, 23–26 October 2017; pp. 157–163. [Google Scholar] [CrossRef]
- Bettini, L. Implementing Domain-Specific Languages with Xtext and Xtend; Packt Publishing Ltd.: Birmingham, UK, 2016. [Google Scholar]
- Eclipse Community. XText Documentation; Eclipse Community: Ottawa, ON, Canada; Available online: http://eclipse.org/Xtext/documentation/ (accessed on 20 November 2024).
- Mödersheim, S. Algebraic Properties in Alice & Bob Notation. In Proceedings of the Forth International Conference on Availability, Reliability and Security, ARES 2009, Fukuoka, Japan, 16–19 March 2009; IEEE Computer Society: Washington, DC, USA, 2009; pp. 433–440. [Google Scholar] [CrossRef]
- Bugliesi, M.; Calzavara, S.; Mödersheim, S.; Modesti, P. Security protocol specification and verification with AnBx. J. Inf. Secur. Appl. 2016, 30, 46–63. [Google Scholar] [CrossRef]
- Blanchet, B.; Cheval, V.; Cortier, V. ProVerif with Lemmas, Induction, Fast Subsumption, and Much More. In Proceedings of the 43RD IEEE Symposium on Security and Privacy (S&P’22), San Francisco, CA, USA, 22–26 May 2022. [Google Scholar] [CrossRef]
- Shaukat, R.; Shahoor, A.; Urooj, A. Probing into code analysis tools: A comparison of C# supporting static code analyzers. In Proceedings of the 2018 15th International Bhurban Conference on Applied Sciences and Technology (IBCAST), Islamabad, Pakistan, 9–13 January 2018; pp. 455–464. [Google Scholar] [CrossRef]
- Fetaji, M.; Loskovska, S.; Fetaji, B.; Ebibi, M. Combining Virtual Learning Environment and Integrated Development Environment to Enhance e-Learning. In Proceedings of the 2007 29th International Conference on Information Technology Interfaces, Dubrovnik, Croatia, 25–28 June 2007; pp. 319–324. [Google Scholar] [CrossRef]
- Broy, M.; Brucker, A.; Fantechi, A.; Gleirscher, M.; Havelund, K.; Kuppe, M.A.; Mendes, A.; Platzer, A.; Ringert, J.; Sullivan, A. Does Every Computer Scientist Need to Know Formal Methods? Form. Asp. Comput. 2024; accepted. [Google Scholar] [CrossRef]
- Gleirscher, M.; Marmsoler, D. Formal methods in dependable systems engineering: A survey of professionals from Europe and North America. Empir. Softw. Eng. 2020, 25, 4473–4546. [Google Scholar] [CrossRef]
- Spivey, J.M. Z Notation—A Reference Manual, 2nd ed.; Prentice Hall International Series in Computer Science; Prentice Hall: Hoboken, NJ, USA, 1992. [Google Scholar]
- Wadsworth, B.J. Piaget’s Theory of Cognitive and Affective Development: Foundations of Constructivism; Longman Publishing: Harlow, UK, 1996. [Google Scholar]
- Bruner, J.S. The Process of Education; Harvard University Press: Cambridge, MA, USA, 2009. [Google Scholar] [CrossRef]
- Raimondo, M.; Marrone, S.; Bernardi, S.; Palladino, A. Demonstrating the Necessity of Model Generation in Security Protocol Verification. In Proceedings of the 28th IEEE International Conference on Emerging Technologies and Factory Automation, ETFA 2023, Sinaia, Romania, 12–15 September 2023; IEEE: Piscataway, NJ, USA, 2023; pp. 1–8. [Google Scholar] [CrossRef]
- Paulson, L.C.; Nipkow, T.; Wenzel, M. From LCF to Isabelle/HOL. Form. Asp. Comput. 2019, 31, 675–698. [Google Scholar] [CrossRef]
- Abadi, M.; Needham, R. Prudent engineering practice for cryptographic protocols. In Proceedings of the 1994 IEEE Computer Society Symposium on Research in Security and Privacy, 1994 Proceedings, Oakland, CA, USA, 16–18 May 1994; pp. 122–136. [Google Scholar] [CrossRef]
- Leino, K.R.M.; Wüstholz, V. The Dafny Integrated Development Environment. In Proceedings of the 1st Workshop on Formal Integrated Development Environment, F-IDE 2014, Grenoble, France, 6 April 2014; EPTCS. Dubois, C., Giannakopoulou, D., Méry, D., Eds.; Open Publishing Association: The Hague, The Netherlands, 2014; Volume 149, pp. 3–15. [Google Scholar] [CrossRef]
- Unwin, A.; Hofmann, H. GUI and Command-line—Conflict or Synergy? In Proceedings of the 31st Symposium on the Interface: Models, Predictions, and Computing, Schaumburg, IL, USA, 9–12 June 1999; Computing Science and Statistics. Berk, K., Pourahmadi, M., Eds.; Interface Foundation of North America: Fairfax Station, VA, USA, 1999; pp. 246–253. [Google Scholar]
- Tabassum, M.; Watson, S.; Lipford, H.R. Comparing Educational Approaches to Secure programming: Tool vs. TA. In Proceedings of the Thirteenth Symposium on Usable Privacy and Security, SOUPS 2017, Santa Clara, CA, USA, 12–14 July 2017; USENIX Association: Berkeley, CA, USA, 2017. [Google Scholar]
- Kuusinen, K. Software Developers as Users: Developer Experience of a Cross-Platform Integrated Development Environment. In Proceedings of the Product-Focused Software Process Improvement—16th International Conference, PROFES 2015, Bolzano, Italy, 2–4 December 2015; Proceedings; Lecture Notes in Computer Science. Abrahamsson, P., Corral, L., Oivo, M., Russo, B., Eds.; Springer: Berlin/Heidelberg, Germany, 2015; Volume 9459, pp. 546–552. [Google Scholar] [CrossRef]
- Lindmeier, A.; Mühling, A. Keeping secrets: K-12 students’ understanding of cryptography. In Proceedings of the WiPSCE ’20: Workshop in Primary and Secondary Computing Education, Essen, Germany, 28–30 October 2020; Brinda, T., Armoni, M., Eds.; ACM: New York, NY, USA, 2020; pp. 14:1–14:10. [Google Scholar] [CrossRef]
- Geels, J. Ordinary Users Do Not Understand Digital Signatures. In Proceedings of the 13th Nordic Conference on Human-Computer Interaction, NordiCHI 2024, Uppsala, Sweden, 13–16 October 2024; ACM: New York, NY, USA, 2024; pp. 66:1–66:15. [Google Scholar] [CrossRef]
- Braga, A.M.; Dahab, R.; Antunes, N.; Laranjeiro, N.; Vieira, M. Understanding How to Use Static Analysis Tools for Detecting Cryptography Misuse in Software. IEEE Trans. Reliab. 2019, 68, 1384–1403. [Google Scholar] [CrossRef]
- Gleirscher, M.; Foster, S.; Woodcock, J. New Opportunities for Integrated Formal Methods. ACM Comput. Surv. 2020, 52, 117:1–117:36. [Google Scholar] [CrossRef]
- van Glabbeek, R.J.; Höfner, P.; van der Wal, D. Analysing AWN-Specifications Using mCRL2 (Extended Abstract). In Proceedings of the Integrated Formal Methods—14th International Conference, IFM 2018, Maynooth, Ireland, 5–7 September 2018; Proceedings; Lecture Notes in Computer Science. Furia, C.A., Winter, K., Eds.; Springer: Berlin/Heidelberg, Germany, 2018; Volume 11023, pp. 398–418. [Google Scholar] [CrossRef]
- Runge, T.; Schaefer, I.; Cleophas, L.; Thüm, T.; Kourie, D.G.; Watson, B.W. Tool Support for Correctness-by-Construction. In Proceedings of the Software Engineering 2021, Fachtagung des GI-Fachbereichs Softwaretechnik, Braunschweig, Germany, 22–26 February 2021; LNI. Koziolek, A., Schaefer, I., Seidl, C., Eds.; Gesellschaft für Informatik e.V.: Bonn, Germany, 2021; Volume P-310, pp. 93–94. [Google Scholar] [CrossRef]
- Fares, E.; Bodeveix, J.; Filali, M. Correct Pattern-Based Development Through Refinements and Weakest Preconditions Calculus. In Proceedings of the Formal Aspects of Component Software—20th International Conference, FACS 2024, Milan, Italy, 9–10 September 2024; Proceedings; Lecture Notes in Computer Science. Marmsoler, D., Sun, M., Eds.; Springer: Berlin/Heidelberg, Germany, 2024; Volume 15189, pp. 59–78. [Google Scholar] [CrossRef]
- Bonfanti, S.; Carissoni, M.; Gargantini, A.; Mashkoor, A. Asm2C++: A Tool for Code Generation from Abstract State Machines to Arduino. In Proceedings of the NASA Formal Methods—9th International Symposium, NFM 2017, Moffett Field, CA, USA, 16–18 May 2017; Proceedings; Lecture Notes in Computer Science. Barrett, C.W., Davies, M.D., Kahsai, T., Eds.; Springer: Berlin/Heidelberg, Germany, 2017; Volume 10227, pp. 295–301. [Google Scholar] [CrossRef]
- Lowe, G. A Hierarchy of Authentication Specifications. In Proceedings of the CSFW’97, Rockport, MA, USA, 10–12 June 1997; IEEE Computer Society Press: Washington, DC, USA, 1997; pp. 31–43. [Google Scholar]
- Galeotti, J.P.; Furia, C.A.; May, E.; Fraser, G.; Zeller, A. Automating Full Functional Verification of Programs with Loops. arXiv 2014, arXiv:1407.5286. [Google Scholar] [CrossRef]
- Barbosa, M.; Barthe, G.; Bhargavan, K.; Blanchet, B.; Cremers, C.; Liao, K.; Parno, B. SoK: Computer-Aided Cryptography. In Proceedings of the 42nd IEEE Symposium on Security and Privacy, SP 2021, San Francisco, CA, USA, 24–27 May 2021; IEEE: Piscataway, NJ, USA, 2021; pp. 777–795. [Google Scholar] [CrossRef]
- AVISPA Team. AVISPA v1.0 User Manual. Available online: https://people.rennes.inria.fr/Thomas.Genet/Crypt/AVISPA_manual.pdf (accessed on 20 November 2024).
- Delaune, S.; Hirschi, L. A survey of symbolic methods for establishing equivalence-based properties in cryptographic protocols. J. Log. Algebr. Methods Program. 2017, 87, 127–144. [Google Scholar] [CrossRef]
- Blanchet, B.; Smyth, B.; Cheval, V. ProVerif 2.05: Automatic Cryptographic Protocol Verifier, User Manual and Tutorial; Inria: Paris, France, 2023. [Google Scholar]
- Carlsen, U. Optimal Privacy and Authentication on a Portable Communications System. ACM SIGOPS Oper. Syst. Rev. 1994, 28, 16–23. [Google Scholar] [CrossRef]
- Mödersheim, S. OFMC Distribution and Tutorials. Available online: https://www2.compute.dtu.dk/~samo/ (accessed on 20 November 2024).
- ITU-T Recommendation H.530: Symmetric Security Procedures for H.510 (Mobility for H.323 Multimedia Systems and Services); H.323 Forum: San Ramon, CA, USA, 2002.
- Kaufman, C. Internet Key Exchange (IKEv2) Protocol; Technical Report; Internet Engineering Task Force (IETF): Fremont, CA, USA, 2005. [Google Scholar]
- ISO/IEC 9798-2:2008; Information Technology—Security Techniques—Entity Authentication—Part 2: Mechanisms Using Symmetric Encipherment Algorithms. 3rd ed. International Organization for Standardization: Geneva, Switzerland, 2008.
- ISO/IEC 9798-4:1999; Information Technology—Security Techniques—Entity Authentication—Part 3: Mechanisms Using a Cryptographic Check Function. 2nd ed. International Organization for Standardization: Geneva, Switzerland, 1999.
- Lowe, G. Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR. Softw. Concepts Tools 1996, 17, 93–102. [Google Scholar] [CrossRef]
- Needham, R.M.; Schroeder, M.D. Using Encryption for Authentication in Large Networks of Computers. Commun. ACM 1978, 21, 993–999. [Google Scholar] [CrossRef]
- Otway, D.J.; Rees, O. Efficient and Timely Mutual Authentication. ACM SIGOPS Oper. Syst. Rev. 1987, 21, 8–10. [Google Scholar] [CrossRef]
- Paulson, L.C. Inductive Analysis of the Internet Protocol TLS. ACM Trans. Inf. Syst. Secur. 1999, 2, 332–351. [Google Scholar] [CrossRef]
- Woo, T.Y.; Lam, S.S. Authentication for distributed systems. Computer 1992, 25, 39–52. [Google Scholar] [CrossRef]
- Paulson, L.C. The Yahalom Protocol. In Proceedings of the Security Protocols: 7th International Workshop, Cambridge, UK, 19–21 April 1999; Proceedings 7. Springer: Berlin/Heidelberg, Germany, 2000; pp. 78–84. [Google Scholar] [CrossRef]
- Likert, R. A technique for the measurement of attitudes. Arch. Psychol. 1932, 140, 5–55. [Google Scholar]
- Clark, L.A.; Watson, D. Constructing validity: New developments in creating objective measuring instruments. Psychol. Assess. 2019, 31, 1412. [Google Scholar] [CrossRef]
- LimeSurvey Team. LimeSurvey: An Open Source Survey Tool. 2024. Available online: https://www.limesurvey.org (accessed on 14 October 2024).
- Leino, K.R.M. Dafny: An Automatic Program Verifier for Functional Correctness. In Proceedings of the Logic for Programming, Artificial Intelligence, and Reasoning—16th International Conference, LPAR-16, Dakar, Senegal, 25 April–1 May 2010; Revised Selected Papers; Lecture Notes in Computer Science. Clarke, E.M., Voronkov, A., Eds.; Springer: Berlin/Heidelberg, Germany, 2010; Volume 6355, pp. 348–370. [Google Scholar] [CrossRef]
- Brezocnik, Z.; Vlaovic, B.; Vreze, A. SpinRCP: The eclipse rich client platform integrated development environment for the spin model checker. In Proceedings of the 2014 International Symposium on Model Checking of Software, SPIN 2014, Proceedings, San Jose, CA, USA, 21–23 July 2014; Rungta, N., Tkachuk, O., Eds.; ACM: New York, NY, USA, 2014; pp. 125–128. [Google Scholar] [CrossRef]
- Holzmann, G.J. The SPIN Model Checker—Primer and Reference Manual; Addison-Wesley: Boston, MA, USA, 2004. [Google Scholar]
- Masci, P.; Muñoz, C.A. An Integrated Development Environment for the Prototype Verification System. In Proceedings of the Fifth Workshop on Formal Integrated Development Environment, F-IDE@FM 2019, Porto, Portugal, 7 October 2019; EPTCS. Monahan, R., Prevosto, V., Proença, J., Eds.; Open Publishing Association: The Hague, The Netherlands, 2019; Volume 310, pp. 35–49. [Google Scholar] [CrossRef]
- Owre, S.; Rushby, J.M.; Shankar, N. PVS: A Prototype Verification System. In Proceedings of the Automated Deduction—CADE-11, 11th International Conference on Automated Deduction, Saratoga Springs, NY, USA, 15–18 June 1992; Proceedings; Lecture Notes in Computer Science. Kapur, D., Ed.; Springer: Berlin/Heidelberg, Germany, 1992; Volume 607, pp. 748–752. [Google Scholar] [CrossRef]
- Metere, R.; Arnaboldi, L. MetaCP: Cryptographic Protocol Design Tool for Formal Verification. arXiv 2021, arXiv:2105.09150. [Google Scholar] [CrossRef]
- Braghin, C.; Lilli, M.; Riccobene, E.; Baba, M. Kant: A Domain-Specific Language for Modeling Security Protocols. In Proceedings of the 12th International Conference on Model-Based Software and Systems Engineering, MODELSWARD 2024, Rome, Italy, 21–23 February 2024; Mayo, F.J.D., Pires, L.F., Seidewitz, E., Eds.; SciTePress: Setúbal, Portugal, 2024; pp. 62–73. [Google Scholar] [CrossRef]
- Glouche, Y.; Genet, T.; Heen, O.; Courtay, O. A security protocol animator tool for AVISPA. In Proceedings of the ARTIST2 Workshop on Security Specification and Verification of Embedded Systems, Pisa, Italy, 18 May 2006; pp. 1–7. [Google Scholar]
- Boichut, Y.; Genet, T.; Glouche, Y.; Heen, O. Using animation to improve formal specifications of security protocols. In Proceedings of the 2nd Conference on Security in Network Architectures and Information Systems (SARSSI 2007), Annecy, France, 12–15 June 2007; pp. 169–182. [Google Scholar]
- Armando, A.; Basin, D.; Boichut, Y.; Chevalier, Y.; Compagna, L.; Cuéllar, J.; Drielsma, P.H.; Héam, P.C.; Kouchnarenko, O.; Mantovani, J.; et al. The AVISPA tool for the automated validation of internet security protocols and applications. In Proceedings of the Computer Aided Verification, Edinburgh, UK, 6–10 July 2005; Springer: Berlin/Heidelberg, Germany, 2005; pp. 281–285. [Google Scholar] [CrossRef]
- Rusinowitch, M. Automated analysis of security protocols. In Proceedings of the 12th International Workshop on Functional and Constraint Logic Programming, WFLP 2003, in Connection with RDP’03, Federated Conference on Rewriting, Deduction and Programming, Boulder, CO, USA, 14 July 2003; Electronic Notes in Theoretical Computer Science. Brim, L., Grumberg, O., Eds.; Elsevier: Amsterdam, The Netherlands, 2003; Volume 86, pp. 12–15. [Google Scholar] [CrossRef]
- Lifepillar. Vim Mode for Formal Languages; GitHub: San Francisco, CA, USA, 2024; Available online: https://github.com/lifepillar/vim-formal-package (accessed on 20 November 2024).
- Whitefield, J.; Ralf Sasse, B.F. Sublime Text 3 plug-in for Tamarin. Available online: https://github.com/tamarin-prover/editor-sublime (accessed on 20 November 2024).
- Malladi, S.; Blanchet, B. ProVerif Web Interface; Inria: Paris, France, 2024; Available online: http://proverif20.paris.inria.fr/index.php (accessed on 20 November 2024).
- Nicolas, G.; Cheval, V. ProVerif Syntax Highlighting for VS Code; Inria: Paris, France, 2024; Available online: https://marketplace.visualstudio.com/items?itemName=georgio.proverif-vscode (accessed on 20 November 2024).
- Edvardsson, Ú.J.; Hoffmann, V.J.L. OFMC-GUI; GitHub: San Francisco, CA, USA, 2024; Available online: https://github.com/ulfur88/OFMC-GUI (accessed on 20 November 2024).
- de Ruiter, J. ProVerif Editor; Inria: Paris, France, 2024; Available online: https://proverifeditor.sourceforge.net/ (accessed on 20 November 2024).
- Schmidt, B.; Meier, S.; Cremers, C.; Basin, D. Automated analysis of Diffie–Hellman protocols and advanced security properties. In Proceedings of the Computer Security Foundations Symposium (CSF), 2012 IEEE 25th, Cambridge, MA, USA, 25–27 June 2012; IEEE: Piscataway, NJ, USA, 2012; pp. 78–94. [Google Scholar] [CrossRef]
Protocol | Goals/ Attacks | OFMC (2 Sessions) | ProVerif (Unlimited S.) | ||||
---|---|---|---|---|---|---|---|
all | sgl | Δ% | all | sgl | Δ% | ||
Carlsen [66,67] | 3/0 | 5.64 | 6.07 | 7.62 | 0.090 | 0.032 | −64.44 |
H530 [67,68] | 2/2 | 16.05 | 19.14 | 19.25 | 0.257 | 0.081 | −68.48 |
IKEv2DS [67,69] | 4/0 | 32.86 | 34.78 | 5.84 | 2.774 | 0.980 | −64.67 |
ISO5Pass [67,70] | 3/2 | 1.22 | 23.25 | 1805.74 | 0.337 | 0.093 | −72.40 |
ISOCCF3PassMutual [67,71] | 2/0 | 3.47 | 4.19 | 20.75 | 0.042 | 0.021 | −50.00 |
NSL [67,72] | 2/0 | 0.78 | 0.81 | 3.85 | 0.062 | 0.028 | −54.84 |
NSPK [67,73] | 4/4 | 0.32 | 0.88 | 175.00 | 0.077 | 0.027 | −64.94 |
Otway-Rees [67,74] | 3/0 | 16.78 | 17.38 | 3.58 | 0.116 | 0.038 | −64.24 |
TLS [67,75] | 3/0 | 70.24 | 68.69 | −2.21 | 0.504 | 0.068 | −85.51 |
Woo-Lam 92 [67,76] | 3/1 | 266.57 | 325.21 | 22.00 | 8.329 | 2.401 | −71.17 |
Yahalom [67,77] | 6/1 | 2.38 | 4.28 | 79.83 | 0.131 | 0.030 | −77.10 |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2024 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Garcia, R.; Modesti, P. A Practical Approach to Formal Methods: An Eclipse Integrated Development Environment (IDE) for Security Protocols. Electronics 2024, 13, 4660. https://doi.org/10.3390/electronics13234660
Garcia R, Modesti P. A Practical Approach to Formal Methods: An Eclipse Integrated Development Environment (IDE) for Security Protocols. Electronics. 2024; 13(23):4660. https://doi.org/10.3390/electronics13234660
Chicago/Turabian StyleGarcia, Rémi, and Paolo Modesti. 2024. "A Practical Approach to Formal Methods: An Eclipse Integrated Development Environment (IDE) for Security Protocols" Electronics 13, no. 23: 4660. https://doi.org/10.3390/electronics13234660
APA StyleGarcia, R., & Modesti, P. (2024). A Practical Approach to Formal Methods: An Eclipse Integrated Development Environment (IDE) for Security Protocols. Electronics, 13(23), 4660. https://doi.org/10.3390/electronics13234660