Formal Verification of Stateful Services with REST APIs Using Event-B.

Our approach involves a formal model of the APIs, developed using the Event-B formal method which is automatically translated to a set of assertions and embedded in the existing implementation of APIs. ... In this paper, we propose a formal approach to integration testing through automatic generation of runtime assertions in order to test the implementation of the APIs. ... Our integration testing approach consists of three stages: 1) formal modelling of the framework APIs in Event-B language, 2) formal verification of consistency properties (including order of API calls ...

doi:10.1109/les.2019.2955316 fatcat:57ncegiszffbvawf4m3sdzsg54

To face these issues, we propose a lightweight approach to runtime verification, for monitoring and failure detection of cloud computing systems. ... We performed a preliminary evaluation of the proposed approach in the OpenStack cloud management platform, an "off-the-shelf" distributed system, showing that the approach can be applied with high failure ... A={all distinct events of type "A" happened in [t, t+∆]} B ={all distinct events of type "B" happened in [t, t+∆]} (2) with |A|=|B|=n. ...

arXiv:2010.06607v1 fatcat:xaq4zxccgzh4pnsusqefwbqbam

In order to address problems of modeling and verification of Web services, several process calculi have been proposed for SOAP-based Web services but none for the RESTful Web services based systems. ... The aim of the article is to see how process calculi for SOAP-based systems deal with different aspects of their modeling domain, and whether their approaches can be used to model RESTful and ROA systems ... The aim for the Authors was to formalize REST and ROA behavior in order to provide an automated verification of a behavior of a RESTful service. ...

doi:10.1515/fcds-2015-0015 fatcat:lwxcsr2pezemzdshu3atwfx674

DOAJ

We present here the result of our verification of the scheduler of the only SCJ virtual machine up to date with the standard and publicly available, the icecap HVM. ... SCJ programs require the use of specialised virtual machines. ... The authors gratefully acknowledge useful feedback from anonymous referees, and Stephan Erbs Korsholm and Shuai Zhao for their help in understanding the icecap HVM and its rationale. ...

doi:10.1007/978-3-319-33693-0_5 fatcat:gnzetqyj3zd53ju26eumeatmwa

This is not surprising, because both YubiKey and YubiHSM, which make use of cryptographic APIs, involve a number of complex features: (i) discrete time in the form of Lamport clocks, (ii) a mutable memory ... for storing previously seen keys or nonces, (iii) event-based properties that require an analysis of sequences of actions, and (iv) reasoning modulo exclusive-or. ... Figure 1 [18] is a simple example of a YubiKey API execution, where the three roles are as follows: the user (Browser), the service (YubiCloud), and the verification server running the YubiKey API. ...

arXiv:1806.07209v1 fatcat:c5f6eodqpfcezcivwc2f5clbhq

As well as using various Event-B properties like formal verification, functional checks, and model checkers to design different formal spoofing attacks for the IoT environment. ... During this paper, a framework in the Event-B formal method will be used to design a formal description of the secure IoT architecture to cover the security properties of the IoT architecture. ... for refinements and invariants used for verification of required security properties. • Detecting some IoT security attacks using Event-B formal method. ...

doi:10.14569/ijacsa.2021.0120317 fatcat:4sddznlnmjhjdlgsqpsemlskxu

Szczepanski

The architecture uses the Open Services for Lifecycle Collaboration (OSLC) technology to create a reactive middleware that informs all stakeholders about any changes in the development artefacts. ... The architecture includes an open toolbox which provides tools as a service to support various phases of system engineering. ... deployment of formal verification in industry. ...

doi:10.1145/2785592.2785611 dblp:conf/ispw/Adjepon-YamoahR15 fatcat:dq5mkyg6wzeh3kokvqp2klrqiu

Formal modelling and verification are widely used in the development of safety-critical systems. They aim at providing a mathematically-grounded argument about system safety. ... Our approach establishes a link between safety requirements, Event-B models and corresponding fragments of a safety case. ... In terms of Event-B, the particular system states we are interested in are usually associated with some desired post-states of specific model events. ...

doi:10.1007/978-3-319-25942-0_13 fatcat:ljblurbg4vc2nereld5v7erdjy

The main goal of the tool is to provide an easy-to-use environment for the verification of requirements in Cyber-Physical Systems (CPS). ... On the other hand, automated consistency checking most often requires overburdening formalizations. In this paper we introduce REQV, a tool for formal consistency checking of requirements. ... server application that provides services as REST APIs. ...

doi:10.1109/icst.2019.00043 dblp:conf/icst/VuottoNPT19 fatcat:6bbccspmsffpfbesbyh3oerpc4

intensity using state-of-the-art LPWAN technology. ... This paper presents a service-based software architecture and technical framework supporting runtime verification for widely deployed, volatile IoT systems. ... , for end-devices communicating using state-of-the-art LPWAN technology [5] . ...

doi:10.1109/tsc.2021.3074956 fatcat:j7kt5k6vv5azvmy7kcbbydp2cu

We show that the direct paging mechanism can be implemented using a compact design, suitable for formal verification down to a low level of abstraction, without penalizing system performance. ... The verification is performed using the HOL4 theorem prover and uses a detailed model of the ARMv7-A ISA, including the MMU. ... Verification Approach The TLS models user mode execution of an arbitrary guest system on top of an ARMv7 CPU with MMU support, alternating with abstract handler events. ...

doi:10.1007/978-3-319-22846-4_8 fatcat:gv5qmeojtbgg5nedfbmo2mvbgq

Advanced tools need to support flexibility, specialization and collaborative evolution of the design where the exchange of knowledge between domain experts helps to improve informed decision making. ... The convergence of information technologies (IT) has enabled the Digital Enterprise in which engineering, production planning, manufacturing and sales processes are supported by IT-based collaboration, ... The verification itself is performed by the verification tool HAVLE 3 provided through a REST service. ...

doi:10.4108/icst.collaboratecom.2013.254053 dblp:conf/colcom/ZinnikusCKKNSS13 fatcat:mdxhouf32fbalmccwq7e4vwupy

Dynamic formal verification is a key tool for providing ongoing confidence that a system is meeting its requirements while in use, especially when paired with static formal verification before the system ... is in use. ... Integrating formal methods with existing non-formal safety techniques is useful, often necessary [3] , and provides another tool for the verification toolbox. ...

arXiv:2007.03522v3 fatcat:ap3stj3tszfhrobleirx73hvba

Open Access Multiple Versions

Advanced tools need to support flexibility, specialization and collaborative evolution of the design where the exchange of knowledge between domain experts helps to improve informed decision making. ... The convergence of information technologies (IT) has enabled the Digital Enterprise in which engineering, production planning, manufacturing and sales processes are supported by IT-based collaboration, ... Clients in turn do not operate directly on the verification's REST API anymore, but communicate with the integration server which in turn processes the messages to the verification service via the attached ...

doi:10.4108/cc.1.1.e5 fatcat:lefzzz4kybbzvkvo6pkxnlnkmy

DOAJ

of occupants and providing appropriate services accordingly. ... Consequently, the objective of this paper is to propose a set of novel WoT-driven plug-and-play service management schemes for a smart home called Resource-Oriented Service Administration (ROSA). ... Uri and Kedar's work pioneered the research on formalizing and verification of RESTful services. ...

doi:10.3390/s17102159 pmid:28934159 pmcid:PMC5677407 fatcat:g2kf2bzmxzaqhhaiaryvepv7ha

DOAJ

Verifying Cross-layer Interactions through Formal Model-based Assertion Generation

Preserved Fulltext

Towards Runtime Verification via Event Stream Processing in Cloud Computing Infrastructures [article]

Preserved Fulltext

Towards a Process Calculus for Rest: Current State of the Art

Preserved Fulltext

Modelling and Verifying a Priority Scheduler for an SCJ Runtime Environment [chapter]

Preserved Fulltext

Formal verification of the YubiKey and YubiHSM APIs in Maude-NPA [article]

Preserved Fulltext

Formal Verification of an Efficient Architecture to Enhance the Security in IoT

Preserved Fulltext

A reactive architecture for cloud-based system engineering

Preserved Fulltext

From Requirements Engineering to Safety Assurance: Refinement Approach [chapter]

Preserved Fulltext

Poster: Automatic Consistency Checking of Requirements with ReqV

Preserved Fulltext

Edge-based Runtime Verification for the Internet of Things

Preserved Fulltext

Trustworthy Memory Isolation of Linux on Embedded Devices [chapter]

Preserved Fulltext

A Collaborative Virtual Workspace for Factory Configuration and Evaluation

Preserved Fulltext

Offline Runtime Verification of Safety Requirements using CSP [article]

Preserved Fulltext

Other Versions

A Collaborative VirtualWorkspace for Factory Configuration and Evaluation

Preserved Fulltext

ROSA: Resource-Oriented Service Management Schemes for Web of Things in a Smart Home

Preserved Fulltext