Dependability engineering in Isabelle

Kammueller, Florian ORCID logoORCID: https://orcid.org/0000-0001-5839-5488 (2021) Dependability engineering in Isabelle. Working Paper. Preprint, arXiv.org. . [Monograph]

[img]
Preview
PDF - Published version (with publisher's formatting)
Available under License Creative Commons Attribution 4.0.

Download (438kB) | Preview

Abstract

In this paper, we introduce a process of formal system development supported by interactive theorem proving in a dedicated Isabelle framework. This Isabelle Infrastructure framework implements specification and verification in a cyclic process supported by attack tree analysis closely inter-connected with formal refinement of the specification. The process is cyclic: in a repeated iteration the refinement adds more detail to the system specification. It is a known hard problem how to find the next refinement step: this problem is addressed by the attack based analysis using Kripke structures and CTL logic. We call this cyclic process the Refinement-Risk cycle (RR-cycle). It has been developed for security and privacy of IoT healthcare systems initially but is more generally applicable for safety as well, that is, dependability in general. In this paper, we present the extensions to the Isabelle Infrastructure framework implementing a formal notion of property preserving refinement interleaved with attack tree analysis for the RR-cycle. The process is illustrated on the specification development and privacy analysis of the mobile Corona-virus warning app.

Item Type: Monograph (Working Paper)
Keywords (uncontrolled): software engineering, cryptography, security
Research Areas: A. > School of Science and Technology > Computer Science
Item ID: 34266
Useful Links:
Depositing User: Florian Kammueller
Date Deposited: 15 Dec 2021 09:55
Last Modified: 15 Dec 2021 09:55
URI: https://eprints.mdx.ac.uk/id/eprint/34266

Actions (login required)

View Item View Item

Statistics

Activity Overview
6 month trend
10Downloads
6 month trend
29Hits

Additional statistics are available via IRStats2.