An IDE for the Design, Verification and Implementation of Security Protocols
Title | An IDE for the Design, Verification and Implementation of Security Protocols |
Publication Type | Conference Paper |
Year of Publication | 2017 |
Authors | Garcia, R., Modesti, P. |
Conference Name | 2017 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) |
Date Published | oct |
ISBN Number | 978-1-5386-2387-9 |
Keywords | AnBx compiler, code generator, compiler security, composability, dependable distributed applications, Design, Eclipse-based IDE, Encryption, formal method tools, formal modelling, formal specification, formal verification, Generators, implementation, integrated development environment, intuitive language AnB, Java, model checker OFMC, program compilers, program verification, protocol verification, Protocols, pubcrawl, Resiliency, secure distributed applications, security of data, security protocols, software engineering, Tools, verification |
Abstract | Security protocols are critical components for the construction of secure and dependable distributed applications, but their implementation is challenging and error prone. Therefore, tools for formal modelling and analysis of security protocols can be potentially very useful to support software engineers. However, despite such tools have been available for a long time, their adoption outside the research community has been very limited. In fact, most practitioners find such applications too complex and hardly usable for their daily work. In this paper, we present an Integrated Development Environment for the design, verification and implementation of security protocols, aimed at lowering the adoption barrier of formal methods tools for security. In the spirit of Model Driven Development, the environment supports the user in the specification of the model using the simple and intuitive language AnB (and its extension AnBx). Moreover, it provides a push-button solution for the formal verification of the abstract and concrete models, and for the automatic generation of Java implementation. This Eclipse-based IDE leverages on existing languages and tools for modelling and verification of security protocols, such as the AnBx Compiler and Code Generator, the model checker OFMC and the protocol verifier ProVerif. |
URL | https://ieeexplore.ieee.org/document/8109278/ |
DOI | 10.1109/ISSREW.2017.69 |
Citation Key | garcia_ide_2017 |
- intuitive language AnB
- verification
- tools
- software engineering
- security protocols
- security of data
- secure distributed applications
- Resiliency
- pubcrawl
- Protocols
- protocol verification
- program verification
- program compilers
- model checker OFMC
- Java
- AnBx compiler
- integrated development environment
- implementation
- Generators
- formal verification
- Formal Specification
- formal modelling
- formal method tools
- encryption
- Eclipse-based IDE
- design
- dependable distributed applications
- composability
- compiler security
- code generator