PFMC: a parallel symbolic model checker for security protocol verification

IEEE International Conference on Formal Engineering Methods Pub Date : 2022-07-20 DOI:10.48550/arXiv.2207.09895

A. James, Alwen Tiu, Nisansala Yatapanage

{"title":"PFMC: a parallel symbolic model checker for security protocol verification","authors":"A. James, Alwen Tiu, Nisansala Yatapanage","doi":"10.48550/arXiv.2207.09895","DOIUrl":null,"url":null,"abstract":". We present an investigation into the design and implementation of a parallel model checker for security protocol veriﬁcation that is based on a symbolic model of the adversary, where instantiations of concrete terms and messages are avoided until needed to resolve a particular assertion. We propose to build on this naturally lazy approach to parallelise this symbolic state exploration and evaluation. We utilise the concept of strategies in Haskell, which abstracts away from the low-level details of thread management and modularly adds parallel evaluation strategies (encapsulated as a monad in Haskell). We build on an existing symbolic model checker, OFMC, which is already implemented in Haskell. We show that there is a very signiﬁcant speed up of around 3-5 times improvement when moving from the original single-threaded implementation of OFMC to our multi-threaded version, for both the Dolev-Yao attacker model and more general algebraic attacker models. We identify several issues in parallelising the model checker: among oth-ers, controlling growth of memory consumption, balancing lazy vs strict evaluation, and achieving an optimal granularity of parallelism.","PeriodicalId":198480,"journal":{"name":"IEEE International Conference on Formal Engineering Methods","volume":"90 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-07-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE International Conference on Formal Engineering Methods","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.48550/arXiv.2207.09895","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

. We present an investigation into the design and implementation of a parallel model checker for security protocol veriﬁcation that is based on a symbolic model of the adversary, where instantiations of concrete terms and messages are avoided until needed to resolve a particular assertion. We propose to build on this naturally lazy approach to parallelise this symbolic state exploration and evaluation. We utilise the concept of strategies in Haskell, which abstracts away from the low-level details of thread management and modularly adds parallel evaluation strategies (encapsulated as a monad in Haskell). We build on an existing symbolic model checker, OFMC, which is already implemented in Haskell. We show that there is a very signiﬁcant speed up of around 3-5 times improvement when moving from the original single-threaded implementation of OFMC to our multi-threaded version, for both the Dolev-Yao attacker model and more general algebraic attacker models. We identify several issues in parallelising the model checker: among oth-ers, controlling growth of memory consumption, balancing lazy vs strict evaluation, and achieving an optimal granularity of parallelism.

查看原文本刊更多论文

PFMC:用于安全协议验证的并行符号模型检查器

．我们对安全协议验证的并行模型检查器的设计和实现进行了调查，该检查器基于对手的符号模型，其中避免了具体术语和消息的实例化，直到需要解决特定断言。我们建议以这种自然懒惰的方法为基础，并行化这种符号状态的探索和评估。我们利用了Haskell中的策略概念，它从线程管理的底层细节中抽象出来，并模块化地添加了并行计算策略(在Haskell中封装为monad)。我们建立在一个已经在Haskell中实现的符号模型检查器OFMC的基础上。我们发现，对于Dolev-Yao攻击者模型和更一般的代数攻击者模型，从最初的单线程OFMC实现到我们的多线程版本，有一个非常显著的速度提升，大约是3-5倍。我们确定了并行化模型检查器的几个问题:其中，控制内存消耗的增长，平衡懒惰和严格的评估，以及实现并行的最佳粒度。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE International Conference on Formal Engineering Methods

自引率

0.00%

发文量