Skip to main content
Springer Nature Link
Log in

Finding Bugs in Network Protocols Using Simulation Code and Protocol-Specific Heuristics

  • Conference paper
Formal Methods and Software Engineering (ICFEM 2005)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 3785))

Included in the following conference series:

  • 686 Accesses

Abstract

Traditional network simulators perform well in evaluating the performance of network protocols but lack the capability of verifying the correctness of protocols. To address this problem, we have extended the J-Sim network simulator with a model checking capability that explores the state space of a network protocol to find an execution that violates a safety invariant. In this paper, we demonstrate the usefulness of this integrated tool for verification and performance evaluation by analyzing two widely used and important network protocols: AODV and directed diffusion. Our analysis discovered a previously unknown bug in the J-Sim implementation of AODV. More importantly, we also discovered a serious deficiency in directed diffusion. To enable the analysis of these fairly complex protocols, we needed to develop protocol-specific search heuristics that guide state-space exploration. We report our findings on discovering good search heuristics to analyze network protocols similar to AODV and directed diffusion.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Saha, A.K., To, K., PalChaudhuri, S., Du, S., Johnson, D.B.: Physical implementation of ad hoc network routing protocols using unmodified ns-2 models. In: ACM MobiCom 2004, Poster (2004)

    Google Scholar 

  2. Havelund, K.: Java Pathfinder, a translator from Java to Promela. In: Dams, D.R., Gerth, R., Leue, S., Massink, M. (eds.) SPIN 1999. LNCS, vol. 1680, p. 152. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  3. Musuvathi, M., Park, D.Y.W., Chou, A., Engler, D.R., Dill, D.L.: CMC: A pragmatic approach to model checking real code. In: Proc. of OSDI 2002 (2002)

    Google Scholar 

  4. Ball, T., Rajamani, S.K.: The SLAM Toolkit. In: Berry, G., Comon, H., Finkel, A. (eds.) CAV 2001. LNCS, vol. 2102, p. 260. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  5. Chaki, S., Clarke, E., Groce, A., Jha, S., Veith, H.: Modular Verification of Software Components in C. In: Proc. of ICSE 2003 (2003)

    Google Scholar 

  6. Henzinger, T.A., Jhala, R., Majumdar, R., Sutre, G.: Lazy Abstraction. In: Proc. of POPL 2002 (2002)

    Google Scholar 

  7. Farzan, A., Chen, F., Meseguer, J., Rosu, G.: Formal analysis of Java programs in JavaFAN. In: Alur, R., Peled, D.A. (eds.) CAV 2004. LNCS, vol. 3114, pp. 501–505. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  8. J-Sim, http://www.j-sim.org/

  9. Clarke, E.M., Grumberg, O., Peled, D.: Model Checking. MIT Press, Cambridge (1999)

    Google Scholar 

  10. Sobeih, A., Viswanathan, M., Hou, J.C.: Check and Simulate: A case for incorporating model checking in network simulation. In: Proc. of ACM-IEEE MEMOCODE 2004 (2004)

    Google Scholar 

  11. Perkins, C.E., Royer, E.M.: Ad-hoc on-demand distance vector routing. In: Proc. of IEEE WMCSA 1999 (1999)

    Google Scholar 

  12. Perkins, C.E., Royer, E.M., Das, S.: Ad hoc on demand distance vector (aodv) routing, IETF Draft (January 2002)

    Google Scholar 

  13. Intanagonwiwat, C., Govindan, R., Estrin, D.: Directed diffusion: A scalable and robust communication paradigm for sensor networks. In: Proc. of ACM MobiCom 2000 (2000)

    Google Scholar 

  14. Musuvathi, M., Engler, D.R.: Model checking large network protocol implementations. In: Proc. of NSDI 2004 (2004)

    Google Scholar 

  15. Edelkamp, S., Leue, S., Lluch-Lafuente, A.: Directed Explicit-State Model Checking in the Validation of Communication Protocols. International Journal on Software Tools for Technology Transfer (STTT) 5(2-3), 247–267 (2004)

    Article  Google Scholar 

  16. Hart, P.E., Nilsson, N.J., Raphael, B.: A formal basis for heuristic determination of minimum path cost. IEEE Transactions on Systems Science and Cybernetics 4, 100–107 (1968)

    Article  Google Scholar 

  17. Sobeih, A., Viswanathan, M., Hou, J.C.: Incorporating Bounded Model Checking in Network Simulation: Theory, Implementation and Evaluation, Tech. Rep. UIUCDCS-R-2004-2466, Department of Computer Science, University of Illinois at Urbana-Champaign (July 2004)

    Google Scholar 

  18. Bhargavan, K., Obradovic, D., Gunter, C.A.: Formal verification of standards for distance vector routing protocols. Journal of the ACM 49(4), 538–576 (2002)

    Article  MathSciNet  Google Scholar 

  19. Sobeih, A., Viswanathan, M., Hou, J.C.: Bounded Model Checking of Network Protocols in Network Simulators by Exploiting Protocol-Specific Heuristics, Tech. Rep. UIUCDCS-R-2005-2547, Department of Computer Science, University of Illinois at Urbana-Champaign (April 2005)

    Google Scholar 

  20. Godefroid, P.: Model checking for programming languages using VeriSoft. In: Proc. of ACM POPL 1997 (1997)

    Google Scholar 

  21. Flanagan, C., Godefroid, P.: Dynamic partial-order reduction for model checking software. In: Proc. of ACM POPL 2005 (2005)

    Google Scholar 

  22. Godefroid, P., Khurshid, S.: Exploring very large state spaces using genetic algorithms. In: Katoen, J.-P., Stevens, P. (eds.) TACAS 2002. LNCS, vol. 2280, p. 266. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  23. Holzmann, G.J.: The model checker SPIN. IEEE Trans. on Software Engineering 23(5), 279–295 (1997)

    Article  MathSciNet  Google Scholar 

  24. McMillan, K.: Symbolic Model Checking. Kluwer Academic Publishers, Dordrecht (1993)

    MATH  Google Scholar 

  25. Dill, D.L., Drexler, A.J., Hu, A.J., Yang, C.H.: Protocol verification as a hardware design aid. In: Proc. of IEEE ICCD 1992 (1992)

    Google Scholar 

  26. Park, D.Y., Stern, U., Skakkebæk, J.U., Dill, D.L.: Java model checking. In: Proc. of IEEE ASE 2000 (2000)

    Google Scholar 

  27. Corbett, J., Dwyer, M., Hatcliff, J., Păsăreanu, C., Robby, Laubach, S., Zheng, H.: Bandera: Extracting finite state models from Java source code. In: Proc. of ICSE (2000)

    Google Scholar 

  28. Lee, D., Chen, D., Hao, R., Miller, R.E., Wu, J., Yin, X.: A formal approach for passive testing of protocol data portions. In: Proc. of IEEE ICNP 2002 (2002)

    Google Scholar 

  29. Naumovich, G.N., Clarke, L.A., Osterweil, L.J.: Verification of communication protocols using data flow analysis. In: Proc. of ACM SIGSOFT 1996 (1996)

    Google Scholar 

  30. Visser, W., Havelund, K., Brat, G., Park, S.: Model checking programs. In: Proc. of IEEE ASE 2000 (2000)

    Google Scholar 

  31. Tan, J., Avrunin, G.S., Clarke, L.A., Zilberstein, S., Leue, S.: Heuristic-guided counterexample search in FLAVERS. In: Proc. of ACM SIGSOFT 2004/FSE-12 (2004)

    Google Scholar 

  32. Yang, C.H., Dill, D.L.: Validation with guided search of the state space. In: Proc. of ACM/IEE DAC 1998 (1998)

    Google Scholar 

  33. Groce, A., Visser, W.: Heuristics for Model Checking Java Programs. International Journal on Software Tools for Technology Transfer (STTT) 6(4), 260–276 (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, University of Illinois at Urbana-Champaign, Urbana, IL, 61801, USA

    Ahmed Sobeih, Mahesh Viswanathan, Darko Marinov & Jennifer C. Hou

Authors
  1. Ahmed Sobeih
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mahesh Viswanathan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Darko Marinov
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jennifer C. Hou
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Computer Science, The University of Manchester, M13 9PL, Manchester, United Kingdom

    Kung-Kiu Lau

  2. School of Computer Science, University of Manchester, M13 9PL, Manchester, UK

    Richard Banach

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Sobeih, A., Viswanathan, M., Marinov, D., Hou, J.C. (2005). Finding Bugs in Network Protocols Using Simulation Code and Protocol-Specific Heuristics. In: Lau, KK., Banach, R. (eds) Formal Methods and Software Engineering. ICFEM 2005. Lecture Notes in Computer Science, vol 3785. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11576280_17

Download citation

  • DOI: https://doi.org/10.1007/11576280_17

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-29797-0

  • Online ISBN: 978-3-540-32250-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics