Case studyProtocol converter validation through deductive inference: a case study
Introduction
A communication system functions properly and can be implemented faithfully only when its communication protocols are specified unambiguously. In other words, the most important thing is that the protocols must be shown to be correct. Verification or validation [1]is the process of showing the correctness of a protocol. Verification and validation are often used interchangeably. According to Sunshine [2], protocol verification is a demonstration that the interactions of the communicating entities, based on their protocol specification and the specification of the services provided by the layer below, satisfy the service specification, whereas protocol validation refers to the more limited analysis that the protocol specification satisfies a number of general correctness properties that are essential to all, or nearly all protocols. The general correctness properties include Completeness, Freedom from deadlock, Freedom from livelock, Absence of tempo-blocking loops, Freedom from channel overflow, Freedom from unspecified receptions and Termination [1].
The approaches to protocol validation heavily depend on the models used for specification. There are mainly two ways to ensure the correctness of the protocol behaviour: (i) Reachability Analysis and (ii) Deductive Inference (or Program Proofs). The former is based on exhaustively exploring all the possible interactions of the communicating protocol entities within a layer 3, 4, 5, 6, whereas the latter is based on a list of statements of properties, e.g. safety and liveness or progress properties, and a list of axioms and rules for inferring the statements from the axioms 7, 8, 9.
The reachability analysis was first proposed by West et al. 10, 11and later improved by a number of researchers 3, 12, 13. It analyzes the reachability of the various global state generated by perturbing the initial global state. The global state of the protocol system is specified by a joint description of the states of the CFSMs and queues. If G denotes the set of all possible global states g0, the portion of the graph that is reachable from g0 is referred to as the reachability graph or reachability tree. The reachability analysis constructs this reachability graph, by successively exploring all reachable global states from the initial global state. However, the construction of the reachablity tree often encounters the state explosion problem in which the size of the global state graph grows exponentially with the protocol complexity, though many researchers 14, 15have proposed the reduced reachability analysis to overcome the state explosion problem. In fact, for complex protocols, this technique becomes too complicated for a complete generation and examination of all reachable global states [1].
The deductive inference is however free from state explosion problems because it depends on a list of statements of properties. The safety properties describe what a system is allowed to do and liveness properties describe what it must do [9]. This motivates us to examine a protocol converter, generated by complementation approach 9, 16, 17, 18through several properties and theorems.
The rest of this paper is organized as follows. Section 2presents some basic definitions and design methodology in brief, while Section 3describes several properties and their basis. Section 4gives different theorems along with their proof and Section 5concludes the paper.
Section snippets
Definitions
This section presents formal definitions of some basic terms in protocol converter research and converter design methodology 9, 17for the completeness of the paper.
Properties
Property 1. It is given that protocols P=〈Ps, Pr〉 and Q=〈Qs, Qr〉 are safe and cyclic. If there exist complemented machines Pr′ and Qs′ then Pr′ and Qs′ contain all the semantics of protocols P and Q.
Basis. This is a safety property of algorithm Complement. Algorithm Complement constructs complemented machines Pr′ and Qs′ from protocol CFSMs P and Q. A partial transition function δΔ is defined as follows: or Sj if . Similarly, or Si
Theorems
Theorem 1. If there exists at least one common function between the protocols, it is possible to construct Pr′, Qs′ and H=〈Pr′∪Qs′〉 provided protocols P=〈Ps, Pr〉 and Q=〈Qs, Qr〉 are given.
Proof. The proof of the theorem follows from the definition of Complementation. According to it, the allowed message exchanges in protocol P should be the subset of the same in protocol Q, i.e. Tp⊂TQ.
If it does not exist then the projection of whole set of transitions onto another protocol occurs, known as
Conclusion
This paper presents the validation of an example protocol converter generated by the protocol complementation approach 9, 17. Several properties and theorems provide us the assurance that the algorithms perform as desired. It stated conditions under which the resulting converter would be free from errors. Therefore, it is proved that the complementation algorithm provides a sufficient condition for finding a useful converter.
As stated earlier, deductive inference has several advantages over
Acknowledgements
Research reported herein was supported by the Council of Scientific and Industrial Research (CSIR), Governement of India.
References (18)
- et al.
Protocol validation by fair progress state exploration
Comp. Net. and ISDN Systs.
(1985) - et al.
Automated protocol validation: one chain approach
Comp. Nets.
(1978) - et al.
Design of simplified protocol converters through protocol complementation
Computer Communication
(1997) - M.T. Liu, Protocol engineering, in: M.C. Yovits (Ed.), Advances in Computer, vol. 29, Academic Press, New York, 1989,...
Formal techniques for protocol specification and verification
IEEE Comp. Magazine
(1979)- S.T. Voung, D.D. Cowan, Reachability analysis of protocols with FIFO channels, Proc. ACM SIGCOMM, ACM, 1983, pp....
- et al.
Protocol validation by maximal progress state exploration
IEEE Trans. Commun. COM-
(1984) - et al.
Protocol verification via projections
IEEE Trans. Soft. Engg.
(1984) - M. Rajagopal, Protocol conversion: an algorithmic approach, PhD thesis, Georgia Institute of Technology, August...