research-article

Feedback on the formal verification of UML models in an industrial context: the case of a smart device life cycle management system

Authors:

Frédéric Jouault,

Loïc Pallardy,

Richard PerdriauAuthors Info & Claims

MODELS '22: Proceedings of the 25th International Conference on Model Driven Engineering Languages and Systems

Pages 121 - 131

https://doi.org/10.1145/3550355.3552454

Published: 24 October 2022 Publication History

Abstract

This paper presents experience feedback on how we managed to formally verify properties on semi-formal models of a Life Cycle Management System (LCMS) for smart devices. These devices are typically structured around a System on Chip (SoC), which can provide built-in hardware security. They can offer the possibility to make the deployment of Product-Service Systems (PSSs) to consumers easier, through traceability and collaborative consumption rule enforcement. A PSS is a business model in which products and services are tightly connected. One of the main advantages of such a PSS is that it optimizes product use, with a positive environmental impact. Associating the LCMS with a blockchain-based protocol makes it possible to avoid centralization. Semi-formal UML models of such a LCMS, as well as the informal properties it must comply with, were defined in order to explore its design space and evaluate the outcomes of specific design choices. However, the security of the LCMS implementation must be guaranteed, including protocols and architecture. For that purpose, these models and properties were later improved to be formally verifiable, which ensures the security of their implementation at the expense of added complexity. The verification was carried out using two available software tools: VerifPal for the protocol model, and AnimUML (developed by one of the authors) for the architecture model. This makes the procedure accessible for non-specialists in formal verification. Finally, our feedback on the whole process as well as on VerifPal is also provided.

References

[1]

Georg Becker. 2008. Merkle signature schemes, merkle trees and their cryptanalysis. Ruhr-University Bochum, Tech. Rep 12 (2008), 19.

[2]

Bruno Blanchet. 2014. Automatic Verification of Security Protocols in the Symbolic Model: The Verifier ProVerif. In Foundations of Security Analysis and Design VII: FOSAD 2012/2013 Tutorial Lectures, Alessandro Aldini, Javier Lopez, and Fabio Martinelli (Eds.). Springer International Publishing, Cham, 54--87.

[3]

Dan Boneh, Benedikt Bünz, and Ben Fisch. 2019. Batching Techniques for Accumulators with Applications to IOPs and Stateless Blockchains. In Advances in Cryptology - CRYPTO 2019, Alexandra Boldyreva and Daniele Micciancio (Eds.). Springer International Publishing, Cham, 561--586.

Digital Library

[4]

Jordi Cabot, Robert Clarisó, and Daniel Riera. 2007. UMLtoCSP: A Tool for the Formal Verification of UML/OCL Models Using Constraint Programming. In Proceedings of the Twenty-Second IEEE/ACM International Conference on Automated Software Engineering (ASE '07). Association for Computing Machinery, New York, NY, USA, 547--548. event-place: Atlanta, Georgia, USA.

Digital Library

[5]

I. Cervesato, N.A. Durgin, P.D. Lincoln, J.C. Mitchell, and A. Scedrov. 1999. A metanotation for protocol analysis. In Proceedings of the 12th IEEE Computer Security Foundations Workshop. IEEE, 55--69. ISSN: 1063-6900.

[6]

Xiaohong Chen, Frédéric Mallet, and Xiaoshan Liu. 2020. Formally Verifying Sequence Diagrams for Safety Critical Systems. In 2020 International Symposium on Theoretical Aspects of Software Engineering (TASE). IEEE, 217--224.

[7]

G. Csertan, G. Huszerl, I. Majzik, Z. Pap, A. Pataricza, and D. Varro. 2002. VIATRA - visual automated transformations for formal verification and validation of UML models. In Proceedings 17th IEEE International Conference on Automated Software Engineering,. IEEE, 267--270. ISSN: 1938-4300.

[8]

M. Dachyar, Teuku Yuri M. Zagloel, and L. Ranjaliba Saragih. 2019. Knowledge growth and development: internet of things (IoT) research, 2006--2018. Heliyon 5, 8 (2019), e02264.

[9]

M.B. Dwyer, G.S. Avrunin, and J.C. Corbett. 1999. Patterns in property specifications for finite-state verification. In Proceedings of the 1999 International Conference on Software Engineering (IEEE Cat. No.99CB37002). IEEE, 411--420. ISSN: 0270-5257.

Digital Library

[10]

Konrad Exner, Christian Schnürmacher, Sebastian Adolphy, and Rainer Stark. 2017. Proactive Maintenance as Success Factor for Use-Oriented Product-Service Systems. Procedia CIRP 64 (2017), 330--335.

[11]

Saqib Hakak, Wazir Zada Khan, Gulshan Amin Gilkar, Basem Assiri, Mamoun Alazab, Sweta Bhattacharya, and G Thippa Reddy. 2021. Recent advances in blockchain technology: A survey on applications and challenges. International Journal of Ad Hoc and Ubiquitous Computing 38, 1--3 (2021), 82--100. Publisher: Inderscience Publishers (IEL).

Digital Library

[12]

Md Nazmul Islam and Sandip Kundu. 2021. Remote Device Management via Smart Contracts. IEEE Transactions on Consumer Electronics 68 (2021), 38 -- 46.

[13]

Frédéric Jouault, Valentin Besnard, Théo Le Calvar, Ciprian Teodorov, Matthias Brun, and Jerome Delatour. 2020. Designing, Animating, and Verifying Partial UML Models. In Proceedings of the 23rd ACM/IEEE International Conference on Model Driven Engineering Languages and Systems (MODELS '20). Association for Computing Machinery, New York, NY, USA, 211--217. event-place: Virtual Event, Canada.

Digital Library

[14]

Nadim Kobeissi, Georgio Nicolas, and Mukesh Tiwari. 2019. Verifpal: Cryptographic Protocol Analysis for the Real World. https://ia.cr/2019/971 Published: Cryptology ePrint Archive, Report 2019/971.

[15]

Thorsten Koch, Stefan Dziwok, Jörg Holtmann, and Eric Bodden. 2020. Scenario-Based Specification of Security Protocols and Transformation to Security Model Checkers. In Proceedings of the 23rd ACM/IEEE International Conference on Model Driven Engineering Languages and Systems (MODELS '20). Association for Computing Machinery, New York, NY, USA, 343--353. event-place: Virtual Event, Canada.

Digital Library

[16]

Saba Latif, Aniqa Rehman, and Nazir Ahmad Zafar. 2019. Blockchain and IoT Based Formal Model of Smart Waste Management System Using TLA+. In 2019 International Conference on Frontiers of Information Technology (FIT). IEEE, 304--3045. ISSN: 2334-3141.

[17]

Timm Lauser, Daniel Zelle, and Christoph Krauß. 2020. Security Analysis of Automotive Protocols. In Computer Science in Cars Symposium (CSCS '20). Association for Computing Machinery, New York, NY, USA, 1 -- 12.

Digital Library

[18]

Maxime Mere, Frederic Jouault, Loic Pallardy, and Richard Perdriau. 2022. Trustworthy SoC Reconfiguration Aimed at Product-Service Systems: a Literature Review. 6. To appear.

[19]

Bhabendu Kumar Mohanta, Soumyashree S Panda, and Debasish Jena. 2018. An Overview of Smart Contract and Use Cases in Blockchain Technology. In 2018 9th International Conference on Computing, Communication and Networking Technologies (ICCCNT). IEEE, 1--4.

[20]

O. K. Mont. 2002. Clarifying the concept of product-service system. Journal of Cleaner Production 10, 3 (2002), 237--245.

[21]

OMG. 2017. Unified Modeling Language. https://www.omg.org/spec/UML/2.5.1/PDF

[22]

Amir Pnueli. 1977. The temporal logic of programs. In 18th Annual Symposium on Foundations of Computer Science (sfcs 1977). IEEE, 46--57. ISSN: 0272-5428.

Digital Library

[23]

Henrique Rocha and Stéphane Ducasse. 2018. Preliminary Steps Towards Modeling Blockchain Oriented Software. In 2018 IEEE/ACM 1st International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB). IEEE, 52--57.

[24]

A Roques. 2022. Plantuml: Open-source tool that uses simple textual descriptions to draw uml diagrams. http://plantuml.com/

[25]

Robbert Gurdeep Singh, Carmen Torres Lopez, Stefan Marr, Elisa Gonzalez Boix, and Christophe Scholliers. 2019. Multiverse Debugging: Non-Deterministic Debugging for Non-Deterministic Programs (Artifact). Dagstuhl Artifacts Series 5, 2 (2019), 4:1--4:3. Place: Dagstuhl, Germany Publisher: Schloss Dagstuhl-Leibniz-Zentrum fuer Informatik.

[26]

J. P. Skudlarek, T. Katsioulas, and M. Chen. 2016. A Platform Solution for Secure Supply-Chain and Chip Life-Cycle Management. Computer 49, 8 (Aug. 2016), 28--34.

Digital Library

[27]

Antti Valmari. 1998. The state explosion problem. In Lectures on Petri Nets I: Basic Models: Advances in Petri Nets, Wolfgang Reisig and Grzegorz Rozenberg (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 429--528.

[28]

Yves Vanderperren, Wolfgang Mueller, and Wim Dehaene. 2008. UML for electronic systems design: a comprehensive overview. Design Automation for Embedded Systems 12, 4 (Dec. 2008), 261--292.

Digital Library

[29]

Jingjing Zhang, Lin Yang, Xianming Gao, Gaigai Tang, Jiyong Zhang, and Qiang Wang. 2021. Formal Analysis of QUIC Handshake Protocol Using Symbolic Model Checking. IEEE Access 9 (2021), 14836--14848.

Cited By

Jouault FBesnard VBrun MLe Calvar TChhel FClavreul MDelatour JMéré MPasquier MTeodorov C(2024)AnimUMLScience of Computer Programming10.1016/j.scico.2023.103050232:COnline publication date: 27-Feb-2024
https://dl.acm.org/doi/10.1016/j.scico.2023.103050
Méré MJouault FPallardy LPerdriau R(2024)Evaluating formal model verification tools in an industrial context: the case of a smart device life cycle management systemSoftware and Systems Modeling10.1007/s10270-024-01201-0Online publication date: 16-Aug-2024
https://doi.org/10.1007/s10270-024-01201-0
Pasquier MTeodorov CJouault FBrun MLagadec L(2023)Debugging Paxos in the UML Multiverse2023 ACM/IEEE International Conference on Model Driven Engineering Languages and Systems Companion (MODELS-C)10.1109/MODELS-C59198.2023.00130(811-820)Online publication date: 1-Oct-2023
https://doi.org/10.1109/MODELS-C59198.2023.00130

Index Terms

Feedback on the formal verification of UML models in an industrial context: the case of a smart device life cycle management system

Recommendations

Verification-driven slicing of UML/OCL models
ASE '10: Proceedings of the 25th IEEE/ACM International Conference on Automated Software Engineering

Model defects are a significant concern in the Model-Driven Development (MDD) paradigm, as model transformations and code generation may propagate errors to other notations where they are harder to detect and trace. Formal verification techniques can ...
LSC Verification for UML Models with Unbounded Creation and Destruction

The approaches to automatic formal verification of UML models known up to now require a finite bound on the number of objects existing at each point in time. In [W. Damm, B. Westphal, Live and let die: LSC-based verification of UML-models, Science of of ...
Property Specification and Static Verification of UML Models
ARES '08: Proceedings of the 2008 Third International Conference on Availability, Reliability and Security

We present a Static Verification Tool (SVT), a system that performs static verification on UML models composed of UML class and state machine diagrams. Additionally, the SVT allows the user to add extra behavior specification in the form of guards and ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

MODELS '22: Proceedings of the 25th International Conference on Model Driven Engineering Languages and Systems

October 2022

412 pages

ISBN:9781450394666

DOI:10.1145/3550355

General Chairs:
Eugene Syriani
Université de Montréal, Canada
,
Houari Sahraoui
Université de Montréal, Canada

Copyright © 2022 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSOFT: ACM Special Interest Group on Software Engineering

In-Cooperation

Univ. of Montreal: University of Montreal
IEEE CS

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 24 October 2022

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Badges

Author Tags

Qualifiers

Research-article

Conference

MODELS '22

Sponsor:

SIGSOFT

MODELS '22: ACM/IEEE 25th International Conference on Model Driven Engineering Languages and Systems

October 23 - 28, 2022

Quebec, Montreal, Canada

Acceptance Rates

MODELS '22 Paper Acceptance Rate 35 of 125 submissions, 28%;

Overall Acceptance Rate 144 of 506 submissions, 28%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
141
Total Downloads

Downloads (Last 12 months)35
Downloads (Last 6 weeks)7

Reflects downloads up to 08 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Jouault FBesnard VBrun MLe Calvar TChhel FClavreul MDelatour JMéré MPasquier MTeodorov C(2024)AnimUMLScience of Computer Programming10.1016/j.scico.2023.103050232:COnline publication date: 27-Feb-2024
https://dl.acm.org/doi/10.1016/j.scico.2023.103050
Méré MJouault FPallardy LPerdriau R(2024)Evaluating formal model verification tools in an industrial context: the case of a smart device life cycle management systemSoftware and Systems Modeling10.1007/s10270-024-01201-0Online publication date: 16-Aug-2024
https://doi.org/10.1007/s10270-024-01201-0
Pasquier MTeodorov CJouault FBrun MLagadec L(2023)Debugging Paxos in the UML Multiverse2023 ACM/IEEE International Conference on Model Driven Engineering Languages and Systems Companion (MODELS-C)10.1109/MODELS-C59198.2023.00130(811-820)Online publication date: 1-Oct-2023
https://doi.org/10.1109/MODELS-C59198.2023.00130

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten