ABSTRACT
It is important that the programmed logic controller(PLC), the heart of industrial control systems (ICS), is formally verified to ensure that its safety and security requirements are met. However, the combination of the strengths of two or more verification tools to verify tasks has yet to be fully explored, especially in verification of safety-critical programs such as PLC programs. In this paper, we apply cooperative verification techniques by building a verifier validator (using Symbiotic as a verifier and the CPA checker as a validator). We investigate the possibilities of preventing false positives in verification results and discover how effective and efficient the (verifier-validator) is when compared with a single verification tool. The results show that the verifier validator was able to discover 3 properties that were not properly verified by a single verification tool in a shorter time span.
- Étienne André, Yousra Lembachar, Laure Petrucci, Francis Hulin-Hubard, Alban Linard, Lom Hillah, and Fabrice Kordon. 2013. CosyVerif: An open source extensible verification environment. In 2013 18th International Conference on Engineering of Complex Computer Systems. IEEE, 33–36.Google ScholarDigital Library
- Steven Arzt, Siegfried Rasthofer, Robert Hahn, and Eric Bodden. 2015. Using targeted symbolic execution for reducing false-positives in dataflow analysis. In Proceedings of the 4th ACM SIGPLAN International Workshop on State of the Art in Program Analysis. 1–6.Google ScholarDigital Library
- Dirk Beyer. 2021. Software verification: 10th comparative evaluation (SV-COMP 2021). In International Conference on Tools and Algorithms for the Construction and Analysis of Systems. Springer, 401–422.Google ScholarDigital Library
- Dirk Beyer. 2022. Cooperative Verification: Towards Reliable Safety-Critical Systems (Invited Talk). In Proceedings of the 8th ACM SIGPLAN International Workshop on Formal Techniques for Safety-Critical Systems (Auckland, New Zealand) (FTSCS 2022). Association for Computing Machinery, New York, NY, USA, 1–2.Google ScholarDigital Library
- Dirk Beyer, Matthias Dangl, Daniel Dietsch, and Matthias Heizmann. 2016. Correctness witnesses: Exchanging verification results between verifiers. In Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering. 326–337.Google ScholarDigital Library
- Dirk Beyer, Jan Haltermann, Thomas Lemberger, and Heike Wehrheim. 2022a. Decomposing software verification into off-the-shelf components: an application to CEGAR. In Proceedings of the 44th International Conference on Software Engineering (Pittsburgh, Pennsylvania) (ICSE ’22). Association for Computing Machinery, New York, NY, USA, 536–548.Google ScholarDigital Library
- Dirk Beyer, Marie-Christine Jakobs, Thomas Lemberger, and Heike Wehrheim. 2018. Reducer-based construction of conditional verifiers. In Proceedings of the 40th International Conference on Software Engineering. 1182–1193.Google ScholarDigital Library
- Dirk Beyer and Sudeep Kanav. 2022a. CoVeriTeam: On-demand composition of cooperative verification systems. In International Conference on Tools and Algorithms for the Construction and Analysis of Systems. Springer, 561–579.Google ScholarDigital Library
- Dirk Beyer and Sudeep Kanav. 2022b. CoVeriTeam: On-Demand Composition of Cooperative Verification Systems. In Tools and Algorithms for the Construction and Analysis of Systems. Springer International Publishing, 561–579.Google Scholar
- Dirk Beyer, Sudeep Kanav, and Cedric Richter. 2022b. Construction of verifier combinations based on off-the-shelf verifiers. In Fundamental Approaches to Software Engineering: 25th International Conference, FASE 2022, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2022, Munich, Germany, April 2–7, 2022, Proceedings. library.oapen.org, 49–70.Google Scholar
- Dirk Beyer and M Erkan Keremoglu. 2011. CPAchecker: A tool for configurable software verification. In International Conference on Computer Aided Verification. Springer, 184–190.Google ScholarCross Ref
- Dirk Beyer, Stefan Löwe, and Philipp Wendler. 2019. Reliable benchmarking: requirements and solutions. International Journal on Software Tools for Technology Transfer 21, 1 (2019), 1–29.Google ScholarDigital Library
- Dirk Beyer and Martin Spiessl. 2020. MetaVal: Witness validation via verification. In Computer Aided Verification: 32nd International Conference, CAV 2020, Los Angeles, CA, USA, July 21–24, 2020, Proceedings, Part II 32. Springer, 165–177.Google ScholarDigital Library
- Devesh Bhatt, Gabor Madl, David Oglesby, and Kirk Schloegel. 2010. Towards scalable verification of commercial avionics software. In AIAA Infotech@ Aerospace 2010. 3452.Google Scholar
- Sebastian Biallas, Jörg Brauer, and Stefan Kowalewski. 2012. Arcade. PLC: A verification platform for programmable logic controllers. In 2012 Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering. IEEE, 338–341.Google Scholar
- Dimitri Bohlender, Daniel Hamm, and Stefan Kowalewski. 2018. Cycle-bounded model checking of PLC software via dynamic large-block encoding. In Proceedings of the 33rd Annual ACM Symposium on Applied Computing (Pau, France) (SAC ’18). Association for Computing Machinery, New York, NY, USA, 1891–1898.Google ScholarDigital Library
- Marek Chalupa, Tomáš Jašek, Jakub Novák, Anna Řechtáčková, Veronika Šoková, and Jan Strejček. 2021. Symbiotic 8: beyond symbolic execution. In International Conference on Tools and Algorithms for the Construction and Analysis of Systems. Springer, 453–457.Google ScholarDigital Library
- Alessandro Cimatti, Edmund Clarke, Enrico Giunchiglia, Fausto Giunchiglia, Marco Pistore, Marco Roveri, Roberto Sebastiani, and Armando Tacchella. 2002. Nusmv 2: An opensource tool for symbolic model checking. In Computer Aided Verification: 14th International Conference, CAV 2002 Copenhagen, Denmark, July 27–31, 2002 Proceedings 14. Springer, 359–364.Google ScholarCross Ref
- Simon Cruanes, Grégoire Hamon, Sam Owre, and Natarajan Shankar. 2013. Tool Integration with the Evidential Tool Bus.. In VMCAI, Vol. 7737. Springer, 275–294.Google Scholar
- SG Devi, C Nalini, and N Kumar. 2018. An efficient software verification using multi-layered software verification tool. International Journal of Engineering & Technology 7, 2.21 (2018), 454–457.Google Scholar
- Benny Godlin and Ofer Strichman. 2009. Regression verification. In Proceedings of the 46th Annual Design Automation Conference. 466–471.Google ScholarDigital Library
- Jan Haltermann and Heike Wehrheim. 2021. CoVEGI: Cooperative verification via externally generated invariants. In Fundamental Approaches to Software Engineering: 24th International Conference, FASE 2021, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2021, Luxembourg City, Luxembourg, March 27–April 1, 2021, Proceedings. Springer International Publishing Cham, 108–129.Google ScholarDigital Library
- Matthias Heizmann, Yu-Fang Chen, Daniel Dietsch, Marius Greitschus, Jochen Hoenicke, Yong Li, Alexander Nutz, Betim Musa, Christian Schilling, Tanja Schindler, 2018. Ultimate automizer and the search for perfect interpolants. In International Conference on Tools and Algorithms for the Construction and Analysis of Systems. Springer, 447–451.Google ScholarCross Ref
- Daniel Kroening and Michael Tautschnig. 2014. CBMC–C Bounded Model Checker: (Competition Contribution). In Tools and Algorithms for the Construction and Analysis of Systems: 20th International Conference, TACAS 2014, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2014, Grenoble, France, April 5-13, 2014. Proceedings 20. Springer, 389–391.Google ScholarCross Ref
- Robert P Kurshan, Vladimir Levin, Marius Minea, Doron Peled, and Hüsnü Yenigün. 2002. Combining software and hardware verification techniques. Formal Methods in System Design 21 (2002), 251–280.Google ScholarDigital Library
- Raluca Lefticaru, Savas Konur, Unal Yildirim, Amad Uddin, Felician Campean, and Marian Gheorghe. 2017. Towards an integrated approach to verification and model-based testing in system engineering. In 2017 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData). IEEE, 131–138.Google Scholar
- Ignacio D Lopez-Miguel, Jean-Charles Tournier, and Borja Fernandez Adiego. 2022. PLCverif: Status of a Formal Verification Tool for Programmable Logic Controller. arXiv preprint arXiv:2203.17253 (2022).Google Scholar
- Felipe R Monteiro. 2018. ESBMC 5.0 - An Industrial-Strength C Model Checker.Google Scholar
- Tyler Phillips, Hoda Mehrpouyan, John Gardner, and Stephen Reese. 2019. A Covert System Identification Attack on Constant Setpoint Control Systems. In 2019 Seventh International Symposium on Computing and Networking Workshops (CANDARW). 367–373. https://doi.org/10.1109/CANDARW.2019.00070Google ScholarCross Ref
- Technical PLCOpen. Feb 25,2020. PLCopen - Technical Committee 5 Safety Software. (Feb 25,2020).Google Scholar
- Farhad Rasapour, Edoardo Serra, and Hoda Mehrpouyan. 2019. Framework for Detecting Control Command Injection Attacks on Industrial Control Systems (ICS). In 2019 Seventh International Symposium on Computing and Networking (CANDAR). 211–217. https://doi.org/10.1109/CANDAR.2019.00035Google ScholarCross Ref
- Cedric Richter and Heike Wehrheim. 2019. Pesco: Predicting sequential combinations of verifiers. In International Conference on Tools and Algorithms for the Construction and Analysis of Systems. Springer, 229–233.Google ScholarCross Ref
- Benjamin John Rosser. 2018. Cocotb: a Python-based digital logic verification framework. In Micro-electronics Section seminar. CERN, Geneva, Switzerland.Google Scholar
- Roshan Shrestha, Hoda Mehrpouyan, and Dianxiang Xu. 2018. Model Checking of Security Properties in Industrial Control Systems (ICS). In Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy (Tempe, AZ, USA) (CODASPY ’18). Association for Computing Machinery, New York, NY, USA, 164–166. https://doi.org/10.1145/3176258.3176949Google ScholarDigital Library
- Michael Tiegelkamp and Karl-Heinz John. 2010. IEC 61131-3: Programming industrial automation systems. Vol. 166. Springer.Google Scholar
Index Terms
- Cooperative Verification of PLC Programs Using CoVeriTeam: Towards a reliable and secure Industrial Control Systems
Recommendations
Cooperative Verification: Towards Reliable Safety-Critical Systems (Invited Talk)
FTSCS 2022: Proceedings of the 8th ACM SIGPLAN International Workshop on Formal Techniques for Safety-Critical SystemsCooperative verification is an approach in which several verifiers help each other solving the verification problem by sharing artifacts about the verification process. There are many verification tools available, but the power of combining them is ...
CoVeriTeam: On-Demand Composition of Cooperative Verification Systems
Tools and Algorithms for the Construction and Analysis of SystemsAbstractThere is no silver bullet for software verification: Different techniques have different strengths. Thus, it is imperative to combine the strengths of verification tools via combinations and cooperation. CoVeriTeam is a language and tool for on-...
Formal verification of ASMs using MDGs
We present a framework for the formal verification of abstract state machine (ASM) designs using the multiway decision graphs (MDG) tool. ASM is a state based language for describing transition systems. MDG provides symbolic representation of transition ...
Comments