Authors:
Mariapia Raimondo
1
;
Simona Bernardi
2
and
Stefano Marrone
1
Affiliations:
1
Dip. di Matematica e Fisica, Università della Campania “Luigi Vanvitelli”, Caserta, Italy
;
2
Dpto. de Informática e Ingeniería de Sistemas, Universidad de Zaragoza, Zaragoza, Spain
Keyword(s):
Distributed Ledger Technology, Formal Modelling, Tweetchain, Tamarin Prover, Model Checking.
Abstract:
Distributed Ledger Technology is demonstrating its capability to provide flexible frameworks for information assurance capable of resisting to byzantine failures and multiple target attacks. The availability of development frameworks allows the definition of many applications using such a technology. On the contrary, the verification of such applications are far from being easy since testing is not enough to guarantee the absence of security problems. The paper describes an experience in the modelling and security analysis of one of these applications by means of formal methods: in particular, we consider the Tweetchain protocol as a case study and we use the Tamarin Prover tool, which supports the modelling of a protocol as a multiset rewriting system and its analysis with respect to temporal first-order properties. With the aim of making the modeling and verification process reproducible and independent of the specific protocol, we present a general structure of the Tamarin Prover
model and of the properties to verified. Finally, we discuss the strengths and limitations of the Tamarin Prover approach considering three aspects: modelling, analysis and the verification process.
(More)