research-article

Applying Formal Methods to Networking: Theory, Techniques, and Applications

Authors:

Osman HasanAuthors Info & Claims

IEEE Communications Surveys & Tutorials, Volume 17, Issue 1

Pages 256 - 291

https://doi.org/10.1109/COMST.2014.2345792

Published: 01 January 2015 Publication History

Abstract

Despite its great importance, modern network infrastructure is remarkable for the lack of rigor in its engineering. The Internet, which began as a research experiment, was never designed to handle the users and applications it hosts today. The lack of formalization of the Internet architecture meant limited abstractions and modularity, particularly for the control and management planes, thus requiring for every new need a new protocol built from scratch. This led to an unwieldy ossified Internet architecture resistant to any attempts at formal verification and to an Internet culture where expediency and pragmatism are favored over formal correctness. Fortunately, recent work in the space of clean slate Internet design-in particular, the software defined networking (SDN) paradigm-offers the Internet community another chance to develop the right kind of architecture and abstractions. This has also led to a great resurgence in interest of applying formal methods to specification, verification, and synthesis of networking protocols and applications. In this paper, we present a self-contained tutorial of the formidable amount of work that has been done in formal methods and present a survey of its applications to networking.

References

[1]

J. Day, Patterns in Network Architecture: A Return to Fundamentals, Englewood Cliffs, NJ, USA: Prentice-Hall, 2007.

[2]

S. Garfinkel, “ History's worst software bugs,” Wired News, Nov. 2005.

[3]

G. Tassey, “ The economic impacts of inadequate infrastructure for software testing”, National Inst. Std. Technol., Gaithersburg, MD, USA, 2002, vol. 7007, RTI Project.

[4]

S. U. Malik, and S. U. Khan, “ Formal methods in large-scale computing systems,” ITNOW, vol. 55, no. 2, pp. 52– 53 Summer, 2013.

[5]

HD Moore, Security Flaws in Universal Plug and Play: Unplug, Don't Play, Jan. 2013. [Online]. Available: https://community.rapid7.com/community/infosec/blog/2013/01/29/security-flaws-in-universal-plug-and- play-unplug-dont-play.

[6]

C. Barker, “ The top 10 IT disasters of all time,” . [Online]. Available: http://www.zdnet.com/news/the-top-10- it-disasters-of-all-time/177729, Accessed: 2013-02-21.

[7]

M. Cabural, Facebook Inc (FB) Awards Biggest Bug Bounty To Brazilian Engineer. [Online]. Available: http://www.valuewalk.com/2014/0 1/facebook-inc-fb-awards-biggest-bug-bounty/, Accessed: 2013-02-21.

[8]

D. Oppenheimer, A. Ganapathi, and D. A. Patterson, “ Why do Internet services fail, and what can be done about it?,” in Proc. USENIX Symp. Internet Technol. Syst., Seattle, WA, USA, 2003, vol. 4, pp. 1– 15.

[9]

J. Rexford, and P. Zave, “ Report of the DIMACS working group on abstractions for network services, architecture, and implementation,” ACM SIGCOMM Comput. Commun. Rev., vol. 43, no. 1, pp. 56– 59, Jan. 2012.

[10]

P. Zave, “ Experiences with protocol description,” in Proc. WRIPE, 2011, pp. 1– 6.

[11]

C. Kern, and M. R. Greenstreet, “ Formal verification in hardware design: A survey,” ACM Trans. Des. Autom. Electron. Syst., vol. 4, no. 2, pp. 123– 193, Apr. 1999.

Digital Library

[12]

G. Bochmann, and C. Sunshine, “ Formal methods in communication protocol design,” IEEE Trans. Commun., vol. COM-28, no. 4, pp. 624– 631, Apr. 1980.

[13]

G. J. Holzmann, “ Design and validation of protocols: A tutorial,” Comput. Netw. ISDN Syst., vol. 25, no. 9, pp. 981– 1017, Apr. 1993.

Digital Library

[14]

K. Bhargavan, D. Obradovic, and C. A. Gunter, “ Formal verification of standards for distance vector routing protocols,” J. ACM, vol. 49, no. 4, pp. 538– 576, Jul. 2002.

Digital Library

[15]

J. Jürjens, Secure Systems Development With UML, Berlin, Germany: Springer-Verlag, 2005.

Digital Library

[16]

D. M. Buede, The Engineering Design of Systems: Models and Methods, Hoboken, NJ, USA: Wiley, 2011, vol. 55.

[17]

P. Godefroid, “ Model checking for programming languages using VeriSoft,” in Proc. 24th ACM SIGPLAN-SIGACT Symp. Principles Program. Lang., 1997, pp. 174– 186.

Digital Library

[18]

K. Bhargavan, et al., “ Verisim: Formal analysis of network simulations,” IEEE Trans. Softw. Eng., vol. 28, no. 2, pp. 129– 145, Feb. 2002.

Digital Library

[19]

H. Chen, D. Dean, and D. Wagner, “ Model checking one million lines of C code,” in Proc. NDSS, 2004, vol. 4, pp. 171– 185.

[20]

P. Zave, “ Using lightweight modeling to understand chord,” SIGCOMM Comput. Commun. Rev., vol. 42, no. 2, pp. 49– 57, Apr. 2012.

Digital Library

[21]

A. Sobeih, M. Viswanathan, D. Marinov, and J. Hou, “ Finding bugs in network protocols using simulation code and protocol-specific heuristics,” in Formal Methods and Software Engineering, Berlin, Germany: Springer-Verlag, 2005, vol. 3785 Lecture Notes in Computer Science, pp. 235– 250.

[22]

Z. Lu, C. Steinmuller, and S. Mukhopadhyay, “ Towards formal verification of a commercial wireless router firmware,” in Proc. IEEE 37th Annu. COMPSAC, Jul. 2013, pp. 639– 647.

[23]

“ Running code vs. formal testing methods,” . [Online]. Available: http://www.ietf.org/mail-archive/web/ietf/ current/msg10577.html, Accessed: 2013-09-30.

[24]

G. Holzmann, “ OOPSLA keynote: Scrub and SPIN: Stealth use of formal methods in software development,” in Proc. 24th ACM SIGPLAN Conf. Companion Obj. Orient. Program. Syst. Lang. Appl., 2009, pp. 4.

[25]

International Conference on Formal Techniques for Networked and Distributed Systems. [Online]. Available: http://www.informatik.uni-trier.de/_ley/db/conf/ forte/, Accessed: 2013-09-12.

[26]

. [Online]. Available: http://www.cs.cornell.edu/conferences/formalnetworks/ , Accessed: 2013-10-1.

[27]

F. Babich, and L. Deotto, “ Formal methods for specification and analysis of communication protocols,” IEEE Commun. Surveys Tuts., vol. 4, no. 1, pp. 2– 20 1st Quart., 2002.

Digital Library

[28]

J. Woodcock, P. G. Larsen, J. Bicarregui, and J. Fitzgerald, “ Formal methods: Practice and experience,” Proc. ACM CSUR, vol. 41, no. 4, pp. 19, Oct. 2009.

[29]

S. Zhang, S. Malik, and R. McGeer, “ Verification of computer switching networks: An overview,” in Automated Technology for Verification and Analysis, Berlin, Germany: Springer-Verlag, 2012, pp. 1– 16.

[30]

N. Lopes, N. Bjørner, P. Godefroid, and G. Varghese, “ Network verification in the light of program verification,”, 2013.

[31]

Scott Shenker's talk at Stanford (2013). [Online]. Available: http://www.youtube.com/watch?v=WabdXYzCAOU, Accessed: 2013-09-12.

[32]

H. Scholz, Concise History of Logic, New York, NY, USA: Philosophical Library, 1961, vol. 94.

[33]

M. Ben-Ari, Mathematical Logic for Computer Science, New York, NY, USA: Springer-Verlag, 2012.

[34]

A. R. Bradley, and Z. Manna, The Calculus of Computation: Decision Procedures With Applications to Verification, Berlin, Germany: Springer-Verlag, 2007.

[35]

J. Y. Halpern, et al., “ On the unusual effectiveness of logic in computer science,” Bull. Symbolic Logic, vol. 7, no. 2, pp. 213– 236, Jan. 2001.

[36]

M. Huth, and M. Ryan, Logic in Computer Science: Modelling and Reasoning About Systems, Cambridge, U.K.: Cambridge Univ. Press, 2004.

Digital Library

[37]

S. Russell, Artificial Intelligence: A Modern Approach, 2/E, Chennai, India: Pearson Education India, 2003.

[38]

K. J. Devlin, Logic and Information, Cambridge, U.K.: Cambridge Univ. Press, 1995.

Digital Library

[39]

J. Franco, and J. Martin, “ A history of satisfiability,” in Handbook Satisfiability, Amsterdam, The Netherlands: IOS Press, 2009, vol. 185, pp. 3– 74.

[40]

D. Makinson, Sets, Logic and Maths for Computing, London, U.K.: Springer-Verlag, 2012.

Digital Library

[41]

K. Devlin, Sets Functions, and Logic: An Introduction to Abstract Mathematics, Boca Raton, FL, USA: CRC Press, 2003.

[42]

O. Strichman, Decision Procedures: An Algorithmic Point of View, Berlin, Germany: Springer-Verlag, 2010.

[43]

J. Harrison, “ The HOL light theory of Euclidean space,” J. Autom. Reason., vol. 50, no. 2, pp. 173– 190, Feb. 2013.

Digital Library

[44]

T. Mhamdi, O. Hasan, and S. Tahar, “ Formalization of measure theory and Lebesgue integration for probabilistic analysis in HOL,” Proc. ACM Trans. Embedded Comput. Syst., vol. 12, no. 1, pp. 13:1– 13:23, Jan. 2013.

[45]

C. A. R. Hoare, “ An axiomatic basis for computer programming,” Commun. ACM, vol. 12, no. 10, pp. 576– 580, Oct. 1969.

Digital Library

[46]

K. R. Apt, “ Ten years of Hoare's logic: A survey—Part I,” ACM Trans. Programm. Lang. Syst., vol. 3, no. 4, pp. 431– 483, Oct. 1981.

Digital Library

[47]

E. A. Emerson, “ Temporal and modal logic,” in Handbook of Theoretical Computer Science, Volume B: Formal Models and Sematics (B), Cambridge, MA, USA: MIT Press, 1990, pp. 995– 1072.

[48]

A. Pnueli, “ The temporal logic of programs,” in Proc. IEEE 18th Annu. Symp. Found. Comput. Sci., 1977, pp. 46– 57.

Digital Library

[49]

E. M. Clarke, E. A. Emerson, and A. P. Sistla, “ Automatic verification of finite-state concurrent systems using temporal logic specifications,” ACM Trans. Programm. Lang. Syst., vol. 8, no. 2, pp. 244– 263, Apr. 1986.

Digital Library

[50]

L. Lamport, “ What good is temporal logic?,” in Proc. IFIP Congr., 1983, vol. 83, pp. 657– 668.

[51]

D. M. Gabbay, I. Hodkinson, M. Reynolds, and M. Finger, Temporal Logic: Mathematical Foundations and Computational Aspects, Oxford, U.K.: Clarendon, 2000.

[52]

Z. Manna, and A. Pnueli, Temporal Logic, Berlin, Germany: Springer-Verlag, 1992.

[53]

L. Lamport, “ The temporal logic of actions,” ACM Trans. Programm. Lang. Syst., vol. 16, no. 3, pp. 872– 923, May 1994.

Digital Library

[54]

D. Jackson, “ Software abstractions: Logic,” in Language, and Analysis, Cambridge, MA, USA: MIT Press, 2006.

[55]

E. Torlak, and D. Jackson, “ Kodkod: A relational model finder,” in Tools and Algorithms for the Construction and Analysis of Systems, Berlin, Germany: Springer-Verlag, 2007, pp. 632– 647.

Digital Library

[56]

N. Feamster, and H. Balakrishnan, “ Towards a logic for wide-area Internet routing,” in Proc. ACM SIGCOMM Comput. Commun. Rev., 2003, vol. 33, pp. 289– 300.

[57]

D. Kozen, “ Kleene algebra with tests,” ACM Trans. Programm. Lang. Syst., vol. 19, no. 3, pp. 427– 443, May 1997.

Digital Library

[58]

C. J. Anderson, et al., “ NetKAT: Semantic foundations for networks,” in Proc. 34th Annu. ACM SIGPLAN Conf. Programm. Lang. Des. Implementation, Seattle, WA, USA, 2013, pp. 113– 126.

[59]

J. C. Baeten, T. Basten, T. Basten, and M. Reniers, Process Algebra: Equational Theories of Communicating Processes, Cambridge, U.K.: Cambridge Univ. Press, 2010, vol. 50.

Digital Library

[60]

H. R. Nielson, and F. Nielson, Semantics With Applications: An Appetizer, London, U.K.: Springer-Verlag, 2007.

[61]

P. Kazemian, et al., “ Real time network policy checking using header space analysis,” in Proc. USENIX Symp. NSDI, 2013, pp. 99– 112.

[62]

N. Foster, et al., “ Frenetic: A network programming language,” ACM SIGPLAN Notices, vol. 46, no. 9, pp. 279– 291, Sep. 2011.

Digital Library

[63]

A. Guha, M. Reitblatt, and N. Foster, “ Machine-verified network controllers,” in Proc. PLDI, 2013, pp. 483– 494.

[64]

H. Abelson, G. Sussman, and J. Sussman, Structure and Interpretation of Computer Programs, Cambridge, MA, USA: MIT Press, 1985.

Digital Library

[65]

P. Alvaro, et al., “ Boom analytics: Exploring data-centric, declarative programming for the cloud,” in Proc. 5th Eur. Conf. Comput. Syst., 2010, pp. 223– 236.

Digital Library

[66]

S. P. Jones, “ The future is parallel, the future of parallel is declarative,”, 2012.

[67]

J. M. Hellerstein, “ The declarative imperative: Experiences and conjectures in distributed logic,” ACM SIGMOD Rec., vol. 39, no. 1, pp. 5– 19, Mar. 2010.

Digital Library

[68]

D. Maier, and D. Warren, Computing With Logic, Redwood City, CA, USA: Benjamin Cummings, 1988.

[69]

J. Harrison, “ Introduction to Functional Programming”, Univ. Cambridge, Cambridge, U.K., 1997, Lecture Notes.

[70]

D. S. Scott, “ $\lambda$-calculus: Then & now,” in Proc. ACM Turing Centenary Celebration, 2012, pp. 1– 33.

[71]

R. Herken, The Universal Turing Machine: A Half-Century Survey, New York, NY, USA: Springer-Verlag, 1995, vol. 2.

[72]

Z. Luo, Computation and Reasoning: A Type Theory for Computer Science, London, U.K.: Oxford Univ. Press, 1994.

Digital Library

[73]

S. Thompson, Haskell: The Craft of Functional Programming, Reading, MA, USA: Addison-Wesley, 1999, vol. 2.

[74]

L. C. Paulson, ML for the Working Programmer, Cambridge, U.K.: Cambridge Univ. Press, 1996.

[75]

M. J. Gordon, R. Milner, and C. P. Wadsworth, Edinburgh LCF: A Mechanised Logic of Computation, New York, NY, USA: Springer-Verlag, 1979, vol. 78.

[76]

D. Lee, and M. Yannakakis, “ Principles and methods of testing finite state machines—A survey,” Proc. IEEE, vol. 84, no. 8, pp. 1090– 1123, Aug. 1996.

[77]

G. J. Holzmann, “ An improved protocol reachability analysis technique,” Softw. Pract. Exp., vol. 18, no. 2, pp. 137– 161, Feb. 1988.

Digital Library

[78]

J. E. Hopcroft, Introduction to Automata Theory, Languages, and Computation, Chennai, India: Pearson Education, 2008.

[79]

R. Alur, “ Timed automata,” in Computer Aided Verification, Berlin, Germany: Springer-Verlag, 1999, pp. 8– 22.

Digital Library

[80]

T. Murata, “ Petri nets: Properties, analysis and applications,” Proc. IEEE, vol. 77, no. 4, pp. 541– 580, Apr. 1989.

[81]

J. Billington, M. Diaz, and G. Rozenberg, Application of Petri Nets to Communication Networks: Advances in Petri Nets, Berlin, Germany: Springer-Verlag, 1999, vol. 1605.

Digital Library

[82]

K. G. Larsen, P. Pettersson, and W. Yi, “ UPPAAL in a nutshell,” Int. J. Softw. Tools Technol. Transf., vol. 1, no. 1/2, pp. 134– 152, Dec. 1997.

Digital Library

[83]

C. Wang, G. D. Hachtel, and F. Somenzi, Abstraction Refinement for Large Scale Model Checking, New York, NY, USA: Springer-Verlag, 2006.

[84]

E. M. Clarke, O. Grumberg, and D. A. Peled, Model Checking, Cambridge, MA, USA: MIT Press, 1999.

Digital Library

[85]

R. E. Bryant, “ Symbolic Boolean manipulation with ordered binary decision diagrams,” ACM Comput. Surveys, vol. 24, no. 3, pp. 293– 318, Sep. 1992.

Digital Library

[86]

H. R. Andersen, “ An introduction to binary decision diagrams”, IT Univ. Copenhagen, Copenhagen, Germany, 1997, Lecture Notes, Available Online.

[87]

D. Knuth, The Art of Computer Programming: Bitwise Tricks & Techniques; Binary Decision Diagrams, Volume 4, Fascicle 1, Reading, MA, USA: Addison-Wesley, 2009.

[88]

R. E. Bryant, “ Binary decision diagrams and beyond: Enabling technologies for formal verification,” in Proc. IEEE/ACM ICCAD Dig. Tech. Papers, 1995, pp. 236– 243.

[89]

R. McGeer, “ New results on BDD sizes and implications for verification,” in Proc. Int. Workshop Logic Synthesis, Berkeley, CA, USA, Jun. 2012.

[90]

H. Yang, and S. S. Lam, “ Real-time verification of network properties using atomic predicates,” in Proc. IEEE ICNP, 2013, pp. 1– 11.

[91]

E. Al-Shaer, W. Marrero, A. El-Atawy, and K. ElBadawi, “ Network configuration in a box: Towards end-to-end verification of network reachability and security,” in Proc. 17th IEEE ICNP, 2009, pp. 123– 132.

[92]

G. J. Holzmann, and M. H. Smith, “ Automating software feature verification,” Bell Labs Tech. J., vol. 5, no. 2, pp. 72– 87, Apr.–Jun. 2000.

[93]

T. Ball, and S. K. Rajamani, “ The SLAM toolkit,” in Computer Aided Verification, Berlin, Germany: Springer-Verlag, 2001, pp. 260– 264.

[94]

T. Ball, R. Majumdar, T. Millstein, and S. K. Rajamani, “ Automatic predicate abstraction of C programs,” in Proc. ACM SIGPLAN Notices, 2001, vol. 36, pp. 203– 213.

[95]

K. Bhargavan, C. Fournet, R. Corin, and E. Zalinescu, “ Cryptographically verified implementations for TLS,” in Proc. 15th ACM Conf. Comput. Commun. Security, 2008, pp. 459– 468.

[96]

M. Musuvathi, D. Y. Park, A. Chou, D. R. Engler, and D. L. Dill, “ CMC: A pragmatic approach to model checking real code,” ACM SIGOPS Operat. Syst. Rev., vol. 36, no. SI, pp. 75– 88 Winter, 2002.

Digital Library

[97]

P. Camurati, and P. Prinetto, “ Formal verification of hardware correctness: Introduction and survey of current research,” Computer, vol. 21, no. 7, pp. 8– 19, Jul. 1988.

Digital Library

[98]

A. Biere, Handbook of Satisfiability, Amsterdam, The Netherlands: IOS Press, 2009, vol. 185.

Digital Library

[99]

L. Bordeaux, Y. Hamadi, and L. Zhang, “ Propositional satisfiability and constraint programming: A comparative survey,” ACM Comput. Surveys, vol. 38, no. 4, pp. 12, 2006.

Digital Library

[100]

J. Gu, P. W. Purdom, J. Franco, and B. W. Wah, Algorithms for the Satisfiability (SAT) Problem, New York, NY, USA: Springer-Verlag, 1999.

[101]

M. R. Prasad, A. Biere, and A. Gupta, “ A survey of recent advances in SAT-based formal verification,” Int. J. Softw. Tools Technol. Transf., vol. 7, no. 2, pp. 156– 173, Apr. 2005.

Digital Library

[102]

M. K. Ganai, and A. Gupta, “ SAT-based verification framework,” in SATBased Scalable Formal Verification Solutions, New York, NY, USA: Springer-Verlag, 2007, pp. 247– 261.

[103]

L. De Moura, and N. Bjørner, “ Satisfiability modulo theories: Introduction and applications,” Commun. ACM, vol. 54, no. 9, pp. 69– 77, Sep. 2011.

Digital Library

[104]

C. W. Barrett, R. Sebastiani, S. A. Seshia, and C. Tinelli, “ Satisfiability modulo theories,” in Handbook Satisfiability, Amsterdam, The Netherlands: IOS Press, 2009, vol. 185, pp. 825– 885.

[105]

C. P. Gomes, H. Kautz, A. Sabharwal, and B. Selman, “ Satisfiability solvers,” in Handbook of Knowledge Representation. Foundations of Artificial Intelligence, New York, NY, USA: Elsevier, 2008, vol. 3, pp. 89– 134.

[106]

N. Een, and N. Sörensson, “ Minisat: A SAT solver with conflict-clause minimization,” in Proc. SAT, 2005, vol. 5, pp. 1– 2.

[107]

M. W. Moskewicz, C. F. Madigan, Y. Zhao, L. Zhang, and S. Malik, “ Chaff: Engineering an efficient SAT solver,” in Proc. 38th Annu. Design Autom. Conf., 2001, pp. 530– 535.

Digital Library

[108]

L. De Moura, and N. Bjørner, “ Z3: An efficient SMT solver,” in Tools and Algorithms for the Construction and Analysis of Systems, Berlin, Germany: Springer-Verlag, 2008, pp. 337– 340.

[109]

C.-L. Chang, and R. C.-T. Lee, Symbolic Logic and Mechanical Theorem Proving, New York, NY, USA: Academic, 1973, vol. 67.

Digital Library

[110]

M. Davis, G. Logemann, and D. Loveland, “ A machine program for theorem-proving,” Commun. ACM, vol. 5, no. 7, pp. 394– 397, Jul. 1962.

Digital Library

[111]

B. Brock, M. Kaufmann, and J. S. Moore, “ ACL2 theorems about commercial microprocessors,” in Formal Methods in Computer-Aided Design, Berlin, Germany: Springer-Verlag, 1996, pp. 275– 293.

[112]

L. C. Paulson, and M. Wenzel, Isabelle/HOL: A Proof Assistant for Higher-Order Logic, Berlin, Germany: Springer-Verlag, 2002, vol. 2283.

[113]

M. J. Gordon, HOL: A Proof Generating System for Higher-Order Logic, New York, NY, USA: Springer-Verlag, 1987.

[114]

S. Owre, J. M. Rushby, and N. Shankar, “ PVS: A prototype verification system,” in Automated DeductionCADE-11, Berlin, Germany: Springer-Verlag, 1992, pp. 748– 752.

[115]

Y. Bertot, and P. Castèran, Interactive Theorem Proving and Program Development: Coq'Art: The Calculus of Inductive Constructions, New York, NY, USA: Springer-Verlag, 2004.

[116]

O. Grumberg, and H. Veith, 25 Years of Model Checking: History, Achievements, Perspectives, Berlin, Germany: Springer-Verlag, 2008, vol. 5000.

[117]

E. A. Emerson, “ The beginning of model checking: A personal perspective,” in 25 Years of Model Checking, Berlin, Germany: Springer-Verlag, 2008, pp. 27– 45.

Digital Library

[118]

T. A. Henzinger, X. Nicollin, J. Sifakis, and S. Yovine, “ Symbolic model checking for real-time systems,” in Proc. 7th Annu. IEEE Symp. LICS, 1992, pp. 394– 406.

[119]

C. Baier, et al., Principles of Model Checking, Cambridge, MA, USA: MIT Press, 2008.

Digital Library

[120]

E. M. Clarke, “ The birth of model checking,” in 25 Years of Model Checking, Berlin, Germany: Springer-Verlag, 2008, pp. 1– 26.

Digital Library

[121]

Webpage on “Model Theory” in Stanford's Encyclopedia of Philosophy. [Online]. Available: http://plato.stanford.edu/entries/model-theory/, Accessed: 2013-10-3.

[122]

D. Marker, Model Theory: An Introduction, New York, NY, USA: Springer-Verlag, 2002.

[123]

K. L. McMillan, Symbolic Model Checking, New York, NY, USA: Springer-Verlag, 1993.

Digital Library

[124]

E. Clarke, K. McMillan, S. Campos, and V. Hartonas-Garmhausen, “ Symbolic model checking,” in Computer Aided Verification, Berlin, Germany: Springer-Verlag, 1996, pp. 419– 422.

[125]

J. R. Burch, E. M. Clarke, K. L. McMillan, D. L. Dill, and L.-J. Hwang, “ Symbolic model checking: $10^{20}$ states and beyond,” Inf. Comput., vol. 98, no. 2, pp. 142– 170, Jun. 1992.

Digital Library

[126]

K. L. McMillan, “ The SMV system, symbolic model checking-an approach”, Carnegie Mellon Univ., Pittsburgh, PA, USA, Tech. Rep. CMU-CS-92-131, 1992.

[127]

A. Cimatti, et al., “ NuSMV 2: An opensource tool for symbolic model checking,” in Computer Aided Verification, Berlin, Germany: Springer-Verlag, 2002, pp. 359– 364.

[128]

A. Biere, A. Cimatti, E. Clarke, and Y. Zhu, Symbolic Model Checking Without BDDs, Berlin, Germany: Springer-Verlag, 1999.

[129]

E. Clarke, A. Biere, R. Raimi, and Y. Zhu, “ Bounded model checking using satisfiability solving,” Formal Methods Syst. Des., vol. 19, no. 1, pp. 7– 34, Jul. 2001.

Digital Library

[130]

A. Armando, J. Mantovani, and L. Platania, “ Bounded model checking of software using SMT solvers instead of SAT solvers,” Int. J. Softw. Tools Technol. Transf., vol. 11, no. 1, pp. 69– 83, Jan. 2009.

[131]

E. Clarke, D. Kroening, and F. Lerda, “ A tool for checking ANSI-C programs,” in Tools and Algorithms for the Construction and Analysis of Systems, Berlin, Germany: Springer-Verlag, 2004, pp. 168– 176.

[132]

A. Legay, B. Delahaye, and S. Bensalem, “ Statistical model checking: An overview,” in Runtime Verification, Berlin, Germany: Springer-Verlag, 2010, pp. 122– 135.

[133]

R. Fagin, and J. Y. Halpern, “ Reasoning about knowledge and probability,” J. ACM, vol. 41, no. 2, pp. 340– 367, Mar. 1994.

Digital Library

[134]

C. Baier, B. Haverkort, H. Hermanns, and J.-P. Katoen, “ Modelchecking algorithms for continuous-time Markov chains,” IEEE Trans. Softw. Eng., vol. 29, no. 6, pp. 524– 541, Jun. 2003.

Digital Library

[135]

M. Kwiatkowska, G. Norman, and D. Parker, “ Stochastic model checking,” in Formal Methods for Performance Evaluation, Berlin, Germany: Springer-Verlag, 2007, pp. 220– 270.

[136]

M. Kwiatkowska, G. Norman, and D. Parker, “ PRISM: Probabilistic model checking for performance and reliability analysis,” ACM SIGMETRICS Perform. Eval. Rev., vol. 36, no. 4, pp. 40– 45, Mar. 2009.

Digital Library

[137]

M. Kwiatkowska, G. Norman, and J. Sproston, Probabilistic Model Checking of the IEEE 802.11 Wireless Local Area Network Protocol , Berlin, Germany: Springer-Verlag, 2002.

[138]

R. Alur, T. A. Henzinger, I. Austria, and M. Y. Vardi, “ Theory in Practice for System Design and Verification,”, 2013.

[139]

R. Jhala, and R. Majumdar, “ Software model checking,” ACM Comput. Surveys, vol. 41, no. 4, pp. 21, Oct. 2009.

[140]

K. Havelund, and T. Pressburger, “ Model checking Java programs using Java Pathfinder,” Int. J. Softw. Tools Technol. Transf., vol. 2, no. 4, pp. 366– 381, Mar. 2000.

[141]

T. A. Henzinger, R. Jhala, R. Majumdar, and G. Sutre, “ Software verification with BLAST,” in Model Checking Software, Berlin, Germany: Springer-Verlag, 2003, pp. 235– 239.

[142]

S. Agerholm, and P. G. Larsen, “ A lightweight approach to formal methods,” in Applied Formal Methods—FM-Trends 98, London, U.K.: Springer-Verlag, 1999, pp. 168– 183.

[143]

D. Jackson, “ Lightweight formal methods,” in FME 2001: Formal Methods for Increasing Software Productivity, Berlin, Germany: Springer-Verlag, 2001, pp. 1– 1.

[144]

J. Jacky, The Way of Z: Practical Programming With Formal Methods, Cambridge, U.K.: Cambridge Univ. Press, 1996.

[145]

D. Jackson, “ Dependable software by design,” Sci. Amer., vol. 294, no. 6, pp. 68– 75, Jun. 2006.

[146]

Y. Xie, M. Naik, B. Hackett, and A. Aiken, “ Soundness and its role in bug detection systems,” in Proc. Workshop Eval. Softw. Defect Detection Tools, Chicago, IL, USA, 2005. [Online]. Available: http://www.cs.umd.edu/~pugh/ SoftwareDefectWorkshop05/BugWorkshop05.pdf.

[147]

D. Engler, and M. Musuvathi, “ Static analysis versus software model checking for bug finding,” in Verification, Model Checking, Abstract Interpretation, Berlin, Germany: Springer-Verlag, 2004, pp. 191– 210.

[148]

N. Feamster, and H. Balakrishnan, “ Detecting BGP configuration faults with static analysis,” in Proc. 2nd Conf. Symp. Netw. Syst. Design Implementation, 2005, vol. 2, pp. 43– 56.

[149]

A. Bessey, et al., “ A few billion lines of code later: Using static analysis to find bugs in the real world,” Commun. ACM, vol. 53, no. 2, pp. 66– 75, Feb. 2010.

Digital Library

[150]

K. R. M. Leino, “ Extended static checking: A ten-year perspective,” in Informatics, Berlin, Germany: Springer-Verlag, 2001, pp. 157– 175.

Digital Library

[151]

C. Flanagan, et al., “ Extended static checking for Java,” ACM Sigplan Notices, vol. 37, no. 5, pp. 234– 245, May 2002.

Digital Library

[152]

C. Cadar, and K. Sen, “ Symbolic execution for software testing: Three decades later,” Commun. ACM, vol. 56, no. 2, pp. 82– 90, Feb. 2013.

Digital Library

[153]

J. C. King, “ Symbolic execution and program testing,” Commun. ACM, vol. 19, no. 7, pp. 385– 394, Jul. 1976.

Digital Library

[154]

N. Nethercote, and J. Seward, “ Valgrind: A framework for heavyweight dynamic binary instrumentation,” ACM Sigplan Notices, vol. 42, no. 6, pp. 89– 100, Jun. 2007.

Digital Library

[155]

R. E. Bryant, “ Symbolic simulation—Techniques and applications,” in Proc. 27th ACM/IEEE Design Autom. Conf., 1991, pp. 517– 521.

Digital Library

[156]

R. E. Bryant, and C.-J. H. Seger, “ Formal verification of digital circuits using symbolic ternary system models,” in Computer-Aided Verification, Berlin, Germany: Springer-Verlag, 1991, pp. 33– 43.

[157]

S. Narain, “ Network configuration management via model finding,” in Proc. LISA, 2005, vol. 5, pp. 15– 15.

[158]

R. W. Ritchey, and P. Ammann, “ Using model checking to analyze network vulnerabilities,” in Proc. IEEE Symp. S P, 2000, pp. 156– 165.

[159]

M. Canini, D. Venzano, P. Peresini, D. Kostic, and J. Rexford, “ A nice way to test openflow applications,” in Proc. NSDI, Apr. 2012, pp. 10.

[160]

E. Al-Shaer, and S. Al-Haj, “ Flowchecker: Configuration analysis and verification of federated openflow infrastructures,” in Proc. 3rd ACM Workshop Assurable Usable Security Config., 2010, pp. 37– 44.

[161]

H. Mai, et al., “ Debugging the data plane with anteater,” ACM SIGCOMM Comput. Commun. Rev., vol. 41, no. 4, pp. 290– 301, Aug. 2011.

Digital Library

[162]

G. G. Xie, et al., “ On static reachability analysis of IP networks,” in Proc. IEEE 24th Annu. Joint INFOCOM, 2005, vol. 3, pp. 2170– 2183.

[163]

A. Guha, M. Reitblatt, and N. Foster, “ Formal foundations for software defined networks,” presented at the Open Net Summit, Santa Clara, CA, USA, 2013.

[164]

O. Hasan, and S. Tahar, “ Performance analysis and functional verification of the stop-and-wait protocol in HOL,” J. Autom. Reason., vol. 42, no. 1, pp. 1– 33, Jan. 2009.

Digital Library

[165]

M. Elleuch, O. Hasan, S. Tahar, and M. Abid, “ Formal analysis of a scheduling algorithm for wireless sensor networks,” in Formal Engineering Methods, Berlin, Germany: Springer-Verlag, 2011, vol. 6991 LNCS, pp. 388– 403.

[166]

S. Son, S. Shin, V. Yegneswaran, P. Porras, and G. Gu, “ Model checking invariant security properties in openflow,” in Proc. IEEE ICC, 2013, pp. 1974– 1979.

[167]

S. Zhang, and S. Malik, “ SAT based verification of network data planes,” in Automated Technology for Verification and Analysis, Zürich, Switzerland: Springer-Verlag, 2013, pp. 496– 505.

[168]

S. Zhang, A. Mahmoud, S. Malik, and S. Narain, “ Verification and synthesis of firewalls using SAT and QBF,” in Proc. 20th IEEE ICNP, 2012, pp. 1– 6.

[169]

B. Dutertre, and L. De Moura, “ The YICES SMT solver,”, vol. 2, pp. 2, 2006. [Online]. Available: http://yices.csl.sri.com/tool-paper.pdf.

[170]

G. J. Holzmann, “ The model checker SPIN,” IEEE Trans. Softw. Eng., vol. 23, no. 5, pp. 279– 295, May 1997.

Digital Library

[171]

P. Bulychev, et al., “ UPPAAL-SMC: Statistical model checking for priced timed automata,” arXiv preprint arXiv:1207.1272, 2012.

[172]

T. Nelson, C. Barratt, D. J. Dougherty, K. Fisler, and S. Krishnamurthi, “ The Margrave tool for firewall analysis,” in Proc. USENIX Large Install. Syst. Admin. Conf., 2010, pp. 1– 115.

[173]

P. Kazemian, G. Varghese, and N. McKeown, “ Header space analysis: Static checking for networks,” in Proc. NSDI, Apr. 2012, pp. 9.

[174]

M. Frappier, B. Fraikin, R. Chossart, R. Chane-Yack-Fa, and M. Ouenzar, “ Comparison of model checking tools for information systems,” in Formal Methods and Software Engineering, Berlin, Germany: Springer-Verlag, 2010, pp. 581– 596.

[175]

P. Zave, “ Understanding SIP through model-checking,” in Principles, Systems and Applications of IP Telecommunications. Services and Security for Next Generation Networks, Berlin, Germany: Springer-Verlag, 2008, pp. 256– 279.

Digital Library

[176]

S. Malik, S. Khan, and S. Srinivasan, “ Modeling and analysis of state-of-the-art VM-based cloud management platforms,” IEEE Trans. Cloud Comput., vol. 1, no. 1, pp. 1– 1, Jan.–Jun. 2013.

[177]

C. Killian, J. W. Anderson, R. Jhala, and A. Vahdat, “ Life, death, the critical transition: Finding liveness bugs in systems code,” in Proc. NSDI, 2007, pp. 243– 256.

[178]

M. Reitblatt, N. Foster, J. Rexford, C. Schlesinger, and D. Walker, “ Abstractions for network update,” in Proc. ACM SIGCOMM Conf. Appl., Technol., Architect., Protocols for Comput. Commun., 2012, pp. 323– 334.

[179]

L. Liu, O. Hasan, and S. Tahar, “ Formal reasoning about finite-state discrete-time Markov chains in HOL,” J. Comput. Sci. Technol., vol. 28, no. 2, pp. 217– 231, Mar. 2013.

[180]

L. Liu, O. Hasan, and S. Tahar, “ Formal analysis of memory contention in a multiprocessor system,” in Formal Methods: Foundations and Applications, Berlin, Germany: Springer-Verlag, 2013, vol. 8195 Lecture Notes in Computer Science, pp. 195– 210.

[181]

T. Mhamdi, O. Hasan, and S. Tahar, “ Quantitative analysis of information flow using theorem proving,” in Formal Methods and Software Engineering, Berlin, Germany: Springer-Verlag, 2012, vol. 7635 Lecture Notes in Computer Science, pp. 119– 134.

[182]

P. Zave, Formal Methods and Networking: Former Success, Current Failure, 2012.

[183]

X. Qie, and S. Narain, “ Using service grammar to diagnose BGP configuration errors,” Sci. Comput. Programm., vol. 53, no. 2, pp. 125– 141, Nov. 2004.

[184]

S. Bishop, et al., “ Engineering with logic: HOL specification and symbolic-evaluation testing for TCP implementations,” ACM SIGPLAN Notices, vol. 41, no. 1, pp. 55– 66, Jan. 2006.

Digital Library

[185]

S. Keshav, “ Editor's message: Modeling,” Comput. Commun. Rev., vol. 42, no. 3, pp. 3, Jul. 2012.

[186]

J. P. Bowen, and M. G. Hinchey, “ Ten commandments of formal methods,” Computer, vol. 28, no. 4, pp. 56– 63, Apr. 1995.

Digital Library

[187]

P. Zave, “ A practical comparison of alloy and SPIN,” in Proc. IFIP Working Group 2.3 Programm. Methodol., 2012, pp. 1– 9.

[188]

M. Handley, “ Why the Internet only just works,” BT Technol. J., vol. 24, no. 3, pp. 119– 129, Jul. 2006.

Digital Library

[189]

T. G. Griffin, and J. L. Sobrinho, “ Metarouting,” in Proc. ACM SIGCOMM Comput. Commun. Rev., 2005, vol. 35, pp. 1– 12.

[190]

T. Ridge, M. Norrish, and P. Sewell, “ A rigorous approach to networking: TCP, from implementation to protocol to service,” in FM 2008: Formal Methods, Berlin, Germany: Springer-Verlag, 2008, pp. 294– 309.

[191]

A. R. Khakpour, and A. X. Liu, “ Quantifying and querying network reachability,” in Proc. IEEE 30th ICDCS, 2010, pp. 817– 826.

[192]

A. Khurshid, W. Zhou, M. Caesar, and P. Godfrey, “ Veriflow: Verifying network-wide invariants in real time,” ACM SIGCOMM Comput. Commun. Rev., vol. 42, no. 4, pp. 467– 472, Sep. 2012.

Digital Library

[193]

S. Gutz, A. Story, C. Schlesinger, and N. Foster, “ Splendid isolation: A slice abstraction for software-defined networks,” in Proc. 1st Workshop Hot Topics Softw. Defined Netw., 2012, pp. 79– 84.

[194]

X. Ou, S. Govindavajhala, and A. W. Appel, “ MulVAL: A logic-based network security analyzer,” in Proc. 14th USENIX Security Symp., 2005, pp. 1– 16.

[195]

E. S. Al-Shaer, and H. H. Hamed, “ Discovery of policy anomalies in distributed firewalls,” in Proc. IEEE 23rd Annu. Joint Conf. INFOCOM, 2004, vol. 4, pp. 2605– 2616.

[196]

N. Kothari, R. Mahajan, T. Millstein, R. Govindan, and M. Musuvathi, “ Finding protocol manipulation attacks,” SIGCOMM–Comput. Commun. Rev., vol. 41, no. 4, pp. 26– 37, Aug. 2011.

Digital Library

[197]

M. G. Gouda, and A. X. Liu, “ Structured firewall design,” Compu. Netw., vol. 51, no. 4, pp. 1106– 1120, Mar. 2007.

Digital Library

[198]

A. Wang, et al., “ Formally verifiable networking,” in Proc. HotNets ACM SIGCOMM, 2009, pp. 1– 42.

[199]

A. Noyes, T. Warszawski, and N. Foster, “ Toward synthesis of network updates,” in Proc. Workshop SYNT, 2013, pp. 1– 16.

[200]

A. Wang, S. Moarref, U. Topcu, B. T. Loo, and A. Scedrov, “ Automated synthesis of reactive controllers for software-defined networks,” in Proc. 3rd Int. WRIPE, 2013, pp. 1– 6.

[201]

S. Budkowski, and P. Dembinski, “ An introduction to Estelle: A specification language for distributed systems,” Comput. Netw. ISDN Syst., vol. 14, no. 1, pp. 3– 23, Mar. 1987.

Digital Library

[202]

A. Fehnker, L. Van Hoesel, and A. Mader, “ Modelling and verification of the LMAC protocol for wireless sensor networks,” in Integrated Formal Methods, Berlin, Germany: Springer-Verlag, 2007, pp. 253– 272.

[203]

P. Ballarini, and A. Miller, “ Model checking medium access control for sensor networks,” in Proc. IEEE 2nd ISoLA, Verification Validation, 2006, pp. 255– 262.

[204]

S. U. R. Malik, S. K. Srinivasan, S. U. Khan, and L. Wang, “ A methodology for OSPF routing protocol verification,” in Proc. 12th Int. Conf. ScalCom, Changzhou, China, 2012, pp. 1– 5.

[205]

F. De Renesse, and A. Aghvami, “ Formal verification of ad-hoc routing protocols using SPIN model checker,” in Proc. 12th IEEE MELECON, 2004, vol. 3, pp. 1177– 1182.

[206]

A. Fehnker, et al., “ Automated analysis of AODV using UPPAAL,” in Tools and Algorithms for the Construction and Analysis of Systems, Berlin, Germany: Springer-Verlag, 2012, pp. 173– 187.

[207]

C. Xiong, T. Murata, and J. Leigh, “ An approach for verifying routing protocols in mobile ad hoc networks using Petri nets,” in Proc. IEEE 6th Circuits Syst. Symp. Emerging Technol.—Frontiers Mobile Wireless Commun., 2004, vol. 2, pp. 537– 540.

[208]

P. Höfner, and A. McIver, “ Statistical model checking of wireless mesh routing protocols,” in NASA Formal Methods, Berlin, Germany: Springer-Verlag, 2013, pp. 322– 336.

[209]

J. A. Bergstra, and J. W. Klop, “ Verification of an alternating bit protocol by means of process algebra protocol,” in Mathematical Methods of Specification and Synthesis of Software Systems'85Proceedings of the International Spring School Wendisch-Rietz, GDR, April 22–26, 1985, Berlin, Germany: Springer-Verlag, 1986, pp. 9– 23.

[210]

K. A. Bartlett, R. A. Scantlebury, and P. T. Wilkinson, “ A note on reliable full-duplex transmission over half-duplex links,” Commun. ACM, vol. 12, no. 5, pp. 260– 261, May 1969.

Digital Library

[211]

I. Suzuki, “ Formal analysis of the alternating bit protocol by temporal Petri nets,” IEEE Trans. Softw. Eng., vol. 16, no. 11, pp. 1273– 1281, Nov. 1990.

Digital Library

[212]

J. Billington, and G. E. Gallasch, How Stop and Wait Protocols Can Fail Over the Internet, Berlin, Germany: Springer-Verlag, 2003.

[213]

J. Billington, and B. Han, “ Modelling and analysing the functional behaviour of TCPs connection management procedures,” Int. J. Softw. Tools Technol. Transf., vol. 9, no. 3/4, pp. 269– 304, May 2007.

Digital Library

[214]

O. Hasan, and S. Tahar, “ Performance analysis of ARQ protocols using a theorem prover,” in Proc. IEEE ISPASS, 2008, pp. 85– 94.

[215]

S. Šimoňák, “ Verification of communication protocols based on formal methods integration,” Acta Polytech. Hungarica, vol. 9, no. 4, pp. 117– 128, 2012.

[216]

A. Armando, and L. Compagna, “ Automatic sat-compilation of protocol insecurity problems via reduction to planning,” in Formal Techniques for Networked and Distributed Sytems—FORTE 2002, London, U.K.: Springer-Verlag, 2002, pp. 210– 225.

[217]

F. Belina, and D. Hogrefe, “ The CCITT-specification and description language SDL,” Comput. Netw. ISDN Syst., vol. 16, no. 4, pp. 311– 341, Mar. 1989.

Digital Library

[218]

T. Bolognesi, and E. Brinksma, “ Introduction to the ISO specification language LOTOS,” Comput. Netw. ISDN Syst., vol. 14, no. 1, pp. 25– 59, Mar. 1987.

Digital Library

[219]

M. Karsten, S. Keshav, S. Prasad, and M. Beg, “ An axiomatic basis for communication,” ACM SIGCOMM Comput. Commun. Rev., vol. 37, no. 4, pp. 217– 228, Oct. 2007.

Digital Library

[220]

B. T. Loo, et al., “ Declarative networking,” Commun. ACM, vol. 52, no. 11, pp. 87– 95, Nov. 2009.

Digital Library

[221]

A. Voellmy, and P. Hudak, “ Nettle: Taking the sting out of programming network routers,” in Practical Aspects of Declarative Languages, Berlin, Germany: Springer-Verlag, 2011, pp. 235– 249.

Digital Library

[222]

M. C. Yuang, “ Survey of protocol verification techniques based on finite state machine models,” in Proc. Comput. Netw. Symp., 1988, pp. 164– 172.

[223]

G. J. Holzmann, Design and Validation of Computer Protocols, Englewood Cliffs, NJ, USA: Prentice-Hall, 1991.

Digital Library

[224]

J.-P. Queille, and J. Sifakis, “ Specification and verification of concurrent systems in CESAR,” in Proc. Int. Symp. Programm., 1982, pp. 337– 351.

[225]

B. Blanchet, “ Security protocol verification: Symbolic and computational models,” in Proc. 1st Int. Conf. POST, 2012, pp. 3– 29.

[226]

R. Lai, “ A survey of communication protocol testing,” J. Syst. Softw., vol. 62, no. 1, pp. 21– 46, May 2002.

Digital Library

[227]

G. Cabodi, P. Camurati, and S. Quer, “ Improved reachability analysis of large finite state machines,” in Proc. IEEE/ACM Int. Conf. Computer-Aided Design, 1997, pp. 354– 360.

[228]

R. Sherwood, et al., “ Carving research slices out of your production networks with openflow,” ACM SIGCOMM Comput. Commun. Rev., vol. 40, no. 1, pp. 129– 130, Jan. 2010.

Digital Library

[229]

The Frenetic Research Project. [Online]. Available: http://www.frenetic-lang.org, Accessed: 2013-09-12.

[230]

What's Behind Network Downtime?—IBM. [Online]. Available: www-05.ibm.com/uk/juniper/pdf/200249.pdf, Accessed: 2013-09-30.

[231]

N. Feamster, “ Practical verification techniques for wide-area routing,” ACM Sigcomm Comput. Commun. Rev., vol. 34, no. 1, pp. 87– 92, Jan. 2004.

Digital Library

[232]

B. Heller, et al., “ Leveraging SDN layering to systematically troubleshoot networks,” in Proc. 2nd ACM SIGCOMM Workshop Hot Topics Softw. Defined Netw., 2013, pp. 37– 42.

Digital Library

[233]

N. Handigol, B. Heller, V. Jeyakumar, D. Maziéres, and N. McKeown, “ Where is the debugger for my software-defined network?,” in Proc. 1st Workshop Hot Topics Softw. Defined Netw., 2012, pp. 55– 60.

Digital Library

[234]

N. A. Handigol, “ Using packet histories to troubleshoot networks,” Ph.D. dissertations, Stanford Univ., Stanford, CA, USA, 2013.

[235]

A. Wundsam, D. Levin, S. Seetharaman, and A. Feldmann, “ Ofrewind: Enabling record and replay troubleshooting for networks,” in Proc. USENIX ATC, 2011, pp. 29.

[236]

R. C. Scott, A. Wundsam, K. Zarifis, and S. Shenker, “ What, where, when: software fault localization for SDN”, EECS Dept., Univ. California, Berkeley, CA, USA, Tech. Rep. UCB/EECS-2012-178, 2012.

[237]

C. Scott, et al., “ How did we get into this mess? Isolating fault-inducing inputs to SDN control software”, EECS Dept., Univ. California, Berkeley, CA, USA, Tech. Rep. UCB/EECS-2013-8, 2013.

[238]

P. Reynolds, et al., “ PIP: Detecting the unexpected in distributed systems,” in Proc. NSDI, 2006, vol. 6, pp. 115– 128.

[239]

C. Scott, et al., “ Automatic troubleshooting for SDN control software,”, 2013.

[240]

G. Lowe, “ Breaking and fixing the Needham–Schroeder public-key protocol using FDR,” in Tools and Algorithms for the Construction and Analysis of Systems, Berlin, Germany: Springer-Verlag, 1996, pp. 147– 166.

[241]

B. Chess, and J. West, Secure Programming With Static Analysis, Boca Raton, FL, USA: Pearson Education, 2007.

Digital Library

[242]

C. Ramakrishnan, and R. Sekar, “ Model-based analysis of configuration vulnerabilities,” J. Comput. Security, vol. 10, no. 1/2, pp. 189– 209, 2002.

[243]

D. M. Nicol, W. H. Sanders, and K. S. Trivedi, “ Model-based evaluation: From dependability to security,” IEEE Trans. Dependable Secure Comput., vol. 1, no. 1, pp. 48– 65, Jan.–Mar. 2004.

Digital Library

[244]

D. Antoš, V. Rehak, and J. Korenek, “ Hardware router's lookup machine and its formal verification,” in Proc. ICN, 2004, vol. 2, pp. 1– 002.

[245]

P. Curzon, The Formal Verification of the Fairisle ATM Switching Element, 1994.

[246]

D. Borrione, A. Helmy, L. Pierre, and J. Schmaltz, “ A formal approach to the verification of networks on chip,” EURASIP J. Embedded Syst., vol. 2009, pp. 2, 2009.

[247]

T. van den Broek, and J. Schmaltz, “ Towards a formally verified network-on-chip,” in Proc. FMCAD, 2009, pp. 184– 187.

[248]

J. S. Baras, and G. Theodorakopoulos, “ Path problems in networks,” Synthesis Lect. Commun. Netw., vol. 3, no. 1, pp. 1– 77, 2010.

[249]

J. L. Sobrinho, “ An algebraic theory of dynamic network routing,” IEEE/ACM Trans. Netw., vol. 13, no. 5, pp. 1160– 1173, Oct. 2005.

Digital Library

[250]

T. L. Hinrichs, N. S. Gude, M. Casado, J. C. Mitchell, and S. Shenker, “ Practical declarative network management,” in Proc. 1st ACM Workshop Res. Enterprise Netw., 2009, pp. 1– 10.

Digital Library

[251]

S. C. Johnson, “ YACC: Yet another compiler-compiler”, Bell Lab., Murray Hill, NJ, USA, 1975, vol. 32.

[252]

R. Pang, V. Paxson, R. Sommer, and L. Peterson, “ binpac: A yacc for writing application protocol parsers,” in Proc. 6th ACM SIGCOMM Conf. Internet Meas., 2006, pp. 289– 300.

[253]

B. T. Loo, J. M. Hellerstein, I. Stoica, and R. Ramakrishnan, “ Declarative routing: Extensible routing with declarative queries,” ACM SIGCOMM Comput. Commun. Rev., vol. 35, no. 4, pp. 289– 300, Oct. 2005.

Digital Library

[254]

N. P. Katta, J. Rexford, and D. Walker, “ Logic programming for software-defined networks,” in Proc. Workshop Cross-Model Design Validation (XLDI), 2012, pp. 1– 3.

[255]

T. Nelson, A. Guha, D. J. Dougherty, K. Fisler, and S. Krishnamurthi, “ A balance of power: Expressive, analyzable controller programming,” in Proc. 2nd ACM SIGCOMM Workshop Hot Topics Softw. Defined Netw., 2013, pp. 79– 84.

[256]

A. Wang, P. Basu, B. T. Loo, and O. Sokolsky, “ Declarative network verification,” in Practical Aspects of Declarative Languages, Berlin, Germany: Springer-Verlag, 2009, pp. 61– 75.

[257]

A. Voellmy, H. Kim, and N. Feamster, “ Procera: A language for high-level reactive network control,” in Proc. 1st Workshop Hot Topics Softw. Defined Netw., 2012, pp. 43– 48.

[258]

C. Monsanto, J. Reich, N. Foster, J. Rexford, and D. Walker, “ Composing software defined networks,” in Proc. NSDI, Apr. 2013, pp. 1– 14.

[259]

Z. Wan, and P. Hudak, “ Functional reactive programming from first principles,” ACM SIGPLAN Notices, vol. 35, no. 5, pp. 242– 252, May 2000.

Digital Library

[260]

P. Hudak, A. Courtney, H. Nilsson, and J. Peterson, “ Arrows, robots, functional reactive programming,” in Advanced Functional Programming, Berlin, Germany: Springer-Verlag, 2003, pp. 159– 187.

[261]

H. Zeng, P. Kazemian, G. Varghese, and N. McKeown, “ Automatic test packet generation,” in Proc. 8th Int. Conf. Emerging Netw. Exp. Technol., 2012, pp. 241– 252.

Digital Library

[262]

D. Sethi, S. Narayana, and S. Malik, “ Abstractions for model checking SDN controllers,” in Proc. Formal Methods Comput. Aided Design, 2013, pp. 145– 148.

[263]

M.-K. Shin, K.-H. Nam, M. Kang, and J.-Y. Choi, “ Formal specification and programming for SDN,” in Proc. IETF 84, 2012, pp. 1– 19.

[264]

R. W. Skowyra, A. Lapets, A. Bestavros, and A. Kfoury, “ Verifiably-safe software-defined networks for CPS,” in Proc. 2nd ACM Int. Conf. High Confidence Netw. Syst., 2013, pp. 101– 110.

Digital Library

[265]

C. Monsanto, N. Foster, R. Harrison, and D. Walker, “ A compiler and run-time system for network programming languages,” ACM SIGPLAN Notices, vol. 47, no. 1, pp. 217– 230, Jan. 2012.

Digital Library

[266]

G. Stewart, “ Computational verification of network programs in coq,” Certified Programs and Proofs, 2013.

Cited By

Zhang YPu GSun JGrundy JLe Goues CLo D(2020)Accelerating all-SAT computation with short blocking clausesProceedings of the 35th IEEE/ACM International Conference on Automated Software Engineering10.1145/3324884.3416569(6-17)Online publication date: 21-Dec-2020
https://dl.acm.org/doi/10.1145/3324884.3416569
Kumar RVenkanna UTiwari V(2019)Optimized Link Utilization Based Approach for Traffic Engineering in SDWSN2019 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS)10.1109/ANTS47819.2019.9118068(1-6)Online publication date: 16-Dec-2019
https://dl.acm.org/doi/10.1109/ANTS47819.2019.9118068
Sobrinho Ada Silva LPerkusich ACunha PCordeiro TLima A(2019)Formal modeling of biomedical signal acquisition systems: source of evidence for certificationSoftware and Systems Modeling (SoSyM)10.1007/s10270-017-0616-718:2(1467-1485)Online publication date: 1-Apr-2019
https://dl.acm.org/doi/10.1007/s10270-017-0616-7
Show More Cited By

Index Terms

Applying Formal Methods to Networking: Theory, Techniques, and Applications

Index terms have been assigned to the content through auto-classification.

Recommendations

Formal Specification of User Interfaces: A Comparison and Evaluation of Four Axiomatic Approaches
Annals of discrete mathematics, 24

Few examples of formal specification of the semantics of user interfaces exist in the literature. This paper presents a comparison of four axiomatic approaches which we have applied to the specification of a commercial user interface-the line editor for ...
SeSFJava harness: service and assertion checking for protocol implementations

Many formal specification languages and associated tools have been developed for network protocols. Ultimately, formal language specifications have to be compiled into a conventional programming language and this involves manual intervention (even with ...
Towards Formal Verification of Node RED-Based IoT Applications
Verification and Evaluation of Computer and Communication Systems
Abstract
The world has been witnessing a proliferation of Internet of Things (IoT) applications in the last decade thanks to the growing awareness of the opportunities they can bring in various domains. However, the widespread adoption of IoT technologies ...

Comments

Information & Contributors

Information

Published In

cover image IEEE Communications Surveys & Tutorials

IEEE Communications Surveys & Tutorials Volume 17, Issue 1

Firstquarter 2015

492 pages

ISSN:1553-877X

Issue’s Table of Contents

Copyright © 2014.

Publisher

IEEE Press

Publication History

Published: 01 January 2015

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

6
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 30 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Zhang YPu GSun JGrundy JLe Goues CLo D(2020)Accelerating all-SAT computation with short blocking clausesProceedings of the 35th IEEE/ACM International Conference on Automated Software Engineering10.1145/3324884.3416569(6-17)Online publication date: 21-Dec-2020
https://dl.acm.org/doi/10.1145/3324884.3416569
Kumar RVenkanna UTiwari V(2019)Optimized Link Utilization Based Approach for Traffic Engineering in SDWSN2019 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS)10.1109/ANTS47819.2019.9118068(1-6)Online publication date: 16-Dec-2019
https://dl.acm.org/doi/10.1109/ANTS47819.2019.9118068
Sobrinho Ada Silva LPerkusich ACunha PCordeiro TLima A(2019)Formal modeling of biomedical signal acquisition systems: source of evidence for certificationSoftware and Systems Modeling (SoSyM)10.1007/s10270-017-0616-718:2(1467-1485)Online publication date: 1-Apr-2019
https://dl.acm.org/doi/10.1007/s10270-017-0616-7
Xiang SBonsangue MZhu H(2019)PDNet: A Programming Language for Software-Defined Networks with VLANFormal Methods and Software Engineering10.1007/978-3-030-32409-4_13(203-218)Online publication date: 5-Nov-2019
https://dl.acm.org/doi/10.1007/978-3-030-32409-4_13
Sun WXu LElbaum SBultan TSen K(2017)Improving the cost-effectiveness of symbolic testing techniques for transport protocol implementations under packet dynamicsProceedings of the 26th ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3092703.3092706(79-89)Online publication date: 10-Jul-2017
https://dl.acm.org/doi/10.1145/3092703.3092706
Lopes FSantos MFidalgo RFernandes S(2016)A Software Engineering Perspective on SDN ProgrammabilityIEEE Communications Surveys & Tutorials10.1109/COMST.2015.250102618:2(1255-1272)Online publication date: 1-Apr-2016
https://dl.acm.org/doi/10.1109/COMST.2015.2501026

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Issue’s Table of Contents