Professional Documents
Culture Documents
Page 1 of 10
Dates
Date issued to students March 9, 2021
Date to be returned to students June 4, 2021
(marks/feedback)
Submission Date May 6, 2021
Feedback
Feedback provision will be Written feedback uploaded to Blackboard as
appropriate.
1
UFCFYN-15-M-Analysis and Verification of Concurrent Systems
Page 2 of 10
Contents
2
UFCFYN-15-M-Analysis and Verification of Concurrent Systems
Page 3 of 10
The assignment is worth 100 marks representing 40% of the overall mark for the module.
The learning objective of this coursework is to design, analyse, and verify authentication
protocol using the NuSMV model checker. This will give you hands-on experience with the
NuSMV tool and understanding its input language for specifying systems and desired system
properties.
Assignment type: this is an INDIVIDUAL assignment. Do not copy and paste work from
any other source or work with any other person. You are strictly forbidden from discussing
your answers with another student. Text-matching software will be used on all submissions.
Working on this assignment will help you to achieve the learning outcomes mentioned above
as well as you would be aware of when and how you might deploy formal verification
techniques. If you have questions about this assignment, I will be happy to discuss those
during our lecture/lab session.
3
UFCFYN-15-M-Analysis and Verification of Concurrent Systems
Page 4 of 10
(1) A -> S : A, B
(2) S -> A : {Ts, L, Kab, B}Kas , {Ts, L, Kab, A}Kbs
(3) A -> B : {Ts, L, Kab, A}Kbs , {A, Ta} Kab
(4) B -> A : {Ta+1}Kab
The model of the above protocol could be composed of several variables and
processes (or agents). The protocol shall ensure authentication and secrecy. Such
properties shall be verified against an intruder I with the following capabilities:
4
UFCFYN-15-M-Analysis and Verification of Concurrent Systems
Page 5 of 10
Model as a concurrent system in NuSMV the protocol described above as the
interaction of 4 agents, A, B, S and I. Multiple sessions may overlap,
asynchronously. However, to ensure finiteness of the model state space, consider a
maximum number n of sessions, and verify the satisfaction of the properties above
under such a limitation. To model and verify the desired system properties you need
to complete the following tasks:
Task 1: Design and draw a state transition diagram of the system considering four
agents mentioned above. Please note that this diagram would be a high-level
diagram and not considering NuSMV’s low level diagram (as it would be very
complicated); (20 marks)
Task 2: In your NuSMV model (code using the SMV language) all the agents should
work concurrently, and in an asynchronous manner; (30 marks)
Task 3: Identify and express six authentication and secrecy properties using
CTL/LTL; (6*5=30 marks)
Task 4: Demonstrate, verify all the properties identified above by running your
code. (20 marks)
You may get some idea on how to write authentication and secrecy properties from the
following paper.
M. Panti , L. Spalazzi , S. Tacconi. Using the NuSMV Model Checker to verify the Kerberos
Protocol (2002) http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.21.8906
5
UFCFYN-15-M-Analysis and Verification of Concurrent Systems
Page 6 of 10
Section 3: Deliverables
https://atomisystems.com/screencasting/record-screen-windows-10/
http://fetliu.net/blog/new-aug-19-kaltura-submissions-what-do-i-need-to-tell-my-
students/
(i) a record of your presentation that displays the screen on which you run your
code;
(ii) you should be running through all the properties to demonstrate the how your
code works (assuming that your tutor is watching the presentation);
(iii) since presentation timing is an important factor, detailed code explanation would
not be possible. However, you should go through the code lightly after
presenting/showing/running all the properties. Later on, your tutors may look at
your code if necessary;
(iv) your voice will be enough (if you don't want to show your face);
(v) your presentation should not be too short or too long, ideally 10/15(max)
minutes;
6
UFCFYN-15-M-Analysis and Verification of Concurrent Systems
Page 7 of 10
(vi) do not leave submission to the very last minute. Always allow time in case of
technical issues and uploading time.
7
UFCFYN-15-M-Analysis and Verification of Concurrent Systems
Page 8 of 10
8
UFCFYN-15-M-Analysis and Verification of Concurrent Systems
Page 9 of 10
and their use and their use and their use and their use and their use redundant
are not correct are correct but are not fully are correct, are correct, variable
(overall less model does correct, so but the and the declaration
than 40% not fulfil model does interleaved interleaved and their use
complete) required not fulfil execution of execution of are correct,
features required processes processes and the
(overall less features gives minor work perfectly. interleaved
than 50% (overall less error that can execution of
complete) than 60% be fixed easily processes
complete) work perfectly.
Authenticati For each property identified:
on and CTL/LTL expression incorrect as well as the property is irrelevant 0 mark
secrecy CTL/LTL expression is correct, but the property is irrelevant 50% marks
properties CTL/LTL expression is incorrect, but the property is relevant 50% marks
CTL/LTL expression is correct, and the property is relevant 100% marks
using CTL/LTL
Verification For each correct and relevant CTL/LTL property verified: 100% marks
result
Video Absent 0 mark
presentation Inadequate (barely able to explain the analysis/design and/or work done) 6 marks
Good (good explanation of analysis/design and/or work done) 12 marks
Very Good (very good explanation of analysis/design and/or work done) 16 marks
Excellent (excellent explanation of analysis/design and/or work done) 20 marks
9
UFCFYN-15-M coursework-2021 Page 10 of 10
10