The University of Southampton
University of Southampton Institutional Repository

Retrenching the Purse: Hashing Injective CLEAR Codes, and Security Properties

Retrenching the Purse: Hashing Injective CLEAR Codes, and Security Properties
Retrenching the Purse: Hashing Injective CLEAR Codes, and Security Properties
The Mondex Electronic Purse is an outstanding example of industrial scale formal refinement, and was the first verification to achieve ITSEC level E6 certification. A formal abstract model and a formal concrete model were developed, and a formal refinement was hand-proved between them. Nevertheless, certain requirements issues were set beyond the scope of the formal development, or handled in an unnatural manner. The retrenchment Tower Pattern is used to address one such issue in detail: the use of a hash function rather than a total injective function when clearing the highly constrained purse logs. A retrenchment is constructed from the lowest level model to a model using a hash, and is then lifted to create two refinement developments, working at different levels of detail, and connected via retrenchments. The tower development is appropriately validated, vindicating the design used.
retrenchment, refinement, mondex, electronic purse
76-89
Banach, Richard
3c9a2946-4d86-428e-bce2-6dfdde219ff3
Jeske, Czeslaw
fbe74737-872a-44ad-9592-d2036aeb95a1
Poppleton, Michael
00f3ffec-b4ff-4dd3-89a4-7a9aaff1c9f1
Stepney, Susan
7a80b0af-85d5-4686-87fe-62d782c72156
Margaria, Tiziana
77631364-2e50-4626-8f14-5dd63669c470
Philippou, Anna
140c2451-d79a-4c10-83b7-e84b547ba8e2
Steffen, Bernhard
14184ff8-14ec-4cb3-a58f-73bead1bb1fc
Banach, Richard
3c9a2946-4d86-428e-bce2-6dfdde219ff3
Jeske, Czeslaw
fbe74737-872a-44ad-9592-d2036aeb95a1
Poppleton, Michael
00f3ffec-b4ff-4dd3-89a4-7a9aaff1c9f1
Stepney, Susan
7a80b0af-85d5-4686-87fe-62d782c72156
Margaria, Tiziana
77631364-2e50-4626-8f14-5dd63669c470
Philippou, Anna
140c2451-d79a-4c10-83b7-e84b547ba8e2
Steffen, Bernhard
14184ff8-14ec-4cb3-a58f-73bead1bb1fc

Banach, Richard, Jeske, Czeslaw, Poppleton, Michael and Stepney, Susan (2006) Retrenching the Purse: Hashing Injective CLEAR Codes, and Security Properties. Margaria, Tiziana, Philippou, Anna and Steffen, Bernhard (eds.) IEEE ISOLA 2006: 2nd Int. Symp. on Leveraging Applications of Formal Methods, Verification and Validation, Paphos, Cyprus. pp. 76-89 .

Record type: Conference or Workshop Item (Paper)

Abstract

The Mondex Electronic Purse is an outstanding example of industrial scale formal refinement, and was the first verification to achieve ITSEC level E6 certification. A formal abstract model and a formal concrete model were developed, and a formal refinement was hand-proved between them. Nevertheless, certain requirements issues were set beyond the scope of the formal development, or handled in an unnatural manner. The retrenchment Tower Pattern is used to address one such issue in detail: the use of a hash function rather than a total injective function when clearing the highly constrained purse logs. A retrenchment is constructed from the lowest level model to a model using a hash, and is then lifted to create two refinement developments, working at different levels of detail, and connected via retrenchments. The tower development is appropriately validated, vindicating the design used.

Text
Retrench.Mondex.Hash.ISOLA06.pdf - Other
Download (131kB)

More information

Published date: 2006
Additional Information: Event Dates: November 19, 2006
Venue - Dates: IEEE ISOLA 2006: 2nd Int. Symp. on Leveraging Applications of Formal Methods, Verification and Validation, Paphos, Cyprus, 2006-11-19
Keywords: retrenchment, refinement, mondex, electronic purse
Organisations: Electronics & Computer Science

Identifiers

Local EPrints ID: 263247
URI: http://eprints.soton.ac.uk/id/eprint/263247
PURE UUID: d2687fd0-dd1e-4f97-aa03-5854038679ed

Catalogue record

Date deposited: 13 Dec 2006
Last modified: 29 Jan 2020 15:53

Export record

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×