The University of Southampton
University of Southampton Institutional Repository

Analysing security protocols using refinement in iUML-B

Snook, Colin, Hoang, Thai Son and Butler, Michael (2017) Analysing security protocols using refinement in iUML-B At 9th NASA Formal Methods Symposium, Moffett Field, CA, United States. 16 - 18 May 2017. 15 pp, pp. 84-98.

Record type: Conference or Workshop Item (Paper)


We propose a general approach based on abstraction and refinement for constructing and analysing security protocols using formal specification and verification. We use class diagrams to specify conceptual system entities and their relationships. We use state-machines to model the protocol execution involving the entities' interactions. Features of our approach include specifying security principles as invariants of some abstract model of the overall system. The specification is then refined to introduce implementable mechanisms for the protocol. A gluing invariant specifies why the protocol achieves the security principle. Security breaches arise as violations of the gluing invariant. We make use of both theorem proving and model checking techniques to analyse our formal model, in particular, to explore the source and consequence of the security attack. To demonstrate the use of our approach we explore the mechanism of a security attack in a network protocol.

PDF VLANTAG_NASA17 - Accepted Manuscript
Download (435kB)

More information

Accepted/In Press date: 4 February 2017
Published date: 16 May 2017
Venue - Dates: 9th NASA Formal Methods Symposium, Moffett Field, CA, United States, 2017-05-16 - 2017-05-18
Keywords: Virtual LAN, Security, Event-B, iUML-B
Organisations: Faculty of Physical Sciences and Engineering, Electronic & Software Systems


Local EPrints ID: 406508
PURE UUID: 2dfb641f-61d1-4537-b7e2-8133af981d30
ORCID for Colin Snook: ORCID iD
ORCID for Thai Son Hoang: ORCID iD
ORCID for Michael Butler: ORCID iD

Catalogue record

Date deposited: 18 Mar 2017 02:21
Last modified: 11 Aug 2017 16:31

Export record


Author: Colin Snook ORCID iD
Author: Thai Son Hoang ORCID iD
Author: Michael Butler ORCID iD

University divisions

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Atom RSS 1.0 RSS 2.0

Contact ePrints Soton:

ePrints Soton supports OAI 2.0 with a base URL of

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.