The University of Southampton
×
Filter your search:
University of Southampton Institutional Repository

Developing safe exception recovery mechanisms for CHERI capability hardware using UML-B formal analysis

Developing safe exception recovery mechanisms for CHERI capability hardware using UML-B formal analysis
Developing safe exception recovery mechanisms for CHERI capability hardware using UML-B formal analysis
While detection of suspicious or erroneous CPU behaviour can be achieved by generic mechanisms such as memory safe processors, recovering safely from the resulting exceptions is an application specific problem. The challenge is to ensure that a complex closed system including controller and its environment remain in a safe state while undertaking abnormal state changes in the controller as part of its exception recovery process. Handling exceptional error events is a complex task requiring insight and domain expertise to ensure that a process is designed to recover from abnormal conditions and return the system to a safe state. Exception handling relies on a notion of transactions in order to identify how the system can be systematically returned to a consistent state. Formal methods can address this complexity, by supporting the analysis of transactions and exception handling at the abstract design stages utilising mathematical modelling and proofs. Event-B is a state-based formal method for modelling and verifying the consistency of discrete systems, however it lacks explicit support for analysing the handling of exceptions. UML-B is a diagrammatic front-end for Event-B modelling which allows models to be constructed using class diagrams and state-machines. In this paper, we use UML-B state machines to support the modelling of normal behaviour, with a notion of consistency and augment this with a technique for modelling 'transactions' which may either complete to reach a consistent state or encounter exceptional errors that have to return the system to a consistent state despite the non-completion of the transaction. We also discuss an implementation of the modelled exception handling in the `C' programming language as a first stage towards automatic code generation of exception handlers.
Exception Handling, Formal Methods, Event-B, UML-B
Snook, Colin
b2055316-9f7a-4b31-8aa1-be0710046af2
Salehi Fathabadi, Asieh
b799ee35-4032-4e7c-b4b2-34109af8aa75
Hoang, Son
dcc0431d-2847-4e1d-9a85-54e4d6bab43f
Thorburn, Robert H
da604f04-44b0-4d81-80de-0c9e64f985c3
Butler, Michael
54b9c2c7-2574-438e-9a36-6842a3d53ed0
Aniello, Leonardo
9846e2e4-1303-4b8b-9092-5d8e9bb514c3
Sassone, vladi
df7d3c83-2aa0-4571-be94-9473b07b03e7
Snook, Colin
b2055316-9f7a-4b31-8aa1-be0710046af2
Salehi Fathabadi, Asieh
b799ee35-4032-4e7c-b4b2-34109af8aa75
Hoang, Son
dcc0431d-2847-4e1d-9a85-54e4d6bab43f
Thorburn, Robert H
da604f04-44b0-4d81-80de-0c9e64f985c3
Butler, Michael
54b9c2c7-2574-438e-9a36-6842a3d53ed0
Aniello, Leonardo
9846e2e4-1303-4b8b-9092-5d8e9bb514c3
Sassone, vladi
df7d3c83-2aa0-4571-be94-9473b07b03e7

Snook, Colin, Salehi Fathabadi, Asieh, Hoang, Son, Thorburn, Robert H, Butler, Michael, Aniello, Leonardo and Sassone, vladi (2025) Developing safe exception recovery mechanisms for CHERI capability hardware using UML-B formal analysis. ABZ 2025 – 11th International Conference on Rigorous State Based Methods, , Düsseldorf, Germany. 11 - 13 Jun 2025. 18 pp .

Record type: Conference or Workshop Item (Paper)

Abstract

While detection of suspicious or erroneous CPU behaviour can be achieved by generic mechanisms such as memory safe processors, recovering safely from the resulting exceptions is an application specific problem. The challenge is to ensure that a complex closed system including controller and its environment remain in a safe state while undertaking abnormal state changes in the controller as part of its exception recovery process. Handling exceptional error events is a complex task requiring insight and domain expertise to ensure that a process is designed to recover from abnormal conditions and return the system to a safe state. Exception handling relies on a notion of transactions in order to identify how the system can be systematically returned to a consistent state. Formal methods can address this complexity, by supporting the analysis of transactions and exception handling at the abstract design stages utilising mathematical modelling and proofs. Event-B is a state-based formal method for modelling and verifying the consistency of discrete systems, however it lacks explicit support for analysing the handling of exceptions. UML-B is a diagrammatic front-end for Event-B modelling which allows models to be constructed using class diagrams and state-machines. In this paper, we use UML-B state machines to support the modelling of normal behaviour, with a notion of consistency and augment this with a technique for modelling 'transactions' which may either complete to reach a consistent state or encounter exceptional errors that have to return the system to a consistent state despite the non-completion of the transaction. We also discuss an implementation of the modelled exception handling in the `C' programming language as a first stage towards automatic code generation of exception handlers.

Text
ABZ2025-ExceptionRecovery[Submitted] - Author's Original
Available under License Creative Commons Attribution.
Download (1MB)
Text
ABZ2025-ExceptionHandling(Accepted) - Accepted Manuscript
Available under License Creative Commons Attribution.
Download (1MB)

More information

Submitted date: 2 March 2025
Accepted/In Press date: 2 April 2025
Published date: 10 June 2025
Venue - Dates: ABZ 2025 – 11th International Conference on Rigorous State Based Methods, , Düsseldorf, Germany, 2025-06-11 - 2025-06-13
Related URLs:
Keywords: Exception Handling, Formal Methods, Event-B, UML-B
Learn more about Cyber Security research Learn more about Cyber Physical Systems research

Identifiers

Local EPrints ID: 501140
URI: http://eprints.soton.ac.uk/id/eprint/501140
PURE UUID: 816b5a39-15f3-4ad6-a63d-fd4495a5dfe3
ORCID for Colin Snook: ORCID iD orcid.org/0000-0002-0210-0983
ORCID for Asieh Salehi Fathabadi: ORCID iD orcid.org/0000-0002-0508-3066
ORCID for Son Hoang: ORCID iD orcid.org/0000-0003-4095-0732
ORCID for Robert H Thorburn: ORCID iD orcid.org/0000-0001-5888-7036
ORCID for Michael Butler: ORCID iD orcid.org/0000-0003-4642-5373
ORCID for Leonardo Aniello: ORCID iD orcid.org/0000-0003-2886-8445
ORCID for vladi Sassone: ORCID iD orcid.org/0000-0002-6432-1482

Catalogue record

Date deposited: 27 May 2025 16:46
Last modified: 11 Jun 2025 01:57

Export record

Contributors

Author: Colin Snook ORCID iD
Author: Asieh Salehi Fathabadi ORCID iD
Author: Son Hoang ORCID iD
Author: Robert H Thorburn ORCID iD
Author: Michael Butler ORCID iD
Author: Leonardo Aniello ORCID iD
Author: vladi Sassone ORCID iD

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Library staff additional information
Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×