Difference between revisions of "Applications"
From The Maude System
Line 5: | Line 5: | ||
* Browser security: uncovering 12 kinds of unknown attacks on Internet Explorer ([https://ieeexplore.ieee.org/abstract/document/4223215 CMSWW07]), and design and verification of the secure-by-construction Illinois’s IBOS browser ([https://link.springer.com/chapter/10.1007/978-3-642-35861-6_14 SKMT12], [https://link.springer.com/chapter/10.1007%2F978-3-030-63595-4_10 SMR20]). | * Browser security: uncovering 12 kinds of unknown attacks on Internet Explorer ([https://ieeexplore.ieee.org/abstract/document/4223215 CMSWW07]), and design and verification of the secure-by-construction Illinois’s IBOS browser ([https://link.springer.com/chapter/10.1007/978-3-642-35861-6_14 SKMT12], [https://link.springer.com/chapter/10.1007%2F978-3-030-63595-4_10 SMR20]). | ||
− | * Cryptographic protocol analysis: [http://maude.cs.illinois.edu/w/index.php/Maude_Tools:_Maude-NPA Maude-NPA] has analyzed many protocols and crypto-APIs modulo algebraic properties, like [ | + | * Cryptographic protocol analysis: [http://maude.cs.illinois.edu/w/index.php/Maude_Tools:_Maude-NPA Maude-NPA] has analyzed many protocols and crypto-APIs modulo algebraic properties, like Yubikey&YubiHSM ([https://easychair.org/publications/paper/qkkq GAEMM18]), IBM’s CCA ([https://link.springer.com/chapter/10.1007/978-3-319-14054-4_8 GSEMM14]), and PCKS#11 ([https://link.springer.com/chapter/10.1007/978-3-319-27152-1_5 GSEMM15]), using unification and symbolic reachability. [https://tamarin-prover.github.io/ Tamarin], resp. [https://github.com/akiss/akiss AKISS], use Maude’s unification to analyze protocols like 5G-AKA (https://people.cispa.io/cas.cremers/tamarin/5G/ DC18), resp. RFID ([https://link.springer.com/chapter/10.1007/978-3-319-66399-9_1 GK17]). |
+ | |||
* Network protocols: AER/NCA active networks, MANETS, BGP; DDoS-Intruder models; and DDoS protection: ASV, Stable Availability, VoIP-SIP, using [http://maude.cs.uiuc.edu/tools/pvesta/ Maude’s statistical model checking (SMC) tool]. | * Network protocols: AER/NCA active networks, MANETS, BGP; DDoS-Intruder models; and DDoS protection: ASV, Stable Availability, VoIP-SIP, using [http://maude.cs.uiuc.edu/tools/pvesta/ Maude’s statistical model checking (SMC) tool]. | ||
* Cloud transaction system formalization and analysis: Cassandra, Google’s Megastore, P-Store, etc., using SMC. | * Cloud transaction system formalization and analysis: Cassandra, Google’s Megastore, P-Store, etc., using SMC. |
Revision as of 20:04, 20 December 2020
Maude and its formal tools have been used in many pioneering applications:
- Formal definition and verification of programming and hardware, resp. software, modeling languages: full C (ER12), Java (FCMR04), JVM (FMR04), NASA’s PLEXIL (RCMS12), Verilog (MKMR10), E-LOTOS (V02, VM05), UML (CE06, DRMA14), MOF (BM10), ODP (DV03, DRV05, RVD07), AADL (BOM14), Ptolemy (BOFLT14), and BPMN (DS17, DRS18).
- Browser security: uncovering 12 kinds of unknown attacks on Internet Explorer (CMSWW07), and design and verification of the secure-by-construction Illinois’s IBOS browser (SKMT12, SMR20).
- Cryptographic protocol analysis: Maude-NPA has analyzed many protocols and crypto-APIs modulo algebraic properties, like Yubikey&YubiHSM (GAEMM18), IBM’s CCA (GSEMM14), and PCKS#11 (GSEMM15), using unification and symbolic reachability. Tamarin, resp. AKISS, use Maude’s unification to analyze protocols like 5G-AKA (https://people.cispa.io/cas.cremers/tamarin/5G/ DC18), resp. RFID (GK17).
- Network protocols: AER/NCA active networks, MANETS, BGP; DDoS-Intruder models; and DDoS protection: ASV, Stable Availability, VoIP-SIP, using Maude’s statistical model checking (SMC) tool.
- Cloud transaction system formalization and analysis: Cassandra, Google’s Megastore, P-Store, etc., using SMC.
- Analysis of real-time and cyber-physical systems: CASH scheduling, sensor and MANET networks, timed security protocols, PALS transformation from synchronous to correct distributed real-time systems enables model checking of complex models such as AADL and Ptolemy models and distributed control of airplane maneuvers.
- Models of cell signaling used to explain drug effects, identify pathogen attack surfaces, etc.
- Specification and analysis of models of Concurrency: Petri Nets, CCS, pi-Calculus, Actors, REO, Orc.
- Logical framework applications to prototype logics and build and interoperate theorem provers: Barendregt’s lambda-cube, linear logic, modal logics, computational algebraic geometry, Maude’s Church-Rosser Checker and Inductive and Reachability Logic theorem provers, HOL-to-Nuprl translator, integration of logic and deep-learning, etc. These applications use meta-level, search, and symbolic features.