Elvinia Riccobene

Roberto Metere, Mario Lilli, Luca Arnaboldi et al.

The latest Wi-Fi security standard, IEEE 802.11, includes a secure authentication protocol called SAE, whose use is mandatory for WPA3-Personal networks. The protocol is specified at two separate but linked levels: a traditional cryptographic description of the communication logic between network devices, and a state machine description that realises the former in each single device. Current formal verification efforts focus mainly on communication logic. We present detailed formal models of the protocol at both levels, provide precise specifications of its security properties, and analyse machine-checked proofs in ProVerif and ASMETA. The integrated analysis of the above two models is particularly novel, enabling us to identify and address several issues in the current IEEE 802.11 specification more thoroughly than would have been possible otherwise, leading to several official revisions of the standard.

Andrea Bombarda, Silvia Bonfanti, Angelo Gargantini et al.

Rigorous development processes aim to be effective in developing critical systems, especially if failures can have catastrophic consequences for humans and the environment. Such processes generally rely on formal methods, which can guarantee, thanks to their mathematical foundation, model preciseness, and properties assurance. However, they are rarely adopted in practice. In this paper, we report our experience in using the Abstract State Machine formal method and the ASMETA framework in developing a prototype of the control software of the MVM (Mechanical Ventilator Milano), a mechanical lung ventilator that has been designed, successfully certified, and deployed during the COVID-19 pandemic. Due to time constraints and lack of skills, no formal method was applied for the MVM project. However, we here want to assess the feasibility of developing (part of) the ventilator by using a formal method-based approach. Our development process starts from a high-level formal specification of the system to describe the MVM main operation modes. Then, through a sequence of refined models, all the other requirements are captured, up to a level in which a C++ implementation of a prototype of the MVM controller is automatically generated from the model, and tested. Along the process, at each refinement level, different model validation and verification activities are performed, and each refined model is proved to be a correct refinement of the previous level. By means of the MVM case study, we evaluate the effectiveness and usability of our formal approach.

Paolo Arcaini, Riccardo Melioli, Elvinia Riccobene

Abstract State Machines (ASMs) have shown to be a suitable high-level specification method for complex, even industrial, systems; the ASMETA framework, supporting several validation and verification activities on ASM models, is an example of a formal integrated development environment. Although ASMs allow modeling complex systems in a rather concise way -and this is advantageous for specification purposes-, such concise notation is in general a problem for verification activities as model checking and theorem proving that rely on tools accepting simpler notations. In this paper, we propose a flattener tool integrated in the ASMETA framework that transforms a general ASM model in a flattened model constituted only of update, parallel, and conditional rules; such model is easier to map to notations of verification tools. Experiments show the effect of applying the tool to some representative case studies of the ASMETA repository.

Elvinia Riccobene

This volume contains the extended abstracts of the contributions presented at EclipseIT 2013, the 8th workshop of the Italian Eclipse Community, hosted by the Computer Science Department of the University of Milan (Crema Campus) on September 19-20, 2013. Although Eclipse was initially designed as an integrated development environment (IDE) for object-oriented application development, today it represents an open development platform comprised of extensible frameworks, tools and runtimes for building, deploying and managing software. Around Eclipse, an international live community continuously works on improving the framework and on promoting the use of Eclipse. That happens also in Italy. This workshop is, indeed, the eighth yearly meeting of the Italian Eclipse Community which includes universities, public institutions and industries, researchers and practitioners, students and professionals, all joined by the interest in experimenting, extending, and supporting the Eclipse platform. The special topic of this edition is the Software cooperative development for mobile applications. Two tutorials are offered on this theme: (1) Sviluppo di applicazioni enterprise per il mobile con IBM Jazz, Eclipse e Worklight by Ferdinando Gorga from IBM, and (2) Uso di Eclipse per lo sviluppo cooperativo del software, by Paolo Maresca of the University of Naples, Federico II.