Model Checkers Are Cool: How to Model Check Voting Protocols in Uppaal
This work addresses the problem of ensuring security and correctness in e-voting systems for developers and researchers, but it is incremental as it applies an existing tool to a specific domain.
The authors tackled the challenge of designing e-voting systems by proposing the use of the Uppaal model checker for modeling and preliminary verification, demonstrating this with a model of the Prêt à Voter protocol and verifying a variant of receipt-freeness despite language limitations.
The design and implementation of an e-voting system is a challenging task. Formal analysis can be of great help here. In particular, it can lead to a better understanding of how the voting system works, and what requirements on the system are relevant. In this paper, we propose that the state-of-art model checker Uppaal provides a good environment for modelling and preliminary verification of voting protocols. To illustrate this, we present an Uppaal model of Prêt à Voter, together with some natural extensions. We also show how to verify a variant of receipt-freeness, despite the severe limitations of the property specification language in the model checker.