Learn More
FDR3 is a complete rewrite of the CSP refinement checker FDR2, incorporating a significant number of enhancements. In this paper we describe the operation of FDR3 at a high level and then give a detailed description of several of its more important innovations. This includes the new multi-core refinement-checking algorithm that is able to achieve a near(More)
In this paper we report on a successful extension to the CSP refinement checker FDR3 that permits it to run on clusters of machines. We demonstrate that it is able to scale linearly up to clusters of 64 16-core machines (i.e. 1024 cores), achieving an overall speed-up of over 1000 relative to the sequential case. Further, this speed-up was observed both on(More)
Many security protocols are built as the composition of an applicationlayer protocol and a secure transport protocol, such as TLS. There are many approaches to proving the correctness of such protocols. One popular approach is verification by abstraction, in which the correctness of the application-layer protocol is proven under the assumption that the(More)
Failures divergence refinement 3 (FDR3) is a complete rewrite of the CSP refinement checker FDR2 that incorporates a significant number of enhancements. In this paper, we describe the operation of FDR3 at a high level and give a detailed description of several of the more important innovations. FDR3 has a new parallel refinement-checking algorithm that is(More)
There are many approaches to proving the correctness of application-layer protocols that are layered on secure transport protocols , such as TLS. One popular approach is verification by abstraction, in which the correctness of the application-layer protocol is proven under the assumption that the transport layer satisfies certain properties. Following this(More)
Technology is present in every area of our lives and, for many, life without it has become unthinkable. As a consequence of this dependence and the extent to which technology devices (computers, tablets and smartphones) are being used for work and social activities, a clear coupling between devices and their owners can now be observed. By coupling, we(More)
We build upon established techniques of deadlock analysis by formulating a new sound but incomplete framework for deadlock freedom analysis that tackles some sources of imprecision of current incomplete techniques. Our new deadlock candidate criterion is based on constraints derived from the analysis of the state space of pairs of components. This new(More)