formal verification of the implementation of the mqtt
play

Formal verification of the implementation of the MQTT protocol in - PowerPoint PPT Presentation

Nov 22, 2022 •137 likes •476 views

Formal verification of the implementation of the MQTT protocol in IoT devices Kristiyan Mladenov University of Amsterdam Faculty of Physics, Mathematics and Informatics MSc System and Network Engineering Research Project 2 July 3, 2017 1 /

  1. Formal verification of the implementation of the MQTT protocol in IoT devices Kristiyan Mladenov University of Amsterdam Faculty of Physics, Mathematics and Informatics MSc System and Network Engineering Research Project 2 July 3, 2017 1 / 18

  2. Introduction • Mirai botnet producing one of the largest DDoS attacks ever. • We can also talk about botnet ”wars”. • Compromise due to human error. 2 / 18

  3. IoT testing • Rapid7 IoT Security Testing Methodology • OWASP IoT Top 10 • IoT Inspector (SEC Technologies) 3 / 18

  4. IoT testing • Rapid7 IoT Security Testing Methodology • OWASP IoT Top 10 • IoT Inspector (SEC Technologies) What would happen if we dig deeper? • One of the main goals of the IoT devices is to exchange data using some message exchange mechanism. • How can we assure a proper protocol implementation? • Could we make sure that it is correct in a more formal way? 3 / 18

  5. Protocol of choice MQTT Message Queue Telemetry Transport • Designed for message transfer with small code footprint and limited bandwidth in mind. • First version was available in 1999. Version 3.1.1 is standardised by OASIS (2014) and ISO (2016). 4 / 18

  6. Protocol of choice MQTT Message Queue Telemetry Transport • Designed for message transfer with small code footprint and limited bandwidth in mind. • First version was available in 1999. Version 3.1.1 is standardised by OASIS (2014) and ISO (2016). • Publish/Subscribe communication mechanism similar to IRC. • Adds the concept of Last Will and QoS. 4 / 18

  7. MQTT use cases MQTT is implemented in: • The backend of The Things Network (LoRa) • AWS IoT, Google Cloud IoT 5 / 18

  8. MQTT use cases MQTT is implemented in: • The backend of The Things Network (LoRa) • AWS IoT, Google Cloud IoT Applications that use MQTT • Fitness trackers, Medical equipment, ATM machines • Implemented by Deutsche Bahn (DB) • Facebook Messenger (Unconfirmed) 5 / 18

  9. Research Question Can the MQTT protocol implementation in IoT devices be verified formally? Subquestions • What methods can be used to formally assess the implementation of a communication protocol? • Using the chosen formal testing methods, does the MQTT implementation in certain selected IoT devices adhere to the standard? 6 / 18

  10. Related Work From some of the major standardisation organisations: • ISO/IEC 9646 - Conformance testing methodology and framework. 7 / 18

  11. Related Work From some of the major standardisation organisations: • ISO/IEC 9646 - Conformance testing methodology and framework. Not open • Testing and Test Control Notation version 3 (TTCN-3) included in part 3 of the above. Formal Description Technique as of ITU-T Z.160 - Z.179 7 / 18

  12. Related Work From some of the major standardisation organisations: • ISO/IEC 9646 - Conformance testing methodology and framework. Not open • Testing and Test Control Notation version 3 (TTCN-3) included in part 3 of the above. Formal Description Technique as of ITU-T Z.160 - Z.179 Relevant scientific research: 7 / 18

  13. Related Work From some of the major standardisation organisations: • ISO/IEC 9646 - Conformance testing methodology and framework. Not open • Testing and Test Control Notation version 3 (TTCN-3) included in part 3 of the above. Formal Description Technique as of ITU-T Z.160 - Z.179 Relevant scientific research: • Mapping TTCN to Labelled Transition Systems. 7 / 18

  14. Related Work From some of the major standardisation organisations: • ISO/IEC 9646 - Conformance testing methodology and framework. Not open • Testing and Test Control Notation version 3 (TTCN-3) included in part 3 of the above. Formal Description Technique as of ITU-T Z.160 - Z.179 Relevant scientific research: • Mapping TTCN to Labelled Transition Systems. • Finite State Machines and TTCN successfully used to verify IIoT protocol implementations. 7 / 18

  15. Related Work From some of the major standardisation organisations: • ISO/IEC 9646 - Conformance testing methodology and framework. Not open • Testing and Test Control Notation version 3 (TTCN-3) included in part 3 of the above. Formal Description Technique as of ITU-T Z.160 - Z.179 Relevant scientific research: • Mapping TTCN to Labelled Transition Systems. • Finite State Machines and TTCN successfully used to verify IIoT protocol implementations. There is a tool for every approach 7 / 18

  16. Related Work From some of the major standardisation organisations: • ISO/IEC 9646 - Conformance testing methodology and framework. Not open • Testing and Test Control Notation version 3 (TTCN-3) included in part 3 of the above. Formal Description Technique as of ITU-T Z.160 - Z.179 Relevant scientific research: • Mapping TTCN to Labelled Transition Systems. • Finite State Machines and TTCN successfully used to verify IIoT protocol implementations. There is a tool for every approach • The testing to follow is focused on Eclipse Titan. 7 / 18

  17. MQTT Packet Structure 7 6 5 4 3 2 1 0  Control Packet Type QoS DUP Retain     Fixed Remaining Length Header     · · · � Variable · · · Header � Payload · · · Figure: MQTT Packet structure 8 / 18

  18. Example test [MQTT-2.3.1-1] SUBSCRIBE, UNSUBSCRIBE, and PUBLISH (in cases where QoS > 0) Control Packets MUST contain a non-zero 16-bit Packet Identifier. Client Server CONNECT CONNACK PUBLISH PUBACK Figure: Test execution flowgraph Figure: Publish with Packet ID 0 9 / 18

  19. Room for improvement Writing is nature‘s way of letting you know how sloppy your thinking is. 1 1 Dick Guidon 10 / 18

  20. Room for improvement Writing is nature‘s way of letting you know how sloppy your thinking is. 1 • Translating a specification from natural to formal language is prone to errors. • How can we safely come up with new values for the tests? • If the specification is defined in a formal language, testing might be easier. 1 Dick Guidon 10 / 18

  21. Intermezzo The Die Hard challenge 2 • You have two buckets – 3 litres – 5 litres • You have an infinite amount of water. • You can waste as much water as you want. • How do you fill the large bucket with exactly 4 litres? 2 https: //github.com/tlaplus/Examples/tree/master/specifications/DieHard 11 / 18

  22. Intermezzo approach (enter TLA+) 12 / 18

  23. Intermezzo approach (enter TLA+) 12 / 18

  24. TLA+ model of a simple MQTT keepalive • Define different invariant in the TLA+ model checker. • Observe the behaviour of the model; relax constraints if necessary. • Map the observed behaviour in terms of TTCN-3 tests. • The problem of translating natural to formal language is still not solved. Figure: TLA+ simplified keepalive 13 / 18

  25. Results What follows is a list of the normative requirements and how do the tested implementations conform to them. Normative Requirements � �� � 3.1.0-1b 3.1.0-1a 3.1.2-24 3.12.4-1 2.3.1-1 3.1.0-2 3.1.2-2 3.1.3-8 3.3.1-4 3.6.1-1 3.8.1-1 3.8.3-4 2.2.2 Mosquitto X � � � � � � � � � � � � Emqtt X X � � � X � � � X X � � RabbitMQ X X � � � X � � � X � � � 14 / 18

  26. Results What follows is a list of the normative requirements and how do the tested implementations conform to them. Normative Requirements � �� � 3.1.0-1b 3.1.0-1a 3.1.2-24 3.12.4-1 2.3.1-1 3.1.0-2 3.1.2-2 3.1.3-8 3.3.1-4 3.6.1-1 3.8.1-1 3.8.3-4 2.2.2 Mosquitto X � � � � � � � � � � � � Emqtt X X � � � X � � � X X � � RabbitMQ X X � � � X � � � X � � � 14 / 18

  27. Conclusion • There are plenty of ways to model the implementation of a communication protocol, using Finite State Machines, Labelled Transition Systems, even Set Theory and First Order Logic. 15 / 18

  28. Conclusion • There are plenty of ways to model the implementation of a communication protocol, using Finite State Machines, Labelled Transition Systems, even Set Theory and First Order Logic. • Using the TTCN-3 language, three different MQTT implementations were tested and inconsistencies with the specification were found. 15 / 18

  29. Conclusion • There are plenty of ways to model the implementation of a communication protocol, using Finite State Machines, Labelled Transition Systems, even Set Theory and First Order Logic. • Using the TTCN-3 language, three different MQTT implementations were tested and inconsistencies with the specification were found. • Those inconsistencies can be used to fingerprint and identify implementations. 15 / 18

  30. Conclusion • There are plenty of ways to model the implementation of a communication protocol, using Finite State Machines, Labelled Transition Systems, even Set Theory and First Order Logic. • Using the TTCN-3 language, three different MQTT implementations were tested and inconsistencies with the specification were found. • Those inconsistencies can be used to fingerprint and identify implementations. As a side note, adhering to the standard does not mean that a device is secure, especially in the cases of bad protocol design. 15 / 18

Recommend

Formal verification of an implementation of CRT-RSA Vigilants algorithm Maria CHRISTOFI Joint

Formal verification of an implementation of CRT-RSA Vigilants algorithm Maria CHRISTOFI Joint

Formal verification of an implementation of CRT-RSA Vigilants algorithm Maria CHRISTOFI Joint work with Boutheina CHETALI, Louis GOUBIN and David VIGILANT PROOFS 2012, September 13 th 2012 Introduction Implementations of cryptosystems can

612 views • 29 slides
Model-Checking Acknowledgment Formal Verification Formal verification means to apply

Model-Checking Acknowledgment Formal Verification Formal verification means to apply

Model-Checking Acknowledgment Formal Verification Formal verification means to apply mathematical arguments to prove the correctness of systems Systems have bugs Formal verification aims to find and correct such bugs Why? Computer systems

1.42k views • 122 slides
Formal Verification and Computer Architecture A Validated Formal Model of the x86 ISA for

Formal Verification and Computer Architecture A Validated Formal Model of the x86 ISA for

Formal Verification and Computer Architecture A Validated Formal Model of the x86 ISA for Analyzing Computing Systems Shilpi Goel shilpi@centtech.com Formal Verification Engineer Centaur Technology, Inc. Software and Reliability Can we rely

1.14k views • 78 slides
Formal Hardware Verification: getting started Mary Sheeran Making Formal Verification work Aim

Formal Hardware Verification: getting started Mary Sheeran Making Formal Verification work Aim

Formal Hardware Verification: getting started Mary Sheeran Making Formal Verification work Aim for automation (bit level) Find niches where formal methods work well Use assertions/ properties first in sim. and then in FV (the acronym is ABV,

1.14k views • 65 slides
Formal Verification in Industry John Harrison Intel Corporation The cost of bugs Formal

Formal Verification in Industry John Harrison Intel Corporation The cost of bugs Formal

Formal Verification in Industry 1 Formal Verification in Industry John Harrison Intel Corporation The cost of bugs Formal verification Machine-checked proof Automatic and interactive approaches HOL Light Floating point

366 views • 25 slides
Formal Verification of Floating-Point Arithmetic John Harrison Intel Corporation Formal

Formal Verification of Floating-Point Arithmetic John Harrison Intel Corporation Formal

Formal Verification of Floating-Point Arithmetic 1 Formal Verification of Floating-Point Arithmetic John Harrison Intel Corporation Formal verification Machine-checked proof Automatic and interactive approaches HOL Light

539 views • 19 slides
Formal Specification, Verification, and Implementation of Fault-Tolerant Systems using EventML

Formal Specification, Verification, and Implementation of Fault-Tolerant Systems using EventML

Formal Specification, Verification, and Implementation of Fault-Tolerant Systems using EventML Vincent Rahli, David Guaspari, Mark Bickford and Robert L. Constable http://www.nuprl.org October 7, 2015 Vincent Rahli EventML October 7, 2015

540 views • 24 slides
Formal Verification of Mathematical Algorithms John Harrison Intel Corporation The cost of

Formal Verification of Mathematical Algorithms John Harrison Intel Corporation The cost of

Formal Verification of Mathematical Algorithms 1 Formal Verification of Mathematical Algorithms John Harrison Intel Corporation The cost of bugs Formal verification Levels of verification HOL Light Formalizing mathematics

353 views • 19 slides
Formal Verification of RISC-V cores with riscv-formal Clifford Wolf CTO, Symbiotic EDA

Formal Verification of RISC-V cores with riscv-formal Clifford Wolf CTO, Symbiotic EDA

Formal Verification of RISC-V cores with riscv-formal Clifford Wolf CTO, Symbiotic EDA http://www.clifford.at/papers/2018/riscv-formal/ About assertion based formal verification (formal ABV) Assertion based verification (ABV) Uses

781 views • 39 slides
Formal Verification with Yosys-SMTBMC Clifford Wolf Yosys Flows Synthesis Formal

Formal Verification with Yosys-SMTBMC Clifford Wolf Yosys Flows Synthesis Formal

Formal Verification with Yosys-SMTBMC Clifford Wolf Yosys Flows Synthesis Formal Verification Yosys-STMBMC iCE40 FPGAs Bounded Model Checking (Project IceStorm) Using any SMT-LIB2 solver (using QF_AUFBV logic) Xilinx

707 views • 56 slides
Towards Formal Verification in Cryptographic Web Applications A Three Year Evolution Nadim

Towards Formal Verification in Cryptographic Web Applications A Three Year Evolution Nadim

Towards Formal Verification in Cryptographic Web Applications A Three Year Evolution Nadim Kobeissi PROSECCO: Pro gramming Sec urely with C rypt o graphy. Team at INRIA Paris specializing in applied cryptography and formal verification.

357 views • 14 slides
Formal Specification and Verification Formal specification (2) 29.11.2016 Viorica

Formal Specification and Verification Formal specification (2) 29.11.2016 Viorica

Formal Specification and Verification Formal specification (2) 29.11.2016 Viorica Sofronie-Stokkermans e-mail: sofronie@uni-koblenz.de 1 Until now Logic Formal specification (generalities) Algebraic specification 2 Formal

627 views • 19 slides
Formal Specification and Verification Formal specification (2) 6.12.2016 Viorica

Formal Specification and Verification Formal specification (2) 6.12.2016 Viorica

Formal Specification and Verification Formal specification (2) 6.12.2016 Viorica Sofronie-Stokkermans e-mail: sofronie@uni-koblenz.de 1 Until now Logic Formal specification (generalities) Algebraic specification Transition systems 2

798 views • 62 slides
Formal Verification and Testing for Formal Verification and Testing for Reactive Systems

Formal Verification and Testing for Formal Verification and Testing for Reactive Systems

ARTIST2 - ARTIST2 - MOTIVES MOTIVES Trento - - Italy, February 19 Italy, February 19- -23, 2007 23, 2007 Trento Session: Testing and Runtime Verification Formal Verification and Testing for Formal Verification and Testing for Reactive

881 views • 31 slides
Machine Learning in Formal Verification Manish Pandey, PhD Chief Architect, New Technologies

Machine Learning in Formal Verification Manish Pandey, PhD Chief Architect, New Technologies

Machine Learning in Formal Verification Manish Pandey, PhD Chief Architect, New Technologies Synopsys, Inc. June 18, 2017 1 Build Better Formal Verification Tools? CAR BICYCLE DOG S oftware that learns from experience and enables

767 views • 40 slides
Formal Verification with SymbiYosys and Yosys-SMTBMC Clifford Wolf Availability of various EDA

Formal Verification with SymbiYosys and Yosys-SMTBMC Clifford Wolf Availability of various EDA

Formal Verification with SymbiYosys and Yosys-SMTBMC Clifford Wolf Availability of various EDA tools for students, hobbyists, enthusiasts FPGA Synthesis Formal Verification Free to use: Free to use: Xilinx Vivado WebPack,

819 views • 49 slides
Formal Verification via MCMAS & PRISM Hongyang Qu University of Sheffield 1 December 2015

Formal Verification via MCMAS & PRISM Hongyang Qu University of Sheffield 1 December 2015

Formal Verification via MCMAS & PRISM Hongyang Qu University of Sheffield 1 December 2015 Outline Motivation for Formal Verification Overview of MCMAS Overview of PRISM Formal verification It is a systematic way to check

461 views • 34 slides
Formal Specification and Verification 8.11.2016 Viorica Sofronie-Stokkermans e-mail:

Formal Specification and Verification 8.11.2016 Viorica Sofronie-Stokkermans e-mail:

Formal Specification and Verification 8.11.2016 Viorica Sofronie-Stokkermans e-mail: sofronie@uni-koblenz.de 1 Mathematical foundations Formal logic: Syntax: a formal language (formula expressing facts) Semantics: to define the meaning

740 views • 54 slides
Formal Verification of Masked Implementations Sonia Bela d Benjamin Gr egoire CHES 2018

Formal Verification of Masked Implementations Sonia Bela d Benjamin Gr egoire CHES 2018

Formal Verification of Masked Implementations Sonia Bela d Benjamin Gr egoire CHES 2018 - Tutorial September 9th 2018 1 / 47 1 Side-Channel Attacks and Masking 2 Formal Tools for Verification at Fixed Order 3 Formal Tools

1.24k views • 97 slides
Formal Specification and Verification 23.04.2013 Viorica Sofronie-Stokkermans e-mail:

Formal Specification and Verification 23.04.2013 Viorica Sofronie-Stokkermans e-mail:

Formal Specification and Verification 23.04.2013 Viorica Sofronie-Stokkermans e-mail: sofronie@uni-koblenz.de 1 Mathematical foundations Formal logic: Syntax: a formal language (formula expressing facts) Semantics: to define the

811 views • 68 slides
Theorem Proving for Verification John Harrison Intel Corporation CAV 2008 Princeton 9th July

Theorem Proving for Verification John Harrison Intel Corporation CAV 2008 Princeton 9th July

Theorem Proving for Verification John Harrison Intel Corporation CAV 2008 Princeton 9th July 2008 0 Formal verification Formal verification: mathematically prove the correctness of a design with respect to a mathematical formal specification

570 views • 53 slides
Formal Formal Specif Specification ication and Verific and Verification ation of Solid of

Formal Formal Specif Specification ication and Verific and Verification ation of Solid of

Presented at FMBC 2020 Formal Formal Specif Specification ication and Verific and Verification ation of Solid of Solidity ity Contracts Contracts with E with Events vents kos Hajdu 1 , Dejan Jovanovi 2 , Gabriela Ciocarlie 2 1

298 views • 14 slides
Formal verification of IA-64 division algorithms John Harrison Intel Corporation IA-64

Formal verification of IA-64 division algorithms John Harrison Intel Corporation IA-64

Formal verification of IA-64 division algorithms 1 Formal verification of IA-64 division algorithms John Harrison Intel Corporation IA-64 overview Quick introduction to HOL Light Floating point numbers and IA-64 formats HOL

451 views • 19 slides
Formal Methods Chapter 21 Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide

Formal Methods Chapter 21 Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide

Formal Methods Chapter 21 Computer Security: Art and Science , 2 nd Edition Version 1.0 Slide 21-1 Outline Formal verification techniques Design verification languages Bell-LaPadula and SPECIAL Current verification systems

911 views • 63 slides

More recommend