Formal Specification and Verification of the Intrusion-Tolerant Enclaves Protocol

Mohamed Layouni, Jozef Hooman, and Sofiene Tahar

International Journal of Network Security Volume 5, Number 3, pages 288-298, 2007.


We demonstrate the application of formal methods to the verification of intrusion-tolerant agreement protocols that have a distributed leadership and can tolerate Byzantine faults. As an interesting case study, the Enclaves group-membership protocol has been verified using two techniques: model checking and theorem proving. We use the model checker Murphi to prove the correctness of authentication, and the interactive theorem prover PVS to formally specify and verify Byzantine agreement, termination of agreement, and integrity.

pdf of journal       -       local pdf copy