This document discusses colored Petri nets (CP-nets) and their applications. CP-nets combine Petri nets with programming languages to model systems involving concurrency, communication, and resource sharing. They allow for simulation and formal verification. The document provides examples of CP-net applications in various domains including protocols, software, hardware, control systems, and military systems. It also describes how CP-net models can be used to automatically generate code for system implementations.
This is a short presentation on Vertex Cover Problem for beginners in the field of Graph Theory...
Download the presentation for a better experience...
Planar graph( Algorithm and Application )Abdullah Moin
A graph is said to be planar if it can be drawn in a plane so that no edge cross. Example: The graph shown in fig is a planar graph. Region of a Graph: Consider a planar graph G=(V, E). A region is defined to be an area of the plane that is bounded by edges and cannot be further subdivided.
This is a short presentation on Vertex Cover Problem for beginners in the field of Graph Theory...
Download the presentation for a better experience...
Planar graph( Algorithm and Application )Abdullah Moin
A graph is said to be planar if it can be drawn in a plane so that no edge cross. Example: The graph shown in fig is a planar graph. Region of a Graph: Consider a planar graph G=(V, E). A region is defined to be an area of the plane that is bounded by edges and cannot be further subdivided.
Regular expressions are used to identify whether a pattern exists in a given sequence of characters (string) or not. They help in manipulating textual data, which is often a pre-requisite for data science projects that involve text mining. You must have come across some application of regular expressions: they are used at the server side to validate the format of email addresses or password during registration, used for parsing text data files to find, replace or delete certain string, etc.
A Preliminary Study on Architecting Cyber-Physical SystemsHenry Muccini
This presentation helps to understand our paper, presented at the 1st Workshop on Software Architectures for Cyber Physical Systems, presented at the SANCS2015 workshop (http://www.mrtc.mdh.se/SANCS15/).
ABSTRACT:
Cyber-physical systems (CPSs) are deemed as the key enablers of next generation applications. Needless to say, the design, verification and validation of cyber-physical systems reaches unprecedented levels of complexity, specially due to their sensibility to safety issues. Under this perspective, leveraging architectural descriptions to reason on a CPS seems to be the obvious way to manage its inherent complexity.
A body of knowledge on architecting CPSs has been proposed in the past years. Still, the trends of research on architecting CPS is unclear. In order to shade some light on the state-of-the art in architecting CPS, this paper presents a preliminary study on the challenges, goals, and solutions reported so far in architecting CPSs.
Regular expressions are used to identify whether a pattern exists in a given sequence of characters (string) or not. They help in manipulating textual data, which is often a pre-requisite for data science projects that involve text mining. You must have come across some application of regular expressions: they are used at the server side to validate the format of email addresses or password during registration, used for parsing text data files to find, replace or delete certain string, etc.
A Preliminary Study on Architecting Cyber-Physical SystemsHenry Muccini
This presentation helps to understand our paper, presented at the 1st Workshop on Software Architectures for Cyber Physical Systems, presented at the SANCS2015 workshop (http://www.mrtc.mdh.se/SANCS15/).
ABSTRACT:
Cyber-physical systems (CPSs) are deemed as the key enablers of next generation applications. Needless to say, the design, verification and validation of cyber-physical systems reaches unprecedented levels of complexity, specially due to their sensibility to safety issues. Under this perspective, leveraging architectural descriptions to reason on a CPS seems to be the obvious way to manage its inherent complexity.
A body of knowledge on architecting CPSs has been proposed in the past years. Still, the trends of research on architecting CPS is unclear. In order to shade some light on the state-of-the art in architecting CPS, this paper presents a preliminary study on the challenges, goals, and solutions reported so far in architecting CPSs.
Impact of Agricultural Value Chains on Digital LiquidityITU
Technical Report of ITU-T Focus Group on Digital Financial Services :
Impact of Agricultural Value Chains on Digital
Liquidity
Authored by T. Hardy Jackson and Allen Weinberg
Promoting accountability in agricultural investment chains: an introductionIIED
On 11 September, 2015, the legal tools team of the International Institute for Environment and Development hosted a webinar to discuss how communities groups can take action to get increased accountability in agricultural investment chains.
This presentation, by IIED senior researcher Philippine Sutz, introduced the webinar and the notion of investment chains, addressing why it matters and the work IIED has been doing on the subject so far.
More details: www.iied.org/legaltools
Presentation given at the International Conference on
Application and Theory of Petri Nets and Concurrency 2014, in Tunis, Tunisia. You can find the paper manuscript at http://edmundo.lopezbobeda.net/publications .
Promoting accountability in agricultural investment chains: lessons from prac...IIED
On 11 September, 2015, the legal tools team of the International Institute for Environment and Development hosted a webinar to discuss how communities groups can take action to get increased accountability in agricultural investment chains.
This presentation, by guest presenter David Pred, of Inclusive Development International (IDI), examined some of the pressure points in investment chains, and drew lessons from case studies on the Cambodian clean sugar campaign.
More details: www.iied.org/legaltools
Invited talk held by Karsten Wolf on June 26, 2007 on the 28th International Conference on Application and Theory of Petri Nets and Other Models of Concurrency (PETRI NETS 2007) in Siedlce, Poland.
Cellular Automata Models of Social ProcessesSSA KPI
AACIMP 2010 Summer School lecture by Alexander Makarenko. "Applied Mathematics" stream. "General Tasks and Problems of Modelling of Social Systems. Problems and Models in Sustainable Development" course. Part 7.
More info at http://summerschool.ssa.org.ua
This presentation by Coralie David explains why responsible agricultural supply chains are important and how to promote them. It forms part of the OECD's broader work on responsible business conduct as embodied in the OECD Guidelines for Multinational Enterprises.
Read more about OECD work on responsible business conduct along agricultural supply chains at: http://mneguidelines.oecd.org/rbc-agriculture-supply-chains.htm.
Accounting for gender-related structures of agricultural value chainsIFPRI-PIM
Presentation by Tanguy Bernard, Senior Research Fellow, IFPRI, made during the “International value chains in agriculture: challenges and opportunities to address gender inequalities” session at the WTO PUBLIC FORUM 2016
Tech Jam 2015: Robotics, CPS and Innovation:It’s How We Make Our LivingUS-Ignite
Richard Voyles, Assistant Director Robotics and Cyber Physical Systems Office of Science and Technology Policy
Executive Office of the President presents information on the tech policy for robotics and CPS innovations.
An Approach for Project Scheduling Using PERT/CPM and Petri Nets (PNs) ToolsIJMER
International Journal of Modern Engineering Research (IJMER) is Peer reviewed, online Journal. It serves as an international archival forum of scholarly research related to engineering and science education.
Summit 16: The Hitchhiker/Hacker's Guide to NFV BenchmarkingOPNFV
The landscape of emerging NFV benchmarking can be very confusing to navigate for anybody who is not immersed in the relevant industry communities. There are specifications, standards and methodologies as well as frameworks, test-cases, traffic-profiles, KPIs, metrics, traffic generators with open-source and proprietary tools. Furthermore platform characterization includes VNFs, the VNFI as well as network controllers and managers all which have an impact on performance. This presentation will increase your NFV benchmarking IQ by explaining the history and state-of-art NFV benchmarking in ETSI NFV, IETF, OPNFV with examples of recent results. For anybody not actively working in benchmarking groups across NFV industry forums this presentation is sure to get your performance pulse racing.
DevOps Continuous Testing and LaaS – The Perfect Match for SDNSailaja Tennati
Without continuous testing there is no continuous delivery. Everyone in DevOps talks about continuous integration and continuous delivery but those are just two ends of the DevOps pipeline. In the middle of DevOpsis continuous testing (CT), and many organizations are struggling to implement continuous testing effectively. Lab-As-A- Service (LaaS) enhances CT with dynamic on-demand self-serve test topologies. CT together with LAAS make a powerful combination that perfectly serves complex software development and delivery pipelines.
Software Defined Networks (SDNs) turn the network into a flexible configurable system of software components and connections which is powerful but presents new complexities and challenges for network software development, delivery and deployments.
This talk explains how DevOps best practices for continuous testing when combined with LaaS are make an excellent combination to accelerate SDN realization and operations. The talk describes people, process and products required for SDN continuous testing and online self-service continuous lab and testing services.
CETPA INFOTECH PVT LTD is one of the IT education and training service provider brands of India that is preferably working in 3 most important domains. It includes IT Training services, software and embedded product development and consulting services.
You could be a professional graphic designer and still make mistakes. There is always the possibility of human error. On the other hand if you’re not a designer, the chances of making some common graphic design mistakes are even higher. Because you don’t know what you don’t know. That’s where this blog comes in. To make your job easier and help you create better designs, we have put together a list of common graphic design mistakes that you need to avoid.
Between Filth and Fortune- Urban Cattle Foraging Realities by Devi S Nair, An...Mansi Shah
This study examines cattle rearing in urban and rural settings, focusing on milk production and consumption. By exploring a case in Ahmedabad, it highlights the challenges and processes in dairy farming across different environments, emphasising the need for sustainable practices and the essential role of milk in daily consumption.
Book Formatting: Quality Control Checks for DesignersConfidence Ago
This presentation was made to help designers who work in publishing houses or format books for printing ensure quality.
Quality control is vital to every industry. This is why every department in a company need create a method they use in ensuring quality. This, perhaps, will not only improve the quality of products and bring errors to the barest minimum, but take it to a near perfect finish.
It is beyond a moot point that a good book will somewhat be judged by its cover, but the content of the book remains king. No matter how beautiful the cover, if the quality of writing or presentation is off, that will be a reason for readers not to come back to the book or recommend it.
So, this presentation points designers to some important things that may be missed by an editor that they could eventually discover and call the attention of the editor.
Top 5 Indian Style Modular Kitchen DesignsFinzo Kitchens
Get the perfect modular kitchen in Gurgaon at Finzo! We offer high-quality, custom-designed kitchens at the best prices. Wardrobes and home & office furniture are also available. Free consultation! Best Quality Luxury Modular kitchen in Gurgaon available at best price. All types of Modular Kitchens are available U Shaped Modular kitchens, L Shaped Modular Kitchen, G Shaped Modular Kitchens, Inline Modular Kitchens and Italian Modular Kitchen.
1. Colored Petri Nets Theory and Applications:
Modeling and Verifications of Protocols
Multimedia and Network Research Lab
CTI , DePaul University
Chicago, USA
11/8/2002
11/8/2002 MNLAB, CTI, DEPAUL 1
2. Main Points
Verification and Analysis Tools
Introduction to Petri Nets
Basic Concepts of Colored Petri Nets
Applications of CP-Nets
Analysis and Verifications of Security Protocols
• Definitions and Modeling Objects
• Using CP-Nets to Verify Security Protocols
Analysis and Verifications of STS Protocol
Conclusion & References
11/8/2002 MNLAB, CTI, DEPAUL 2
3. Verification Tools and Models
Verification Tools and Models
Finite State Machine
Brotus , Marrero , CMU
Petri Nets , Aarhus Univ. , DK
BAN Logic , California Univ.
Spi Calculus , Cambridge Univ.
Murphi , Stanford Univ.
The Non-interference [CCS and SPA] Approach
The Strand Spaces
LOTOS+CADP
Inductive Approach, Isabelle/HOL
Others
11/8/2002 MNLAB, CTI, DEPAUL 3
4. Why do we make these models?
Why do we make these models?
• We do make models to:
– learn new things about a system.
– verify correctness of a protocol or a system, absence of
deadlocks, etc.
– discover Bugs and Errors, remove bottlenecks
– try to simulate the system, because We do not have the
real recourses to implement
– measure the performance (as benchmark)
– check that the system design has certain expected
properties
EX. find insecure states or check if they are reachable…
11/8/2002 MNLAB, CTI, DEPAUL 4
5. Petri Nets:
a formal, graphical, executable technique for the
specification and analysis of concurrent, discrete-event
dynamic systems; More…… On Petri Nets
Formal:
The technique is mathematically well-defined. Many static and dynamic properties
of a Petri net may be mathematically proven
Graphical:
The technique belongs to a branch of mathematics called graph theory. A Petri net may be
represented graphically as well as mathematically. The ability to visualize structure and behavior of
a Petri net promotes understanding of the modeled system. Software tools exist which support
graphical construction and visualization
Executable:
A Petri net may be executed and the dynamic behavior observed graphically. Software tools exist
which automate execution
11/8/2002 MNLAB, CTI, DEPAUL 5
6. Petri Nets:
a formal, graphical, executable technique for the
specification and analysis of concurrent, discrete-event
dynamic systems; More…… On Petri Nets
Specification:
Specification
System requirements expressed and verified (by formal analysis) using the technique
constitute a formal system specification.
Analysis:
System specification is often an iterative process, with requirements initially poorly understood or ill-defined.
A specification in the form of a Petri net model may be formally analyzed against static and dynamic
system requirements. Visual feedback from the Petri net graph at each iteration of the specification
increases understanding of the requirements, highlights errors in the model (or sometimes the
requirements) and results in rapid convergence on a mathematically correct and consistent specification.
Software tools exist which support and automate analysis.
Concurrent:
The representation of multiple independent dynamic entities within a system is supported naturally by the
technique, making it highly suitable for capturing systems which exhibit concurrency, e.g., multi-agent
systems, distributed databases, client-server networks and modern telecommunications systems.
Discrete event dynamic system:
a system which may change state over time, based on current state and state-transition rules, and where
each state is separated from its neighbor by a step rather than a continuum of intermediate infinitesimal
states. Often falling into this classification are information systems, operating systems, networking
11/8/2002 banking systems, business processes and telecommunications systems
protocols, MNLAB, CTI, DEPAUL 6
7. Basic Definitions
Basic Definitions
In a formal way, A P-net is a tuple PN = (Ρ, Τ, Α, Ν )
• I P is a finite set of Places.
• II- T is a finite set of Transitions.
• III- A is a finite set of Arcs such that: P ∩ T = P ∩ A = T ∩ A = ∅
• IV- N is a set of Token
In a formal way, A CP-net is a tuple CPN = (∑, Ρ, Τ, Α, Ν, C , G, E , I )
I- ∑ is a finite set of non-empty types, also called colored sets.
II- P is a finite set of Places.
III- T is a finite set of Transitions. P ∩T = P ∩ A = T ∩ A = ∅
IV- A is a finite set of Arcs such that:
V- N is a node function. It is defined from A into .”colored over arcs”P × T ∪ T × P
VI- C is a color function. It is defined from P into . ∑ “token”
VII- G is a guard function. It is defined from T into expressions such that: “Boolean function with
probability.”
∀t ∈ T :[Type(G (t )) = B ∧ Type(Var (G (t ))) ⊆ ∑ ].
VIII- E is an arc expression function. It is defined from A in to expressions such that: i.e. (check k=n)
∀ a ∈ A : [ t y p e ( E ( a ) ) = C ( p ) M S ∧ T y p e (V a r ( E ( a ) ) ) ⊆ ∑ ]
w h e r e P is th e p la c e o f N (a )
IX- I is an initialization function. It is defined from P into closed expressions such that 7
∀p ∈ P :[Type( I ( p )) = C ( p ) ms ].
8. Presentation using Petri Nets
Presentation using Petri Nets
- Graph Petri Net
A Petri net, which can be used in a graph, has four essential elements:
places, transitions, arcs, and tokens. As finite state machine and
other tools, Petri nets are used to detect protocol failures.
- Algebraic Petri Net
It is another form of Petri nets that represents a system and a protocol
as a grammar language or logic in an algebraic form
- Colored Petri Net
It is a specific type of petri nets, where the arcs contain data
For more details: http://www.daimi.au.dk/PetriNets/
11/8/2002 MNLAB, CTI, DEPAUL 8
9. Why Colored Petri Nets
Why Colored Petri Nets
CP-nets have a graphical representation
CP-nets are very general and can be used to describe a large
variety of different systems
CP-nets have an explicit description of both states and
actions
CP-nets offer hierarchical descriptions
CP-nets offer interactive simulations where the results are
presented directly on the CPN diagram
CP-nets have computer tools supporting their drawing,
simulation and formal analysis
http://www.daimi.au.dk/CPNets/
11/8/2002 MNLAB, CTI, DEPAUL 9
10. CP-Net Aspects
CP-Net Aspects TOOLS
• editing
• simulation
THEORY • verification
• models
• basic concepts
• analysis methods
• One of the reasons for PRACTICAL USE
the success of CP-nets is • specification
the fact that It • validation
simultaneously has • verification
worked in all three
• implementation
areas.
11/8/2002 MNLAB, CTI, DEPAUL 10
REF. Kurt Jensen And Details: http://www.daimi.au.dk/CPnets/intro/example_indu.html
11. An Introduction to Colored Petri Nets
An Introduction to Colored Petri Nets
University of Aarhus, DK
University of Aarhus, DK
Colored Petri Nets (CP-nets or CPN) is a graphical oriented language
for design, specification, simulation and verification of systems. It
is in particular well-suited for systems in which communication,
synchronization and resource sharing are important.
Typical examples of application areas are communication protocols,
distributed systems, imbedded systems, automated production
systems, work flow analysis and VLSI chips, Medicine, Bio-
informatics , .
CPN Can do: For :
•Networking protocols
•Simulation •Security protocols
•Verification •Multi agent application
•Distributed systems
•Design & model •Work flow
•Specification •VLSI
•Compute the Performance •Industrial protocols
•Many other application 11
http://www.daimi.au.dk/~kjensen/papers_books/rec_papers_books.html#intro_cpn_papers
12. Elements of CPN
• The ellipses and the circles are called places. They
describe the states of the system (buffers)
• The rectangles are called transitions. They describe the
actions (processes).
• The arrows are called arcs. The arc expressions describe
how the state of the CP-net changes when the transitions
occur.
• Each place contains a set of markers called tokens. each of
these tokens carries a data value, which belongs to a given
type.
Show Diagram
11/8/2002 MNLAB, CTI, DEPAUL 12
13. Coloured Petri Nets
• Modelling language for systems where synchronisation,
communication, and resource sharing are important.
Combination of Petri Nets and Programming Language.
Control structures, synchronisation, communication, and
resource sharing are described by Colored Petri Nets.
Data and data manipulations are described by
functional programming language.
CPN models are validated by means of simulation and
verified by means of state spaces and place invariants.
Coloured Petri Nets is developed at University of
Aarhus, Denmark over the last 20 years.
11/8/2002 MNLAB, CTI, DEPAUL 13
REF. Kurt Jensen And Details: http://www.daimi.au.dk/CPnets/intro/example_indu.html
14. Introductory Model (Simple)
Combination of graphics and texts
• Network of nodes and
arcs.
Places describe the state of
the system. A,B, C or C1, C2,
S1, S2
Places carry markers, called
tokens.int, string, data
Transitions describe the actions
of the system i.e. send, receive,
encrypt, check
Arcs tell how actions modify
the state and when they
occur
IF The token is moved from A to B. This means that the packet is successfully transmitted over the network.
14
REF. Kurt Jensen And Details: http://www.daimi.au.dk/CPnets/intro/example_indu.html
15. Applicable Example:
Applicable Example:
Simulation of scenarios
Receiver expects
packet no. 6.
Sender is still
sending packet
no. 5.
Acknowledgement
requesting packet
no. 6 is arriving.
May be the package
did not arrive (lost)
11/8/2002 MNLAB, CTI, DEPAUL 15
REF. Kurt Jensen And Details: http://www.daimi.au.dk/CPnets/intro/example_indu.html
17. Incidence Matrix (State Equation) for CPN..
Incidence Matrix (State Equation) for CPN..
11/8/2002 MNLAB, CTI, DEPAUL 17
18. R
1
2B
Suppose the initial marking Μ 0 = 0 σ = 0
B 0
− R R 0
A= − B 0 0
2R − 2R B
0 R − 2B
Μ1 = Μ 0 + Ασ
New concepts of
0
Addition
B
Then we can compute Μ1 = 2R subtraction,
B Multiplication
…..etc.
11/8/2002 MNLAB, CTI, DEPAUL 18
19. CP-Nets Applications
CP-Nets Applications
Examples of Industrial Use of CP-nets
The following projects document large-scale practical use of CP-nets and their tools. Many of
the projects have been carried out in an industrial environment. For all projects one or more
papers are available
• Protocols and Networks
• Software
• Hardware
• Control of Systems
• Military Systems
• Other Systems
REF.11/8/2002
And Details: MNLAB, CTI, DEPAUL
http://www.daimi.au.dk/CPnets/intro/example_indu.html 19
20. Applications
Applications Application areas
Protocols and Networks
Intelligent Networks at Deutsche Telekom
IEEE 802.6 Configuration Control at Telstra Research Labs
Allocation Policies in the Fieldbus Protocol in Japan
ISDN Services at Telstra Research Laboratories
Protocol for an Audio/Video System at Bang & Olufsen
TCP Protocols at Hewlett-Packard
Local Area Network at University of Las Palmas
UPC Algorithms in ATM Networks at University of Aarhus
BRI Protocol in ISDN Networks
Network Management System at RC International A/S
Interprocess Communication in Pool IDA at King's College
Software
Mobile Phones at Nokia
Bank Transactions & Interconnect Fabric at Hewlett-Packard
Mutual Exclusion Algorithm at University of Aarhus
Distributed Program Execution at University of Aarhus
Internet Cache at the Hungarian Academy of Science
Electronic Funds Transfer in the US
Document Storage System at Bull AG
ADA Program at Draper Laboratories
11/8/2002 MNLAB, CTI, DEPAUL 20
REF. Kurt Jensen And Details: http://www.daimi.au.dk/CPnets/intro/example_indu.html
21. Applications
Applications
Control of Systems
Security and Access Control Systems at Dalcotech A/S
Mechatronic Systems in Cars at Peugeot-Citroën in France
European Train Control System in Germany
Flowmeter System at Danfoss
Traffic Signals in Brazil
Chemical Production in Germany
Model Train System at University of Kiel
Hardware
Superscalar Processor Architectures at University of Newcastle
VLSI Chip in the US
Arbiter Cascade at Meta Software Corp.
Military Systems
Military Communications Gateway in Australia
Influence Nets for the US Air Force
Missile Simulator in Australia
Naval Command and Control System in Canada
Other Systems
Bank Courier Network at Shawmut National Coop.
Nuclear Waste Management Programme in the US
11/8/2002 MNLAB, CTI, DEPAUL 21
REF. Kurt Jensen And Details: http://www.daimi.au.dk/CPnets/intro/example_indu.html
22. Important application
Important application
Automatic code generation
• CPN models are often used to specify and
validate new software:
• It is also possible to implement the software by
automatic code generation.
– This method has been applied to develop a system
for access control to buildings.
– The source code for the final implementation was
generated automatically from the CPN
specification - by extracting parts of the Standard
ML code used by the CPN simulator.
– The approach is only sensible for systems that are
not time critical and systems that are produced in
small numbers.
11/8/2002 MNLAB, CTI, DEPAUL 22
REF. Kurt Jensen And Details: http://www.daimi.au.dk/CPnets/intro/example_indu.html
23. Computer tools
• Design/CPN was developed in the late 80'ies
and early 90'ies.
– Today it is the most widely used Petri net package.
– 750 different organisations in 50 countries
– including 200 commercial companies.
• CPN Tools is the next generation of tool
support for
Coloured Petri Nets.
– Within the next 1-2 years the CPN Tools is
expected to replace Design/CPN and obtain the
same number of users.
11/8/2002 MNLAB, CTI, DEPAUL 23
REF. Kurt Jensen And Details: http://www.daimi.au.dk/CPnets/intro/example_indu.html
24. CP-Net Aspects
CP-Net Aspects TOOLS
• editing
• simulation
THEORY • verification
• models
• basic concepts
• analysis methods
• One of the reasons for PRACTICAL USE
the success of CP-nets is • specification
the fact that we • validation
simultaneously have • verification
worked in all three
• implementation
areas.
11/8/2002 MNLAB, CTI, DEPAUL 24
REF. Kurt Jensen And Details: http://www.daimi.au.dk/CPnets/intro/example_indu.html
25. Verification of Security Protocols using
Colored Petri Nets
• Why
• How
• Results
• Improvement
11/8/2002 MNLAB, CTI, DEPAUL 25
26. Colored Petri Net Objects
Colored Petri Net Objects
Introductory Example:
Introductory Example:
11/8/2002 MNLAB, CTI, DEPAUL 26
27. CP-net Intruder Model
CP-net Intruder Model
11/8/2002 simpleCTI, DEPAUL
MNLAB, model 27
28. Modeling Protocols Using Colored Petri Nets
Modeling Protocols Using Colored Petri Nets
The model consists of the following steps:
Step1: describe the protocol in a CP-Net form.
Step2: write Acceptance Check Steps (ACS).
Step3: describe the intruder model.
Step4: find the insecure states.
Step5: apply the Matrix Analysis Steps (MAS).
Then run your computer program to solve the
equation
Μ n = Μ 0 + Ασ
11/8/2002 MNLAB, CTI, DEPAUL 28
29. MAS Flow Chart
MAS Flow Chart
and Implementation
and Implementation
This flow chart
supposes we know
the insecure state
and want to verify
and test whether the
vector σ
exists or not
11/8/2002 MNLAB, CTI, DEPAUL 29
30. STS Protocol Messages
STS Protocol Messages
A to B: A, α mod Ρ
x
The client sends α x mod Ρ after generating a secret random x
B to A : α modΡ, Ek (SB (α ,α ), Bp )
y
s
x y
Κ = (α ) mod Ρx y
The server sends α y mod Ρ after generating a secret random y
Sign_mess with server secret key and encrypted by computed session key
A to B : E k (S As (α , α
x y
), A p )
Κ = (α ) mod Ρy x
Sign_mess with client secret key and encrypted by computed session key.
11/8/2002 MNLAB, CTI, DEPAUL 30
33. Steps of Analysis
Steps of Analysis
Step1: model the STS using CP-net illustrated in the previous figure
M1: A, α mod Ρ
x
M2: α y mod Ρ , E k ( S B (α x , α y ), B p )
s
M3: E k (S As (α x
,α y
), A p )
Step2: applying the Acceptance Check Step (ACS) to STS messages
Step3: add the proposed intruder side in the model as in the figure
11/8/2002 MNLAB, CTI, DEPAUL 33
35. Part I: Specifying STS
Part I: Specifying STS
Step4.I: by analyzing the protocol, we find that man-in-middle
attack has the ability to direct the negotiation between the
client and server. The intruder shares K1 with the client and
K2 with the server.
T
M 0 = [0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0], where n = 20
And the insecure state
T
Mn = [0,0,0,0,M2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0], where n = 20
11/8/2002 MNLAB, CTI, DEPAUL 35
39. Continue
Step5.I: Applying MAS, we find that the defined final
insecure state is reachable from the initial state, which is
considered a major problem in the security of STS protocol.
Μ n = Μ 0 + Ασ
11/8/2002 MNLAB, CTI, DEPAUL 39
41. Conclusion
Conclusion
STS Protocol has been verified and specified using
Colored Petri nets
the insecure states in STS Protocol have been proved
More research needs to be conducted in verification of
protocols (sp. security protocols)
Analysis complex security protocols
Compute the performance of security protocols using CP-nets
Compare between different tools for verification and
analysis of security protocols
11/8/2002 MNLAB, CTI, DEPAUL 41
42. Conclusion TOOLS
• editing
• simulation
THEORY • verification
• models
• basic concepts
• analysis methods
PRACTICAL USE
• One of the reasons for • specification
the success of CP-nets is • validation
the fact that we
• verification
simultaneously have
• implementation
worked in all three
areas.
11/8/2002 MNLAB, CTI, DEPAUL 42
REF. Kurt Jensen And Details: http://www.daimi.au.dk/CPnets/intro/example_indu.html
43. References and Links
• http://www.daimi.au.dk/CPnets/
• www.students.depaul.edu/~saly.html
• http://www.daimi.au.dk/PetriNets/research/
• A list of of more than 50 published papers describing
different industrial applications of CP-nets and the CPN
tools.
http://www.daimi.au.dk/CPnets/intro/example_indu.html
REF.11/8/2002
And Details: MNLAB, CTI, DEPAUL
http://www.daimi.au.dk/CPnets/intro/example_indu.html 43