A formal specification and verification method for the prevention of denial of service

Abstract

In this paper we present a formal specification and verification method for the prevention of denial of service in absence of failures and of integrity violations. We introduce the notion of "user agreements," and argue that lack of specifications for these agreements and for simultaneity conditions makes it impossible to demonstrate denial-of-service prevention, in spite of demonstrably fair service access. We illustrate the use of this method with two examples and explain why current methods for specification and verification of safety and liveness properties of concurrent programs have been unable to handle this problem. The proposed specification and verification method is meant to augment current methods for secure system design.