Moonkun Lee

δ-calculus: Process Algebra to Model Secure Movements of Distributed Mobile Processes in Real-time Business Applications

Some process algebras were applied to enterprise business modelling for formal specification and verification. However the algebras mostly dealt with stationary cases but the distributed and mobile. calculus and mobile ambient can be considered for the distributed and mobile, especially to represent the movements of distributed real-time business processes. However there are some limitations to model the movements: 1) -calculus passes the name of port for indirect movements, and 2) mobile ambient uses ambient to synchronize asynchronous movements forcefully. As a solution to the limitations, this paper presents new process algebra, called -calculus, to specify direct and synchronous movements of business processes over geo-temporal business space, where a process can be nested in another process, and whose configuration is changed by the movements. Any violation of safety or security of the systems caused by the movements can be detected and prevented by the properties of the movements: synchrony, priority and deadline. It means that any movement must get the proper permission with the required priority in time. In the enterprise modelling, it will be critical to adapt this kind of concept for business safety and security. A tool, called SAVE, was developed on ADOxx meta-modelling platform to demonstrate the concept.

A Reduction Method for Process and System Complexity with Conjunctive and Complement Choices in a Process Algebra

This paper introduces new notion of conjunctive and complement choices in process algebra, which reduces significant process and system complexity for distributed mobile real-time system during specification and analysis. The complement choice implies that two processes make cohesive choices for each other at its own choice operation. The conjunctive choice implies choice dependency among consecutive choice operations in a process. The conjunctive choice reduces process complexity exponentially by the degree of the choice dependencies. The complement choice also reduces system complexity exponentially by the degree of the choice dependencies. Consequently, the approach makes the specification and analysis of the systems much easier since the complexity is reduces significantly. This notion is implemented in a process algebra, called δ-calculus. The efficiency and effectiveness are demonstrated with an example in a tool for the algebra, called SAVE, which is developed on ADOxx platform.

An Abstraction Method for Mobility and Interaction in Process Algebra Using Behavior Ontology

A number of process algebras have been proposed to develop distributed mobile systems: Pi-Calculus[1,2], Mobile Ambients Calculus[3], Bigraph[4,5], etc. However the algebras are not well suitable for understanding the interactions and mobility of the processes in the large and complex systems due to the lack of abstraction to handle the size and complexity. This paper handles the size and complexity with a method of abstraction on the sequences of the interactions and movements, which can be further organized in the form of hierarchically structured lattices, namely, Prism. The theoretical principle of the abstraction is based on a new concept of Behavior Ontology, which is extended from Active ontology [9]. Prism makes the analysis of the systems systematic in the hierarchically organized semantic structure. Consequently the understanding of the systems becomes more meaningful. To demonstrate the feasibility of the approach, Prism is partially realized in SAVE Tool [6,7,8].

SAVE: An Environment for Visual Specification and Verification of IoT

This paper presents a visual environment, called SAVE, to model IoT systems with dynamic and static properties. Firstly, the dynamic properties, such as operational requirements, of the systems are specified with a process algebra, called δ-Calculus, and, secondly the static properties, such as safety requirements, of the systems are specified with a first-order logic, called GTS Logic. Once specifications are done, the static properties are verified on the dynamic properties by checking whether or not the static properties are valid for the simulation of the systems based on the dynamic properties. SAVE provides a set of visual tools to specify both dynamic and static properties of the systems, simulate the systems based on the dynamic properties, and to verify the static properties on the dynamic properties from the simulation. SAVE is developed on the ADOxx meta-modeling platform. It can be considered one of the most innovative visual tools to model IoT systems for both dynamic and static properties of the systems and to verify the validity of the static properties on the dynamic properties.

Behavior Ontology: A Framework to Detect Attack Patterns for Security

This paper presents a new method to detect attack patterns in security-critical systems, based on a new notion of Behavior Ontology. Generally security-critical systems are large and complex, and are subject to be attacked by attackers in every possible way. Therefore it is very complicated to detect various attacks systematically in some semantic structure. This paper handles the complication with Behavior Ontology, where patterns of attacks in the systems are defined as a sequence of actions on class ontology for the systems. By the nature of the actions, the attack patterns can be abstracted in hierarchical order, forming a lattice or a lattice of lattices, based on inclusion relations. Once the behavior ontology for the attach patterns are defined, the attacks in the target systems can be detected both semantically and hierarchically in the structure of the ontology. Compared with other attack models, the analysis on the behavior ontology shows that the approach in the paper is very effective and efficient in time and space. The approach can be considered as the first attempt to detect attack patterns with the notion of behavior ontology.

Visual Representation of Temporal Properties in Formal Specification and Analysis using a Spatial Process Algebra

There are a number of formal methods for distributed real-time systems in ubiquitous computing to analyze and verify the behavioral, temporal and the spatial properties of the systems. However most of the methods reveal structural and fundamental limitations of complexity due to mixture of spatial and behavioral representations. Further temporal specification makes the complexity more complicate. In order to overcome the limitations, this paper presents a new formal method, called Timed Calculus of Abstract Real-Time Distribution, Mobility and Interaction(t-CARDMI). t-CARDMI separates spatial representation from behavioral representation to simplify the complexity. Further temporal specification is permitted only in the behavioral representation to make the complexity less complicate. The distinctive features of the temporal properties in t-CARDMI include waiting time, execution time, deadline, timeout action, periodic action, etc. both in movement and interaction behaviors. For analysis and verification of spatial and temporal properties of the systems in specification, t-CARDMI presents Timed Action Graph (TAG), where the spatial and temporal properties are visually represented in a two-dimensional diagram with the pictorial distribution of movements and interactions. t-CARDMI can be considered to be one of the most innovative formal methods in distributed real-time systems in ubiquitous computing to specify, analyze and verify the spatial, behavioral and the temporal properties of the systems very efficiently and effectively. The paper presents the formal syntax and semantics of t-CARDMI with a tool, called SAVE, for a ubiquitous healthcare application.

A Lattice Model to Verify Behavioral Equivalences

This paper presents a new model to verify behavioral equivalences based on behavior ontology. In the ontology, actions among processes or tasks are defined as interaction and movement, and, further, behaviors are defined as a sequence of such interactions and/or movements. Since some interactions and movements among the behaviors are overlapped, the behaviors are organized in a lattice structure, called, n:2-Lattice. Compared to other lattices, the lattice has special properties of multiple joins and meets. The property allows polymorphic interpretations of behaviors for equivalence, based on degree of abstraction. It guarantees abstraction of the exponential and nondeterministic complexity of behaviors into polynomial complexity. The ontology can be considered as one of the unique and innovative structure to represent behavioral equivalences.

Algebraic Method to Model Secure IoT

Process algebra can be considered to be one of the best methods to model IoT systems since it can represent the main properties of things in the systems: communication, movements, deadlines, etc. The best known algebras are π-calculus and mobile ambient. However, there are some limitations to model the different types of movements of the things with secure requirements. π-calculus passes the name of ports for indirect movements unrealistically, and mobile ambient uses ambient to synchronize asynchronous movements forcefully and unnaturally. This paper presents new process algebra, called δ-calculus, to model the different types of such synchronous movements for the things in IoT over some target geographical space. A process can be nested in another process, and their configuration will be changed by these movements. Any violation of the secure movements can be detected and prevented by the properties of the movements: synchrony, priority and deadline. To demonstrate the feasibility, a tool, called SAVE, was developed on the ADOxx metamodeling platform with an emergency medical system, which is one of the best suitable application domains for IoT.

An Abstraction Method of Behaviors for Process Algebra

In CCS, Milner defined the notion of Strong and Weak Bisimulations for behavioral equivalence between two processes or systems. However the notion has not been studied further in the perspective of abstraction for such behaviors in process algebra. In some sense, weak bisimulation could be interpreted as a kind of behavior equivalence between two processes at the certain degree of abstraction, based on observability. Here we noticed the possibility of representing such observable behaviors with a certain structure of abstraction and verify a number of behavioral equivalences in the structure. In the paper, such possibility has been realized with a new concept of Behavior Ontology. In the ontology, actions can be defined as an interaction between two processes or systems, and, further, behaviors can be defined as a sequence of such actions. Since some actions between the behaviors can be overlapped in some structural way, the behaviors can be organized in a lattice structure, namely, Behavior Lattice. Consequently, the lattice reveals certain levels of observability of the behaviors, based on degree of abstraction. From the lattice, a strong bisimulation and its weak bisimulations can be detected visually. The comparative study shows that the ontology is very effective and efficient for representing such abstract behaviors and verifying strong and weak bisimulations in a lattice structure. The ontology can be considered as one of the unique and innovative structure to represent such behaviors in a hierarchical structure of abstraction.

A Graphical Language to Integrate Process Algebra and State Machine Views for Specification and Verification of Distributed Real-Time Systems

Being very large and extremely complex, distributed real-time systems are specified by formal methods, such as state machines and process algebras, and are verified by temporal and spatial logics. However the methods have some limitations in the specification and verification, since process algebras mainly focus on the in-the-large view of the systems and, relatively, state machines mainly focus on the in-the-small view of the systems. Consequently there is a strong need for some intermediate methods to integrate these two views into one view to handle the size and complexity of the systems effectively. This paper presents such a visual formalism, namely, Onion, where processes and their transitive actions in the systems are graphically represented in one single entity, just like those of a real onion, over a geographical space. Further the temporal properties of mobility and interactions of the processes are specified in a geo-temporal space. Once these are done, the temporal and spatial requirements for the systems are graphically specified on the processes and actions using a visual logic. Finally, the specifications are visually analyzed and verified through simulation on the space for the requirements. The comparative study shows that Onion is very effective and efficient for the visualization of the systems and that it overcomes the stated limitations.