Skip to content

viperproject/VerifiedSCION

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5,685 Commits
.buildkite
.buildkite
 
 
.github
.github
 
 
acceptance
acceptance
 
 
antlr
antlr
 
 
bin
bin
 
 
control
control
 
 
daemon
daemon
 
 
demo
demo
 
 
dispatcher
dispatcher
 
 
doc
doc
 
 
docker
docker
 
 
gateway
gateway
 
 
licenses
licenses
 
 
patches
patches
 
 
pkg
pkg
 
 
private
private
 
 
proto
proto
 
 
router
router
 
 
rules_openapi
rules_openapi
 
 
scion-pki
scion-pki
 
 
scion
scion
 
 
spec
spec
 
 
tools
tools
 
 
topology
topology
 
 
verification
verification
 
 
.bazelignore
.bazelignore
 
 
.bazelrc
.bazelrc
 
 
.bazelversion
.bazelversion
 
 
.coveragerc
.coveragerc
 
 
.editorconfig
.editorconfig
 
 
.flake8
.flake8
 
 
.gitignore
.gitignore
 
 
.golangcilint.yml
.golangcilint.yml
 
 
.semgrepignore
.semgrepignore
 
 
BUILD.bazel
BUILD.bazel
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
WORKSPACE
WORKSPACE
 
 
bazel-remote.yml
bazel-remote.yml
 
 
bors.toml
bors.toml
 
 
buf.yaml
buf.yaml
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
go_deps.bzl
go_deps.bzl
 
 
logo.png
logo.png
 
 
nogo.bzl
nogo.bzl
 
 
nogo.json
nogo.json
 
 
scion.bzl
scion.bzl
 
 
scion.sh
scion.sh
 
 
tool_deps.bzl
tool_deps.bzl
 
 

Repository files navigation

VerifiedSCION

This package contains the verified implementation of the router from the SCION protocol, a future Internet architecture. SCION is the first clean-slate Internet architecture designed to provide route control, failure isolation, and explicit trust information for end-to-end communication.

VerifiedSCION sticker

To find out more about the project, please visit the official project page.

This repository contains a recent version of SCION (which we plan to keep updated), as well as fixes to the bugs we report as a result of verifying the SCION router from the mainline SCION repository.

Methodology

We focus on verifying the main implementation of SCION, written in the Go programming language.

To that end, we have developed Gobra, a program verifier for Go. Gobra allows users to annotate Go code with specifications in the form of logical assertions establishing the behaviour of the program. It then automatically checks whether the implementation matches its given specification. We use Gobra in the CI of this project via the gobra-action to verify our code-base.

In this project, we aim at verifying the data-plane component of the SCION border router. In particular, we verify the following properties:

  1. memory safety, crash freedom, and race-freedom of the SCION data-plane code
  2. progress properties and termination of the data-plane code
  3. the IO behaviour of the router successfully refines the SCION protocol - we prove this property only the handling of packets of type SCION (i.e., we ignore BFD packages for now)

When necessary, we make reasonable assumptions and explicitly state them.

Differences to scionproto/scion

This repository is meant to be updated frequently, to keep track of the changes in the SCION implementation (scionproto/scion).

We try to have minimal differences from the original code and we expect to contribute these changes to the upstream when we believe that they improve the original code.

Repo Structure

This repository contains all the code from scionproto/scion. Its directory structure is the same as the SCION repository, except that it includes the verification directory, which contains useful definitions for specifying and verifying the border router:

verification
├── dependencies # spec of 3rd-party dependencies
└── utils
    ├── definitions # useful definitions
    └── slices # slice predicates and operations

To specify and verify the border router, we often add specifications in .go files directly. We also introduce .gobra files containing ghost-code and predicate definitions specific to a package.

License

License

About

Verifying the SCION architecture using Gobra

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

10 stars

Watchers

6 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 71

+ 57 contributors

Languages