Towards Formal Verification of a Commercial Wireless Router Firmware

Authors

Zheng Lu, LSU College of Engineering
Christopher Steinmuller, LSU College of Engineering
Supratik Mukhopadhyay, LSU College of Engineering

Document Type

Conference Proceeding

Publication Date

1-1-2013

Abstract

Formal verification of the trusted computing base of a software system is essential for its deployment in mission-critical environments. Commercial off-the-shelf routers are nowadays being used for managing traffic in high-assurance networks. The specifications for the development of these routers are provided by RFCs that are only described informally in English. It is essential to ensure that a router firmware conforms to its corresponding RFC before it can be deployed for managing mission-critical networks. In this paper, we report the formal verification of the conformance of the open source Netgear WNR3500L wireless router firmware implementation to the RFC 2131 [6] based on which it is designed. The formal verification effort led to the discovery of several possible problems in the implementation that we report in this paper. We have used the Coq proof assistant extensively in this verification effort. The formal verification process demonstrates the usefulness of inductive types and higher-order logic in software certification. © 2013 IEEE.

Publication Source (Journal or Book title)

Proceedings International Computer Software and Applications Conference

First Page

639

Last Page

647

Recommended Citation

Lu, Z., Steinmuller, C., & Mukhopadhyay, S. (2013). Towards Formal Verification of a Commercial Wireless Router Firmware. Proceedings International Computer Software and Applications Conference, 639-647. https://doi.org/10.1109/COMPSAC.2013.103