Abstract :
[en] Our increasing dependence on complex and critical information
infrastructures and the emerging threat of sophisticated attacks,
ask for extended efforts to ensure the correctness and security of
these systems. Byzantine fault-tolerant state-machine replication (BFT-SMR)
provides a way to harden such systems. It ensures that they maintain
correctness and availability in an application-agnostic way,
provided that the replication protocol is correct and at least n-f
out of n replicas survive arbitrary faults. This paper presents Velisarios a logic-of-events based
framework implemented in Coq, which we developed to implement and
reason about BFT-SMR protocols. As a case study, we present the first machine-checked proof of a crucial
safety property of an implementation of the area's reference protocol: PBFT.
Scopus citations®
without self-citations
18