Older blog entries for nchriss (starting at number 2)

Had a good chat about CSP with stevej. CSP notation was very difficult to get a handle on originally, but I have developed an improving knowledge of its fundementals. As a caution to others reading the related text (Modelling and Analysis of Security Protocols), the writing specific to notation is not straight forward. After refreshing my knowledge of set theory and process algebra in addition to reading 'The Theory and Practice of Concurrency' I was able to understand the subject matter and thus the modelling notation (hand-written). I have yet to tackle Machine Readable CSP (CSP susbscript 'm'), an ASCII version of the notation readable by interpreters (PROBE, CASPER) and compilers (FDR2). Still taking notes and should be putting them up at some point this evening.

In terms of OpenCSP, stevej and I are trying to formulate a course of action for developing an open-source CSP interpreter. Our primary obstacles lay in the prohibitive amount that it costs for PROBE and FDR2. This fact may be in our best interest, as the current DMCA laws would create a problem if Formal Systems found or work to their dislike. Another obstacle is not having a full list of CSP notation operators. This is temporary and expected, as we're literally formulating this project as our understanding of CSP and its uses improves. All aside, the work will be worth the effort and hopefully a lot of fun.

I'm playing around with weighted queueing techniques for further work with ALTQ in conjunction with the work done by Newsham and Ptacek. Should be an interesting experiment but I haven't checked the feasibility or fleshed out the concept just yet. More on that later.

CSP Notes

I'll be posting my notes on Communicating Sequential Processes. The notes will be synthesized from the following texts: 'The Theory and Practice of Concurrency' and 'Modelling and Analysis of Security Protocols'.

For those who are interested in the above reading, I would suggest perusing T&P of Concurrency, before diving into M&A.

The culmination of my notes and studies will be the paper, 'Introduction to CSP and Security Protocol Analysis'.

Notes from 'T&P':

- CSP is a notation for describing 'concurrent' systems whose component processes interact with each other by communication.

- A system is said to exhibit concurrency when there can be several processes or subtasks making progress at the same time.

- The CSP language functions as a collection of mathematical models and reasoning methods which help us understand this notation.

Simply put, the CSP language consists of notation and calculus for modelling interactions between processes.

-Primary applications for CSP will be areas where the main interest lies in the structure and consequences of interactions:

VLSI Design
Communications Protocols
Real-Time Control Systems
Copmuter Security
Fault Tolerance
Database and Cache consistency
Telecommunications Systems

[Note: My specific interests and the aim of my studies would be in the realm of computer security, specifically in modelling security protocols]

-Difficulties in modelling concurrent systems:

-There are more states to worry about in parallel code, because the total number of states grows exponentially (with the number of components).

-Aside from the state, there are a number of misbehaviors which create their own difficulties in parallel systems:

-Nondeterminism: two different copies of the system behave differently when given exactly the same input.

-Deadlock: A concurrent system is deadlocked if no component can make any progress, generally beceause each is waiting for communication with others.

-Livelock: Also known as Divergence. Process performs an infinite unbroken sequence of internal actions. When a network communicates infinitely internally without any component communicating externally.

Tools -FDR: Failure/Divergence Refinement - automated proof tool for CSP. -PROBE - Simulator/animator which allows for interaction with CSP processes merely providing a form of implementation that allows experimentation.

Ch. 1 -

- CSP is a calculus for studying processes which interact with eachother and their environment by means of communication.

- The most fundamental aspect of CSP is a communication event.


Started new journal. I'll be posting quite a bit on my security research and findings consistently. Nice community...

Current projects:

IPF bridging for gh0st.net

Cohesive LDAP architecture and design for gh0st.net

Communicating sequential processes and general process algebra studies

Weighted queueing techniques using ALTQ

Study of IDS evasion/insertion techniques.

..and so it goes.

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!