Modelling and verifying IEEE Std 11073-20601 session setup using mCRL2

摘要

In this paper we advocate that formal verification should bea part of the development of a communication standard;in a short period of time issues areuncovered that have been in the standard for a number of years, and allsubtleties in the correctness of the protocol are understood.We model and verify the session setup protocolthat is part of the IEEE 11073-20601:2008 standard for communication betweenpersonal health devices.We identify a number of issues present in the standards document.Discussion with a member of the standards committee unveiled that most, but notall, of the identified issues are fixed in the IEEE 11073-20601:2010 version ofthe standard.In addition, the correctness of the protocol, including the fixes, is assessed.For this, properties of the session setup protocol are formulated, and usingthe model checker mCRL2 it is verified whether the model satisfies theseproperties.We show that the session setup protocol is flawed, and propose a straightforwardway to fix this issue.