Model checking web applications
Alzahrani, Mohammed Yahya
MetadataShow full item record
The modelling of web-based applications can assist in capturing and understanding their behaviour. The development of such applications requires the use of sound methodologies to ensure that the intended and actual behaviour are the same. As a verification technique, model checking can assist in finding design flaws and simplifying the design of a web application, and as a result the design and the security of the web application can be improved. Model checking has the advantage of using an exhaustive search of the state space of a system to determine if the specifications are true or not in a given model. In this thesis we present novel approaches in modelling and verifying web applications' properties to ensure their design correctness and security. Since the actions in web applications rely on both the user input and the server status; we propose an approach for modelling and verifying dynamic navigation properties. The Spin model checker has been used successfully in verifying communication protocols. However, the current version of Spin does not support modelling time. We integrate discrete time in the Spin model to allow the modelling of realistic properties that rely on time constraints and to analyse the sequence of actions and time. Examining the sequence of actions in web applications assists in understanding their behaviour in different scenarios such as navigation errors and in the presence of an intruder. The model checker Uppaal is presented in the literature as an alternative to Spin when modelling real-time systems. We develop models with real time constraints in Uppaal in order to validate the results from the Spin models and to compare the differences between modelling with real time and with discrete time as in Spin. We also compare the complexity and expressiveness of each model checker in verifying web applications' properties. The web application models in our research are developed gradually to ensure their correctness and to manage the complexities of specifying the security and navigation properties. We analyse the compromised model to compare the differences in the sequence of actions and time with the secure model to assist in improving early detections of malicious behaviour in web applications.