GeneSyst: A Tool to Reason About Behavioral Aspects of B Event Specifications. Application to Security Properties

  • Didier Bert
  • Marie-Laure Potet
  • Nicolas Stouls
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3455)


In this paper, we present a method and a tool to build symbolic labelled transition systems from B specifications. The tool, called GeneSyst, can take into account refinement levels and can visualize the decomposition of abstract states in concrete hierarchical states. The resulting symbolic transition system represents all the behaviors of the initial B event system. So, it can be used to reason about them. We illustrate the use of GeneSyst to check security properties on a model of electronic purse.


Transition System Abstract State Security Policy Security Property Reachability Condition 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Abrial, J.-R.: The B Book - Assigning Programs to Meanings. Cambridge University Press, Cambridge (1996)zbMATHCrossRefGoogle Scholar
  2. 2.
    Abrial, J.-R.: Extending B without Changing it (for Developing Distributed Systems). In: Habrias, H. (ed.) First B conference, Putting into Practice Methods and Tools for Information System Design, IRIN, pp. 169–191 (1996)Google Scholar
  3. 3.
    Abrial, J.R., Mussat, L.: Introducing Dynamic Constraints in B. In: Bert, D. (ed.) B 1998. LNCS, vol. 1393, pp. 83–128. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  4. 4.
    Ambert, F., Bouquet, F., Chemin, S., Guenaud, S., Legeard, B., Peureux, F., Utting, M., Vacelet, N.: BZ-testing tools: A tool-set for test generation from Z and B using constraint logic programming. In: Formal Approaches to Testing of Software (FATES 2002), pp. 105–120. INRIA (2002)Google Scholar
  5. 5.
    Bert, D., Cave, F.: Construction of Finite Labelled Transition Systems from B Abstract Systems. In: Grieskamp, W., Santen, T., Stoddart, B. (eds.) IFM 2000. LNCS, vol. 1945, pp. 235–254. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  6. 6.
    Cansell, D., Méry, D., Merz, S.: Predicate Diagrams for the Verification of Reactive Systems. In: Grieskamp, W., Santen, T., Stoddart, B. (eds.) IFM 2000. LNCS, vol. 1945, pp. 380–397. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  7. 7.
    Cansell, D., Méry, D., Merz, S.: Diagram Refinements for the Design of Reactive Systems. Journal of Universal Computer Science 7(2) (2001)Google Scholar
  8. 8.
    Common Criteria. Common Criteria for Information Technology Security Evaluation, Norme ISO 15408 - version 2.1, Aout (1999)Google Scholar
  9. 9.
    Graf, S., Saïdi, H.: Construction of Abstract State Graphs with PVS. In: Grumberg, O. (ed.) CAV 1997. LNCS, vol. 1254. Springer, Heidelberg (1997)Google Scholar
  10. 10.
    Hoare, C.A.R.: Communicating Sequential Processes. Prentice-Hall, Englewood Cliffs (1985)zbMATHGoogle Scholar
  11. 11.
    Lamport, L.: A Temporal Logic of Actions. ACM Transactions on Programming Languages and Systems 16(3), 872–923 (1994)CrossRefGoogle Scholar
  12. 12.
    Lamport, L.: TLA in Pictures. Software Engineering 21(9), 768–775 (1995)CrossRefGoogle Scholar
  13. 13.
    Ledang, H., Souquières, J.: Contributions for Modelling UML State-charts in B. In: Butler, M., Petre, L., Sere, K. (eds.) IFM 2002. LNCS, vol. 2335, pp. 109–127. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  14. 14.
    Leuschel, M., Butler, M.: ProB: A Model Checker for B. In: Araki, K., Gnesi, S., Mandrioli, D. (eds.) FME 2003. LNCS, vol. 2805, pp. 855–874. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  15. 15.
    Marlet, R.: DEMONEY: Java Card Implementation. Public technical report, SECSAFE project, 11 (2002)Google Scholar
  16. 16.
    Marlet, R., Mesnil, C.: DEMONEY: A demonstrative Electronic Purse - Card Specification -. Public technical report, SECSAFE project, 11 (2002)Google Scholar
  17. 17.
    Samarati, P., De Capitani di Vimercati, S.: Access Control: Policies, Models, and Mechanisms. In: Focardi, R., Gorrieri, R. (eds.) FOSAD 2000. LNCS, vol. 2171, pp. 137–196. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  18. 18.
    Schneider, F.B.: Enforceable security policies. Information and System Security 3(1), 30–50 (2000)CrossRefGoogle Scholar
  19. 19.
    SecSafe. SecSafe Porject Home Page,
  20. 20.
    Sekerinski, E., Zurob, R.: Translating Statecharts to B. In: Butler, M., Petre, L., Sere, K. (eds.) IFM 2002. LNCS, vol. 2335, pp. 128–144. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  21. 21.
    SUN. Java Card 2.1 Platform Specifications,
  22. 22.
    Trentelman, K., Huisman, M.: Extending JML Specifications with Temporal Logic. In: Kirchner, H., Ringeissen, C. (eds.) AMAST 2002. LNCS, vol. 2422, pp. 334–348. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  23. 23.
    Voisinet, J.-C., Tatibouet, B.: Generating Statecharts from B Specifications. In: 16th Int Conf. on Software and System Engineering and their applications (ISCEA 2003), vol. 1 (2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Didier Bert
    • 1
  • Marie-Laure Potet
    • 1
  • Nicolas Stouls
    • 1
  1. 1.Laboratoire Logiciels Systèmes Réseaux - LSR-IMAGGrenobleFrance

Personalised recommendations