Course description

Lecture notes








CS 395T - Design and Analysis of Security Protocols (54302)

Fall 2004

Murphi tips

  • Tutorial and user manual are in /projects/shmat/Murphi3.1/doc

  • If you are having problems with compiling Murphi-generated C++ code, try compiling it with /usr/bin/g++

  • Always run your Murphi model with the -ndl option to make sure verification does not stop once a deadlock state is reached (typically, deadlock is not an issue for security protocols).

  • Scalarsets are enumerated types. They are similar to enum types in C++. For example, type declaration AgentId:scalarset(5) says that variables of type AgentId can take one of 5 (unnamed) values. Scalarset types are simply finite, unordered sets of values.
    If you write ruleset i: ScalarType where ScalarType is a Scalarset type, then the enclosed rule will be executed once for every possible value of ScalarType. For each execution, the current value can be accessed as i.

  • Multisets are data structures. A multiset is a set in which the same element may be included more than once. Multisets are similar to arrays, except that they are unordered.
    If you write multisetcount(m:mset,P) where mset is declared as a multiset and P is a predicate (i.e., a function returning true or false), then P will be applied to every element of the multiset mset, and the return value of multisetcount will be the number of elements of mset on which P evaluated to true. Within the body of P, the current element (i.e., the element to which the predicate P is being applied) can be accessed as mset[m].