Formalizing Mobile Ad Hoc and Sensor Networks ... - ScienceDirect

Available online at www.sciencedirect.com

ScienceDirect Procedia Computer Science 63 (2015) 148 – 153

The 6th International Conference on Emerging Ubiquitous Systems and Pervasive Networks (EUSPN 2015)

Formalizing Mobile Ad Hoc and Sensor Networks using VDM-SL Shehla Riaza, Hamra Afzaala, Muhammad Imranb, Nazir Ahmad Zafara,*, Mehmet Sabih Aksoyb a

Department of Computer Science, COMSATS Institute of Information Technology, Sahiwal, 57000, Pakistan b College of Computer and Information Sciences, King Saud University, Riyadh, 12372, Saudi Arabia

Abstract Mobile ad hoc and sensor networks (MAHSNs) are expected to become the fabric of modern societies. Despite considerable advancements, these networks are yet unable to surmount many operational challenges especially in safety-critical large-scale applications. Most of the published research focused on performance analysis of nonfunctional properties and ignore correctness of the approach which is vital in large and complex systems. This paper investigates an alternative formal specification and analysis technique for MAHSNs. We model MAHSNs as dynamic graph and employ VDM-SL for formal specification and verification of LASCNN algorithm. Constraints are put on the data where required to support validation of the formal algorithm. Pre and post conditions are defined for correct operation of communication in terms of messages. VDM-SL is used because it is a formal specification language to describe detailed examination of the system. The specification is analyzed and validated using VDM-SL toolbox. © 2014The TheAuthors. Authors.Published Published Elsevier © 2015 by by Elsevier B.V.B.V. This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/). Peer-review under responsibility of the Program Chairs. Peer-review under responsibility of the Program Chairs Keywords:Mobile ad hoc and sensor netowrks; formal specification and analysis; VDM-SL

1. Introduction Mobile Ad hoc and Sensor Networks (MAHSNs) are getting growing interest because of their wide range of applications especially in critical areas, e.g., security, safety, quality of life, health, environment, energy and economy. These networks employ wirelessly connected nodes (stationary and mobile) to operate autonomously in unattended setups. Despite significant advancements in all aspects (e.g., algorithms, architecture, tools, standards),

* Nazir Ahmad Zafar. Tel.: +92-333-525-2706; fax: +92-40-430-5005. E-mail address: [email protected]

1877-0509 © 2015 The Authors. Published by Elsevier B.V. This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/). Peer-review under responsibility of the Program Chairs doi:10.1016/j.procs.2015.08.325

Shehla Riaz et al. / Procedia Computer Science 63 (2015) 148 – 153

149

these networks are yet unable to surmount many operational and design challenges especially for safety-critical large scale applications. This is mainly because most of the existing research primarily focused on performance analysis of nonfunctional properties (e.g., energy, delay, and throughput) through modeling and simulations. Simulations are only helpful in quantitative performance analysis and do not guarantee correctness of the algorithm which is vital in complex and safety-critical applications. Although, formal methods have been effectively employed for verification of functional properties of complex and safety-critical systems such as air traffic control, missile control systems, however, very little attention has been paid in employing formal approaches for protocol verification especially in MAHSNs. This paper investigates an alternative formal specification and analysis technique for MAHSNs. We employ VDM-SL as formal specification language for LASCNN1 algorithm which was proposed in our earlier work for segregation of critical and non-critical nodes. Due to their analogous nature, we model MAHSNs as dynamic graphs where vertices and edges represent nodes and wireless links. We transform graph based models in to corresponding formal specification using VDM-SL notations. The algorithm is analyzed using VDM-SL toolbox. Model-oriented formal methods like VDM-SL build mutually statics and dynamics of systems. VDM-SL is mostly employed for the formal specification, verification and confirmation of adverse and significant systems. The syntax of VDM-SL uses sets, sequences, maplets, composite types and many other constructs for modeling systems formally. The invariants, pre and post conditions make the specification expressive. Almost each and every aspect of systems can be modeled by using VDM-SL. Rest of the paper is organized as follows: Formal specification of LASCNN using VDM-SL is presented in Section 2. Specification results are discussed in Section 3. Section 4 briefly describes few related works. Section 5 concludes the paper. 2. Formal specification of LASCNN using VDM-SL The aim of this work is to explore an alternative for formal specification and analysis of MAHSNs. The prime objective of this work is to employ VDM-SL for formal specification and analysis of MAHSNs in general and LASCNN in particular. First, we briefly describe the working of LASCNN algorithm and formal specification using VDM-SL is presented after it. In MAHSNs, nodes are randomly deployed and can move on-demand which causes frequent changes in network topology. After deployment, nodes periodically exchange beacon messages containing information such as ID and location to discover their neighbors, establish and maintain communication links2. For example, a connected MAHSN is shown in Fig. 1. LASCNN is distributed algorithm that segregates critical and non-critical nodes based on localized information. Each node maintains a k-hop connection list and determines whether it is critical or non-critical. Table 1 shows a 1-hop, 2-hop and 3-hop connection list for N1. A node is k-hop critical if its removal disconnect its neighbors, non-critical otherwise. For example, N1 is 1-hop critical as its immediate neighbors (N2, N3, N4 and N5) become disconnected without it. On the other hand, leaf nodes such as N8 are always non-critical. N5 is a 2-hop intermediate non-critical node as all of its neighbors remain connected at 2hops. For detail description of LASCNN, reader is referred to3.

Fig.1. A sample connected MAHSNs

Table 1. 1-hop, 2-hop and 3-hop connection list of N1

150

Shehla Riaz et al. / Procedia Computer Science 63 (2015) 148 – 153

Formal specification of LASCNN is described using VDM-SL. MAHSNs are modeled using dynamic graphs because topology is subject to change after joining or leaving of nodes or link failures. All communication links are represented by edges of same type. The state space of topology is updated if a node is connected or disconnected from the network and procedure of LASCNN is presented using VDM-SL. The topology is denoted by the composite object type DynamicGraph which consists of nodes and edges. But before we define this type, a node type and Edge type is defined. A node is assumed as a token and Edge consists of two nodes that are not equal that means the node is not connected to itself, i.e., there is no loop in the DynamicGraph. The individual components of a composite type are referred to as fields. In DynamicGraph, the field nodes have type set of node and edges have type set of Edge.

Invariants: (1) For every edge in the network, there exist two nodes such that the nodes formulate a link in the network topology. (2) For any two nodes in the graph there is an edge, i.e., the topology is the connected graph. Sensor is composite object type which combines the fields, i.e., node identifier having type node, its type having two values i.e. critical or non-critical, neighbors having type set of node are required as sensors communicate with its neighbors, 1-hoplist, 2-hoplist, 3-hoplist are the set of edges and connectivity is used to check whether the node is connected or disconnected.

Invariants: (1) Identifier of sensor node does not belong to its neighbors. (2) First node in every edge of 1-hoplist is sensor itself. (3) Either first node in edges of 2-hoplist is sensor itself or there exists another edge in the 2-hoplist whose first node is the sensor identifier. (4) Either first node in edges of 3-hoplist is the sensor itself or there exists another edge in the 3-hoplist whose first node is the sensor identifier. (5) Second element in the 1-hoplist of the sensor belongs to its neighbors. (6) All the nodes in the 2-hoplist, except sensor identifier, belong to its set neighbors. (7) All the nodes in the 3-hoplist, except sensor identifier, belong to its set neighbors. (8) If 1-hoplist is non-empty then node is assumed as 1-hop connected. (9) If there exists an edge in the 2-hoplist in which sensor identifier is neither first nor second then sensor node is assumed as 2-hop connected. (10) If there exists an edge in the 3-hoplist in which sensor identifier is neither first nor second then sensor node is assumed as 3-hop or 2-hop connected. MAHSN is defined as state which consists of ten attributes, i.e., nodes, edges, sensor representing set of all objects of the network, sensor neighbors, temporary neighbors list, path as a sequence of nodes, connection list for the active connections, sensors in the network which are either critical or non-critical and mapping representing connected nodes.

Invariants:(1) Every sensor identifier is a node in the network topology. (2) Every node in the network topology is the sensor identifier. (3) Every link between sensor and its neighbors is represented as an edge in the network

Shehla Riaz et al. / Procedia Computer Science 63 (2015) 148 – 153

151

topology. All the direct neighbors of a sensor form an edge with the sensor in the network topology. (4) For any two sensors there is a path in the network topology, i.e., for every sensor there is at least one sensor responsible for receiving information and delivering it to the required sensor through an appropriate and efficient path. The path is described as a sequence of nodes. The first and last elements in the sequence are source and target sensors for sharing the required information. It is verified that for every pair of consecutive elements in the sequence, it is an edge in the network topology. It is noted that there does not exist any loop in the communication path between source and target sensors of the sequence, i.e., all the elements in path sequence are disjoint. Formal specification of the few important operations is described below. The AddNodes operation takes a node and adds it to the nodes of the network. The pre and post conditions are defined for the correct execution of the operation.

Pre/Post Conditions: (1) The node to be added is known to the network. (2) The input node is added to the network. (3) Every node to be added must be in the set domain of connection. (4) All nodes in set domain of connection must be in set nodes. (5) Any node in the domain of connection relation does not belong to its image set under the relation, i.e., the node is not connected to itself. (6) Edge-set is updated by stating that one end point of an added edge is in previous and the other is in the new node-set. The second operation is denoted by DeleteNodes operation in which the input node is removed from the network. Pre/Post Conditions: (1) The node to be removed is known to the network. (2) The network is updated by removing set of nodes. (3) The network is updated by removing the associated set of edges. Now formal specification of the algorithm to identify critical or non-critical nodes is described using LASCNN operation.

Pre/Post Conditions: (1) The node is leaf if size of its connection list is 1. (2) For every edge in the connected list of a sensor the edge which does not contain the sensor itself is identified then the nodes that are in the edge are added in the temporary set of neighbors. If there is a common node in edge and temporary list, the other node of the edge will be included in connection neighbors list. This process is repeated for all the edges of the connection list. After processing of all the edges, it is checked if the number of nodes in the temporary neighbor list is less than the number of neighbors of the sensor node then the node is identified as a critical otherwise intermediate non-critical. The lists of critical and non-critical nodes of the network are updated regularly. 3. Results and analysis Model analysis is provided for the formal specification using VDM-SL toolbox. VDM-SL is used for the detailed level examination of the critical systems. During analysis it was observed that there was no syntax and type error. It was also noted that there was no warnings in the specification. In the specification, constraints are put on the data

152

Shehla Riaz et al. / Procedia Computer Science 63 (2015) 148 – 153

Shehla Riaz et al. / Procedia Computer Science 63 (2015) 148 – 153

153

5. Conclusion This paper has presented a formal specification of LASCNN algorithm proposed for MAHSNs using VDM-SL. The formal specification is analyzed, validated and verified using VDM-SL toolbox which shows its correctness. We modeled MAHSNs as dynamic graphs to increase power and transformed LASCNN to corresponding formal specification using VDM-SL. By using VDM-SL and detailed level analysis, defects were identified at earliest. The approach we have used to examine MAHSNs can be utilized to examine any other similar systems. This is because we observed that a natural relationship exists between graph theory and VDM-SL. Formal proofs are used in VDMSL to satisfy system properties. By integrating graph theory with VDM-SL we have achieved the objective of integration of two useful and effective approaches for modeling of complex systems. Acknowledgements This work was supported by the Research Center of College of Computer and Information Sciences, King Saud University, Riyadh, Saudi Arabia, through the Research Project No.RC131026. Reference 1. Alnuem, M., N.A. Zafar, Imran, M., Ullah, S., & Fayed, M. Formal Specification and Validation of a Localized Algorithm for Segregation of Critical/Noncritical Nodes in MAHSNs. International Journal of Distributed Sensor Networks, 2014. 2014. 2. Imran, M., Younis, M., Haider, N., & Alnuem, M. A. Resource efficient connectivity restoration algorithm for mobile sensor/actor networks. EURASIP Journal on Wireless Communications and Networking, 2012. 2012(1): p. 1-16. 3. Imran, M., Alnuem, M. A., Fayed, M. S., & Alamri, A. Localized algorithm for segregation of critical/non-critical nodes in mobile ad hoc and sensor networks. Procedia Computer Science, 2013. 19: p. 1167-1172. 4. Hu, L., Mao, J., Zhang, B., & Zhang, R Optimal path planning of mobile ad-hoc sensor network using unmanned aerial vehicles'(UAVs'). in Software Engineering and Service Science (ICSESS), 2014 5th IEEE International Conference on. 2014. IEEE. 5. Vanninen, T., Raustia, M., Saarnisaari, H., & Iinatti, J. Frequency hopping mobile ad hoc and sensor network synchronization. in Military Communications Conference, 2008. MILCOM 2008. IEEE. 2008. IEEE. 6. Vodel, M., M. Lippmann, and W. Hardt. Dynamic channel management for advanced, energy-efficient sensor-actor-networks. in Information and Communication Technologies (WICT), 2011 World Congress on. 2011. IEEE. 7. Singh, D., U. Tiwary, and W.-Y. Chung. Connectivity of ubiquitous sensor network with fixed network. in Control, Automation and Systems, 2007. ICCAS'07. International Conference on. 2007. IEEE. 8. Li, Y., Ding, L., Sheng, J., Liu, C., & Teredesai, A. An Effective Message Forwarding Algorithm for Delay Tolerant Network with Cyclic Probabilistic Influences. in Mobile Ad-hoc and Sensor Networks (MSN), 2014 10th International Conference on. 2014. IEEE. 9. Yuan, Z., Lizhao, Y., Li, W., Chen, B., & Xu, Z. History-aware adaptive backoff for neighbor discovery in wireless networks. in Mobile Adhoc and Sensor Networks (MSN), 2011 Seventh International Conference on. 2011. IEEE. 10. Okano, K., Aoki, Y., Ohta, T., & Kakuda, Y. An Autonomous Clustering-Based Inter-domain Routing Protocol for Heterogeneous Mobile Ad Hoc Networks. in Mobile Ad-hoc and Sensor Networks (MSN), 2014 10th International Conference on. 2014. IEEE. 11. Cai, Z., et al. Survey on wireless sensor and actor network. in Intelligent Control and Automation (WCICA), 2011 9th World Congress on. 2011. IEEE. 12. Ngo, T.D. A bio-inspired hierarchical mobile sensor network for fast deployment and displacement in human impassible environments. in Ubiquitous Robots and Ambient Intelligence (URAI), 2012 9th International Conference on. 2012. IEEE. 13. Viana, A.C., S. Maag, and F. Zaidi, One step forward: Linking wireless self-organizing network validation techniques with formal testing approaches. ACM Computing Surveys (CSUR), 2011. 43(2): p. 7. 14. Imran, M. and N.A. Zafar, Formal specification and validation of a hybrid connectivity restoration algorithm for wireless sensor and actor networks. Sensors, 2012. 12(9): p. 11754-11781. 15. Akkaya, K., Thimmapuram, A., Senel, F., & Uludag, S. Distributed recovery of actor failures in wireless sensor and actor networks. in Wireless Communications and Networking Conference, 2008. WCNC 2008. IEEE. 2008. IEEE. 16. Younis, M. and K. Akkaya, Strategies and techniques for node placement in wireless sensor networks: A survey. Ad Hoc Networks, 2008. 6(4): p. 621-655. 17. Zafar, N.A., S.A. Khan, and K. Araki, Towards the safety properties of moving block railway interlocking system. Int. J. Innovative Comput., Info & Control, 2012. 8(7): p. 5677-5690. 18. Imran, M., N. A., Zafar, Alnuem, M. A., Aksoy, M. S., & Vasilakos, A. V. Formal verification and validation of a movement control actor relocation algorithm for safety–critical applications. Wireless Networks, 2015: p. 1-19.