Here you can download models and scripts that were used for analysis of the Zeroconf protocol. The analysis was done with the help of the Uppaal tool. More information, and the paper itself can be found on http://www.ita.cs.ru.nl/publications/papers/fvaan/zeroconf/full.html.

Uppaal Models of Zeroconf

• The full model
• The abstract model

Uppaal query files

• mutex.q, expresses the main property to be verified, namely mutual exclusion. More precisely: two hosts do not use the same IP address.
• nodeadlock.q, expresses that the protocol may not deadlock, note that this property has only been verified for some instances of the full model. It has not been verified for the abstracted model since the abstraction is tailored for verifying mutual exclusion.

Scripts for Uppaal

The following Python scripts are used to verify the abstract model of Zeroconf. The scripts invoke Uppaal from the command-line. A small utility called memtime is used to measure time and memory consumption. Memtime can be downloaded from the Uppaal homepage. The scripts, models, and memtime utility should all be placed in the same directory as the command-line version of Uppaal named 'verifyta', which can be found in the Uppaal distribution.

• veriScript Does the actual job of verification. The model is parametrized with parameters l and m. Therefore a whole set of models is generated. Every model is verified on its own, and the results are written in the corresponding LOG files. VeriScript runs 4 verification jobs simultaneously such that 4 processing cores of a single machine can be utilized. A file 'processingTime' will be created that contains the total processing time of veriScript.
• checkRes checks whether the output of all jobs states that the property holds.
• printRes prints the verification information for all instances.