StatVerif: Verification of stateful processes

Myrto Arapinis, Joshua Phillips*, Eike Ritter, Mark D. Ryan

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

9 Citations (Scopus)


We present StatVerif, which is an extension of the ProVerif process calculus with constructs for explicit state, in order to be able to reason about protocols that manipulate global state. Global state is required by protocols used in hardware devices (such as smart cards and the trusted platform module), as well as by protocols involving databases that store persistent information. We provide the operational semantics of StatVerif. We extend the ProVerif compiler to a compiler for StatVerif, which takes processes written in the extended process language and produces Horn clauses. Our compilation is carefully engineered to avoid many false attacks. We prove the correctness of the StatVerif compiler. We illustrate our method on two examples: a small hardware security device and a contract signing protocol. We are able to prove their desired properties automatically.

Original languageEnglish
Pages (from-to)743-821
Number of pages79
JournalJournal of Computer Security
Issue number5
Publication statusPublished - 11 Jul 2014


  • Cryptographic protocols
  • Horn clauses
  • stateful processes
  • verification

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Hardware and Architecture
  • Software
  • Safety, Risk, Reliability and Quality


Dive into the research topics of 'StatVerif: Verification of stateful processes'. Together they form a unique fingerprint.

Cite this