Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/mgrojo/coap_spark

Formally verified implementation of the CoAP protocol in SPARK/Ada
https://github.com/mgrojo/coap_spark

ada coap formal-verification iot spark-ada

Last synced: 22 days ago
JSON representation

Formally verified implementation of the CoAP protocol in SPARK/Ada

Awesome Lists containing this project

README 

          
[![Build](https://github.com/mgrojo/coap_spark/actions/workflows/main.yml/badge.svg)](https://github.com/mgrojo/coap_spark/actions/workflows/main.yml)

[![AppImage](https://github.com/mgrojo/coap_spark/actions/workflows/appimage.yml/badge.svg)](https://github.com/mgrojo/coap_spark/actions/workflows/appimage.yml)

[![GNATprove](https://github.com/mgrojo/coap_spark/actions/workflows/prove.yml/badge.svg)](https://github.com/mgrojo/coap_spark/actions/workflows/prove.yml)

[![codecov](https://codecov.io/gh/mgrojo/coap_spark/graph/badge.svg?token=2AEXL06XHU)](https://codecov.io/gh/mgrojo/coap_spark)

[![Alire](https://img.shields.io/endpoint?url=https://alire.ada.dev/badges/coap_spark.json)](https://alire.ada.dev/crates/coap_spark.html)



# CoAP-SPARK

CoAP-SPARK is a library implementing the Constrained Application Protocol (CoAP)

as defined in

[RFC 7252](https://www.rfc-editor.org/rfc/rfc7252), developed in the SPARK 

language, the formally verified subset of the Ada programming language.



The objective is to build a formally verified working CoAP

implementation, mainly for academic purposes.



## Dependencies

CoAP-SPARK uses:

* [Alire](https://alire.ada.dev) as source package manager (independently installed)

* [RecordFlux](https://github.com/AdaCore/RecordFlux) as a tool facilitating the implementation of the verifiable

  protocol parser and the state machine of a session (included as Git submodule)

* [WolfSSL](https://github.com/wolfSSL/wolfssl) as library for implementing the DTLS communications

  (included as Git submodule)

* [GNAT](https://github.com/alire-project/GNAT-FSF-builds) 14.2.1 (toolchain managed by Alire)

* [GNATProve](https://github.com/alire-project/GNAT-FSF-builds) 14.1.1 (dependency managed by Alire)

* [Aunit](https://github.com/AdaCore/aunit) for unit-testing the library (dependency managed by Alire)

* [bbt](https://github.com/LionelDraghi/bbt) for testing (installable via Alire)



## How to set-up



Clone the repository recursing on submodules:

```

git clone --recurse-submodules https://github.com/mgrojo/coap_spark.git

```

The source code generated by RecordFlux is already added to the repository.

If you want to generate it yourself, follow these two steps:



Build RecordFlux following instructions on

[`tools/RecordFlux/doc/development_guide/index.rst`](tools/RecordFlux/doc/development_guide/index.rst).



Generate source code from the CoAP model using RecordFlux with:

```

make generate

```



## How to build



Install [Alire](https://alire.ada.dev/) and build the library running:

```

alr build

```



For building the client and server programs:

```

alr -C client build

alr -C server build

```



## How to test

Install `bbt` running:

```

alr install bbt

```



And then run the tests with:

```

make -C client/tests

make -C server/tests

```



Thanks to `bbt`, the test specification can also work as documentation of the

features available in the server and the client. You can see:



* Client tests for [plain CoAP](client/tests/coap_client_tests.md) and 

 [CoAP over DTLS](client/tests/coaps_client_tests.md)

* Server tests for [plain CoAP](server/tests/coap_server_tests.md) and

 [CoAP over DTLS](server/tests/coaps_server_tests.md)



There are also some unit tests for the library. To run them, enter the `tests/`

directory and run them using Alire:

```

cd tests; alr run

```



## How to prove

The project (library, client and server) is currently proved up to the silver mode.



The [`proof/`](proof/) directory contains the results of passing GNATProve. You can replay it running:

```

alr gnatprove --replay

```



Or if you want to start afresh,for example, using a different version of

`gnatprove`, simply run:

```

alr gnatprove

```



The project is using `gnatprove` from the Alire community index. You can install it running this:

```

alr install gnatprove

```



The Colibri solver has to be installed separately, for example, from the

[GNAT Community Edition 2021](https://www.adacore.com/download). After installation,

and before running `gnatprove`, you have to put `{GNAT-2021-HOME}/libexec/spark/bin`

in the `PATH`, so `gnatprove` can find the `colibri` executable.



## Status

CoAP-SPARK is a working and verified implementation of CoAP.



The main objective of CoAP-SPARK is to be the subject of my Master's Thesis, but

I think it can be used in scenarios where these limitations are not an issue:

- There are no retransmissions.

- It only supports NoSec and PreSharedKey security modes.

- Block-wise transfers are not implemented. Nevertheless, this isn't part of the

  main RFC 7252 for CoAP, but of [RFC 7959](https://datatracker.ietf.org/doc/rfc7959/).



Regarding the implemented client, it is able to

substitute libcoap's coap-client, for example, when called from a project like

[ikea-smartlight](https://github.com/slokhorst/ikea-smartlight/).



The server implementation is an example of a CoAP server that can answer to CRUD

requests, storing resources in memory.



Bug reports, feedback or suggestions on how to improve the library are very welcome.