Using Fault Injection to Assess Blockchain Systems in Presence of Faulty Smart Contracts

Detalhes bibliográficos
Autor(a) principal: Hajdu, Ákos
Data de Publicação: 2020
Outros Autores: Ivaki, Naghmeh, Kocsis, Imre, Klenik, Attila, Gönczy, László, Laranjeiro, Nuno, Madeira, Henrique, Pataricza, András
Tipo de documento: Artigo
Idioma: eng
Título da fonte: Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
Texto Completo: http://hdl.handle.net/10316/106152
https://doi.org/10.1109/ACCESS.2020.3032239
Resumo: Authors' manuscript. Published in IEEE Access 2020. The final publication is available at IEEE via http://dx.doi.org/10.1109/ACCESS.2020.3032239
id RCAP_9c11ccff11697a368ac413b9d79c357e
oai_identifier_str oai:estudogeral.uc.pt:10316/106152
network_acronym_str RCAP
network_name_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository_id_str 7160
spelling Using Fault Injection to Assess Blockchain Systems in Presence of Faulty Smart ContractsBlockchain systemsdependabilityfault injectionformal verificationsmart contractsAuthors' manuscript. Published in IEEE Access 2020. The final publication is available at IEEE via http://dx.doi.org/10.1109/ACCESS.2020.3032239Blockchain has become particularly popular due to its promise to support business-critical services in very different domains (e.g., retail, supply chains, healthcare). Blockchain systems rely on complex middleware, like Ethereum or Hyperledger Fabric, that allow running smart contracts, which specify business logic in cooperative applications. The presence of software defects or faults in these contracts has notably been the cause of failures, including severe security problems. In this paper, we use a software implemented fault injection (SWIFI) technique to assess the behavior of permissioned blockchain systems in the presence of faulty smart contracts. We emulate the occurrence of general software faults (e.g., missing variable initialization) and also blockchain-specific software faults (e.g., missing require statement on transaction sender) in smart contracts code to observe the impact on the overall system dependability (i.e., reliability and integrity). We also study the effectiveness of formal verification (i.e., done by solc-verify) and runtime protections (e.g., using the assert statement) mechanisms in detection of injected faults. Results indicate that formal verification as well as additional runtime protections have to complement built-in platform checks to guarantee the proper dependability of blockchain systems and applications. The work presented in this paper allows smart contract developers to become aware of possible faults in smart contracts and to understand the impact of their presence. It also provides valuable information for middleware developers to improve the behavior (e.g., overall fault tolerance) of their systems.This work was supported in part by the Bi-Lateral FCT-NKFIH Program Portugal-Hungary, through the Project Advanced Analytics for Empirical Assessment of Cloud Resilience, in part by the European Union's Horizon 2020 Research and Innovation Program through the Marie Sklodowska-Curie under Grant 823788 ``ADVANCE," the BME-Arti cial Intelligence TKP2020/IK grant of NRDI, in part by the NRDI Fund Based on the Charter of Bolster Issued by the NRDI Of ce under the Auspices of the Ministry for Innovation and Technology, and in part the ÚNKP-19-3 New National Excellence Program of the Ministry for Innovation and Technology.IEEE2020-06-20info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/articlehttp://hdl.handle.net/10316/106152http://hdl.handle.net/10316/106152https://doi.org/10.1109/ACCESS.2020.3032239eng2169-3536Hajdu, ÁkosIvaki, NaghmehKocsis, ImreKlenik, AttilaGönczy, LászlóLaranjeiro, NunoMadeira, HenriquePataricza, Andrásinfo:eu-repo/semantics/openAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2023-04-06T10:20:12Zoai:estudogeral.uc.pt:10316/106152Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-19T21:22:36.841126Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse
dc.title.none.fl_str_mv Using Fault Injection to Assess Blockchain Systems in Presence of Faulty Smart Contracts
title Using Fault Injection to Assess Blockchain Systems in Presence of Faulty Smart Contracts
spellingShingle Using Fault Injection to Assess Blockchain Systems in Presence of Faulty Smart Contracts
Hajdu, Ákos
Blockchain systems
dependability
fault injection
formal verification
smart contracts
title_short Using Fault Injection to Assess Blockchain Systems in Presence of Faulty Smart Contracts
title_full Using Fault Injection to Assess Blockchain Systems in Presence of Faulty Smart Contracts
title_fullStr Using Fault Injection to Assess Blockchain Systems in Presence of Faulty Smart Contracts
title_full_unstemmed Using Fault Injection to Assess Blockchain Systems in Presence of Faulty Smart Contracts
title_sort Using Fault Injection to Assess Blockchain Systems in Presence of Faulty Smart Contracts
author Hajdu, Ákos
author_facet Hajdu, Ákos
Ivaki, Naghmeh
Kocsis, Imre
Klenik, Attila
Gönczy, László
Laranjeiro, Nuno
Madeira, Henrique
Pataricza, András
author_role author
author2 Ivaki, Naghmeh
Kocsis, Imre
Klenik, Attila
Gönczy, László
Laranjeiro, Nuno
Madeira, Henrique
Pataricza, András
author2_role author
author
author
author
author
author
author
dc.contributor.author.fl_str_mv Hajdu, Ákos
Ivaki, Naghmeh
Kocsis, Imre
Klenik, Attila
Gönczy, László
Laranjeiro, Nuno
Madeira, Henrique
Pataricza, András
dc.subject.por.fl_str_mv Blockchain systems
dependability
fault injection
formal verification
smart contracts
topic Blockchain systems
dependability
fault injection
formal verification
smart contracts
description Authors' manuscript. Published in IEEE Access 2020. The final publication is available at IEEE via http://dx.doi.org/10.1109/ACCESS.2020.3032239
publishDate 2020
dc.date.none.fl_str_mv 2020-06-20
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/article
format article
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://hdl.handle.net/10316/106152
http://hdl.handle.net/10316/106152
https://doi.org/10.1109/ACCESS.2020.3032239
url http://hdl.handle.net/10316/106152
https://doi.org/10.1109/ACCESS.2020.3032239
dc.language.iso.fl_str_mv eng
language eng
dc.relation.none.fl_str_mv 2169-3536
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.publisher.none.fl_str_mv IEEE
publisher.none.fl_str_mv IEEE
dc.source.none.fl_str_mv reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron:RCAAP
instname_str Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron_str RCAAP
institution RCAAP
reponame_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
collection Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository.name.fl_str_mv Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
repository.mail.fl_str_mv
_version_ 1799134115019096064

Registros relacionados