Formal verification and security analysis of FastDFS using process algebra

FastDFS is a lightweight distributed file system that fully incorporates redundant backup, load balancing, linear expansion and other mechanisms. It is easy to build a high-performance file server cluster using FastDFS. Given the widespread usage of FastDFS, carrying out its analysis within a formal framework is highly significant. In this paper, we first model and analyze FastDFS using process algebra CSP. The three key functions that we concentrate on are uploading, downloading, and deleting files. Additionally, we pay attention to the security of FastDFS from a deterministic point of view. Utilizing the Process Analysis Toolkit (PAT) as a model checker, we employ the constructed model to validate several internal properties and security properties, including Deadlock Freedom, Divergence Freedom, Reachability, Robustness, Consistency, Eagerly Secure, Lazily Secure and Mixed Secure. Our final verification results demonstrate that the model effectively fulfills the internal properties, indicating that the system can well guarantee the management of files. However, it cannot cater to the security properties, which means the model implies some potential security vulnerabilities from a deterministic point of view.