2,720 research outputs found
Mechanized semantics
The goal of this lecture is to show how modern theorem provers---in this
case, the Coq proof assistant---can be used to mechanize the specification of
programming languages and their semantics, and to reason over individual
programs and over generic program transformations, as typically found in
compilers. The topics covered include: operational semantics (small-step,
big-step, definitional interpreters); a simple form of denotational semantics;
axiomatic semantics and Hoare logic; generation of verification conditions,
with application to program proof; compilation to virtual machine code and its
proof of correctness; an example of an optimizing program transformation (dead
code elimination) and its proof of correctness
Combining behavioural types with security analysis
Today's software systems are highly distributed and interconnected, and they
increasingly rely on communication to achieve their goals; due to their
societal importance, security and trustworthiness are crucial aspects for the
correctness of these systems. Behavioural types, which extend data types by
describing also the structured behaviour of programs, are a widely studied
approach to the enforcement of correctness properties in communicating systems.
This paper offers a unified overview of proposals based on behavioural types
which are aimed at the analysis of security properties
03411 Abstracts Collection -- Language Based Security
From October 5th to 10th 2003,the Dagstuhl Seminar 03411
``Language Based security\u27\u27 was held
in the International Conference and Research Center (IBFI), Schloss Dagstuhl.
During the seminar, several participants presented their current
research, and ongoing work and open problems were discussed. Abstracts of
the presentations given during the seminar are put together in this paper
A formal proof of modal completeness for provability logic
This work presents a formalized proof of modal completeness for G\"odel-L\"ob
provability logic (GL) in the HOL Light theorem prover. We describe the code we
developed, and discuss some details of our implementation, focusing on our
choices in structuring proofs which make essential use of the tools of HOL
Light and which differ in part from the standard strategies found in main
textbooks covering the topic in an informal setting. Moreover, we propose a
reflection on our own experience in using this specific theorem prover for this
formalization task, with an analysis of pros and cons of reasoning within and
about the formal system for GL we implemented in our code
Abstract Certification of Java Programs in Rewriting Logic
In this thesis we propose an abstraction based certification technique for Java programs which is based on rewriting logic, a very general logical and semantic framework efficiently implemented in the functional programming language Maude. We focus on safety properties, i.e. properties of a system that are defined in terms of certain events not happening, which we characterize as unreachability problems in rewriting logic. The safety policy is expressed in the style of JML, a standard property specification language for Java modules.
In order to provide a decision procedure, we enforce finite-state models of programs by using abstract interpretation.
Starting from a specification of the Java semantics written in Maude, we develop an abstraction based,
finite-state operational semantics also written in Maude which is appropriate for program verification.
As a by-product of the verification based on abstraction, a dependable safety certificate is delivered which consists of a set of rewriting proofs that can be easily checked by the code consumer by using a standard rewriting logic engine. The abstraction based proof-carrying code technique, called JavaPCC, has been implemented and successfully tested on several examples, which demonstrate the feasibility of our approach.
We analyse local properties of Java methods: i.e. properties of methods regarding their parameters and results. We also study global confidentiality properties of complete Java classes, by initially considering non--interference and, then, erasure with and without non--interference. Non--interference is a semantic program property that assigns confidentiality levels to data objects and prevents illicit information flows from occurring from high to low security levels. In this thesis, we present a novel security model for global non--interference which approximates non--interference as a safety property.Alba Castro, MF. (2011). Abstract Certification of Java Programs in Rewriting Logic [Tesis doctoral no publicada]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/13617Palanci
Mobile resource guarantees (evaluation paper)
This paper summarises the main outcomes of the Mobile Resource Guarantees (MRG) project, which focused on a proof-carrying-code (PCC) infrastructure for resources to be applied to mobile code. MRG was a three year project funded by the EC under the FET proactive initiative on Global Computing. We give an overview of the projects\u2019 results, discuss the lessons learnt from it and introduce follow-up work in new projects that will build on these results
- …