17,547 research outputs found
Flag-based big-step semantics
Structural operational semantic specifications come in different styles: small-step and big-step. A problem with the big-step style is that specifying divergence and abrupt termination gives rise to annoying duplication. We present a novel approach to representing divergence and abrupt termination in big-step semantics using status flags. This avoids the duplication problem, and uses fewer rules and premises for representing divergence than previous approaches in the literature
First steps towards the certification of an ARM simulator using Compcert
The simulation of Systems-on-Chip (SoC) is nowadays a hot topic because,
beyond providing many debugging facilities, it allows the development of
dedicated software before the hardware is available. Low-consumption CPUs such
as ARM play a central role in SoC. However, the effectiveness of simulation
depends on the faithfulness of the simulator. To this effect, we propose here
to prove significant parts of such a simulator, SimSoC. Basically, on one hand,
we develop a Coq formal model of the ARM architecture while on the other hand,
we consider a version of the simulator including components written in
Compcert-C. Then we prove that the simulation of ARM operations, according to
Compcert-C formal semantics, conforms to the expected formal model of ARM. Size
issues are partly dealt with using automatic generation of significant parts of
the Coq model and of SimSoC from the official textual definition of ARM.
However, this is still a long-term project. We report here the current stage of
our efforts and discuss in particular the use of Compcert-C in this framework.Comment: First International Conference on Certified Programs and Proofs 7086
(2011
A Semantic Framework for the Security Analysis of Ethereum smart contracts
Smart contracts are programs running on cryptocurrency (e.g., Ethereum)
blockchains, whose popularity stem from the possibility to perform financial
transactions, such as payments and auctions, in a distributed environment
without need for any trusted third party. Given their financial nature, bugs or
vulnerabilities in these programs may lead to catastrophic consequences, as
witnessed by recent attacks. Unfortunately, programming smart contracts is a
delicate task that requires strong expertise: Ethereum smart contracts are
written in Solidity, a dedicated language resembling JavaScript, and shipped
over the blockchain in the EVM bytecode format. In order to rigorously verify
the security of smart contracts, it is of paramount importance to formalize
their semantics as well as the security properties of interest, in particular
at the level of the bytecode being executed.
In this paper, we present the first complete small-step semantics of EVM
bytecode, which we formalize in the F* proof assistant, obtaining executable
code that we successfully validate against the official Ethereum test suite.
Furthermore, we formally define for the first time a number of central security
properties for smart contracts, such as call integrity, atomicity, and
independence from miner controlled parameters. This formalization relies on a
combination of hyper- and safety properties. Along this work, we identified
various mistakes and imprecisions in existing semantics and verification tools
for Ethereum smart contracts, thereby demonstrating once more the importance of
rigorous semantic foundations for the design of security verification
techniques.Comment: The EAPLS Best Paper Award at ETAP
TLA+ Proofs
TLA+ is a specification language based on standard set theory and temporal
logic that has constructs for hierarchical proofs. We describe how to write
TLA+ proofs and check them with TLAPS, the TLA+ Proof System. We use Peterson's
mutual exclusion algorithm as a simple example to describe the features of
TLAPS and show how it and the Toolbox (an IDE for TLA+) help users to manage
large, complex proofs.Comment: A shorter version of this article appeared in the proceedings of the
conference Formal Methods 2012 (FM 2012, Paris, France, Springer LNCS 7436,
pp. 147-154
- …