A Complexity Preserving Transformation from Jinja Bytecode to Rewrite Systems

We revisit known transformations from Jinja bytecode to rewrite systems from the viewpoint of runtime complexity. Suitably generalising the constructions proposed in the literature, we define an alternative representation of Jinja bytecode (JBC) executions as "computation graphs" from which we obtain a novel representation of JBC executions as "constrained rewrite systems". We prove non-termination and complexity preservation of the transformation. We restrict to well-formed JBC programs that only make use of non-recursive methods and expect tree-shaped objects as input. Our approach allows for simplified correctness proofs and provides a framework for the combination of the computation graph method with standard techniques from static program analysis like for example "reachability analysis".Comment: 36 page

Formal Semantics for Java-like Languages and Research Opportunities

The objective of this paper is twofold: first, we discuss the state of art on Java-like semantics, focusing on those that provide formal specification using operational semantics (big-step or small-step), studying in detail the most cited projects and presenting some derivative works that extend the originals aggregating useful features. Also, we filter our research for those that provide some insights in type-safety proofs. Furthermore, we provide a comparison between the most used projects in order to show which functionalities are covered in such projects. Second, our effort is focused towards the research opportunities in this area, showing some important works that can be applied to the previously presented projects to study features of object-oriented languages, and pointing for some possibilities to explore in future researches

Extending and Applying a Framework for the Cryptographic Verification of Java Programs

Abstract. In our previous work, we have proposed a framework which allows tools that can check standard noninterference properties but a priori cannot deal with cryptography to establish cryptographic indistinguishability properties, such as privacy properties, for Java programs. We refer to this framework as the CVJ framework (Cryptographic Verification of Java Programs) in this paper. While so far the CVJ framework directly supports public-key encryption (without corruption and without a public-key infrastructure) only, in this work we further instantiate the framework to support, among others, public-key encryption and digital signatures, both with corruption and a public-key infrastructure, as well as (private) symmetric encryption. Since these cryptographic primitives are very common in security-critical applications, our extensions make the framework much more widely applicable. To illustrate the usefulness and applicability of the extensions proposed in this paper, we apply the framework along with the tool Joana, which allows for the fully automatic verification of noninterference properties of Java programs, to establish cryptographic privacy properties of a (non-trivial) cloud storage application, where clients can store private information on a remote server.

A Hybrid Approach for Proving Noninterference of Java Programs

Several tools and approaches for proving noninterference properties for Java and other languages exist. Some of them have a high degree of automation or are even fully automatic, but overapproximate the actual information flow, and hence, may produce false positives. Other tools, such as those based on theorem proving, are precise, but may need interaction, and hence, analysis is time-consuming. In this paper, we propose a hybrid approach that aims at obtaining the best of both approaches: We want to use fully automatic analysis as much as possible and only at places in a program where, due to overapproximation, the automatic approaches fail, we resort to more precise, but interactive analysis, where the latter involves only the verification of specific functional properties in certain parts of the program, rather than checking more intricate noninterference properties for the whole program. To illustrate the hybrid approach, in a case study we use the hybrid approach–along with the fully automatic tool Joana for checking noninterference properties for Java programs and the theorem prover KeY for the verification of Java programs–and the CVJ framework proposed by Küsters, Truderung, and Graf to establish cryptographic privacy properties for a non-trivial Java program, namely an e-voting system. The CVJ framework allows one to establish cryptographic indistinguishability properties for Java programs by checking (standard) noninterference properties for such programs

12th International Workshop on Termination (WST 2012) : WST 2012, February 19–23, 2012, Obergurgl, Austria / ed. by Georg Moser

This volume contains the proceedings of the 12th International Workshop on Termination (WST 2012), to be held February 19–23, 2012 in Obergurgl, Austria. The goal of the Workshop on Termination is to be a venue for presentation and discussion of all topics in and around termination. In this way, the workshop tries to bridge the gaps between different communities interested and active in research in and around termination. The 12th International Workshop on Termination in Obergurgl continues the successful workshops held in St. Andrews (1993), La Bresse (1995), Ede (1997), Dagstuhl (1999), Utrecht (2001), Valencia (2003), Aachen (2004), Seattle (2006), Paris (2007), Leipzig (2009), and Edinburgh (2010). The 12th International Workshop on Termination did welcome contributions on all aspects of termination and complexity analysis. Contributions from the imperative, constraint, functional, and logic programming communities, and papers investigating applications of complexity or termination (for example in program transformation or theorem proving) were particularly welcome. We did receive 18 submissions which all were accepted. Each paper was assigned two reviewers. In addition to these 18 contributed talks, WST 2012, hosts three invited talks by Alexander Krauss, Martin Hofmann, and Fausto Spoto

A Machine-Checked, Type-Safe Model of Java Concurrency : Language, Virtual Machine, Memory Model, and Verified Compiler

The Java programming language provides safety and security guarantees such as type safety and its security architecture. They distinguish it from other mainstream programming languages like C and C++. In this work, we develop a machine-checked model of concurrent Java and the Java memory model and investigate the impact of concurrency on these guarantees. From the formal model, we automatically obtain an executable verified compiler to bytecode and a validated virtual machine

From Formal Semantics to Verified Slicing : A Modular Framework with Applications in Language Based Security

This book presents a modular framework for slicing in the proof assistant Isabelle/HOL which is based on abstract control flow graphs. Building on such abstract structures renders the correctness results language-independent. To prove that they hold for a specific language, it remains to instantiate the framework with this language, which requires a formal semantics of this language in Isabelle/HOL. We show that formal semantics even for sophisticated high-level languages are realizable

Ability to Identify Occupational Health and Safety (OHS) Hazards in Small Sized Enterprises Workers in Cimanggis District, Depok City, West Java

Background: The high number of SMEs players in Depok has an impact on high employment. A large number of workers in SMEs that have not been maximized in applying safety and health aspects in the workplace has the risk of causing several problems such as minor injuries, ergonomic problems, old and insecure equipment, lack of workers' knowledge and poor work environment conditions. Objective: This study aims to assess the ability of workers to recognize OHS hazards in SMEs assisted by Cimanggis District Health Center, Depok City, West Java. Methods: This study used a cross-sectional design carried out on 36 SMEs assisted by Cimanggis Health Center, Depok City, West Java. In each of the selected SMEs, one worker was then interviewed using the ODK Collect application to assess characteristics, knowledge, attitudes, behavior, and assessment of the ability to recognize OHS hazards in SMEs. Results: The results of the study showed that only 41.7% of SMEs were able to recognize OHS hazards properly. In addition, the results show that there are more who have good knowledge (53%), poor attitudes (64%) and bad behavior (61%). Female workers, workers who have working hours of more than 8 hours per day, and SMEs workers with low occupational risks are found to be better in their ability to recognize OHS hazards. Conclusion: The ability to recognize OHS hazards for SMEs workers assisted by Cimanggis District, Depok, West Java is still very slight (under 50%). For this reason, it is necessary to intervene in OHS aspects in SMEs so that these hazards can be minimize

On the generation and analysis of program transformations

This thesis discusses the idea of using domain specific languages for program transformation, and the application, implementation and analysis of one such domain specific language that combines rewrite rules for transformation and uses temporal logic to express its side conditions. We have conducted three investigations. - An efficient implementation is described that is able to generate compiler optimizations from temporal logic specifications. Its description is accompanied by an empirical study of its performance. - We extend the fundamental ideas of this language to source code in order to write bug fixing transformations. Example transformations are given that fix common bugs within Java programs. The adaptations to the transformation language are described and a sample implementation which can apply these transformations is provided. - We describe an approach to the formal analysis of compiler optimizations that proves that the optimizations do not change the semantics of the program that they are optimizing. Some example proofs are included. The result of these combined investigations is greater than the sum of their parts. By demonstrating that a declarative language may be efficiently applied and formally reasoned about satisfies both theoretical and practical concerns, whilst our extension towards bug fixing shows more varied uses are possible