3,567 research outputs found
Multilevel Contracts for Trusted Components
This article contributes to the design and the verification of trusted
components and services. The contracts are declined at several levels to cover
then different facets, such as component consistency, compatibility or
correctness. The article introduces multilevel contracts and a
design+verification process for handling and analysing these contracts in
component models. The approach is implemented with the COSTO platform that
supports the Kmelia component model. A case study illustrates the overall
approach.Comment: In Proceedings WCSI 2010, arXiv:1010.233
A B model for ensuring soundness of a large subset of the Java Card virtual machine
AbstractJava Cards are a new generation of smart cards that use the Java programming language. As smart cards are usually used to supply security to an information system, security requirements are very strong. The byte code interpreter and verifier are crucial components of such cards, and proving their safety can become a competitive advantage. Previous works have been done on methodology for proving the soundness of the byte code interpreter and verifier using the B method. It refines an abstract defensive interpreter into a byte code verifier and a byte code interpreter. However, this work had only been tested on a very small subset of the Java Card instruction set. This paper presents a work aiming at verifying the scalability of this previous work. The original instruction subset of about 10 instructions has been extended to a larger subset of more than one hundred instructions, and the additional cost of the proof has been managed by modifying the specification in order to group opcodes by properties
Properties preservation during transformation
To prove the correctness of a program (written in a high level programming language) with respect to a speciïŹcation (a set of proof obligations) does not assure the correctness of the machine code
that the end-user will run after compilation and deployment phases. The code generated by the compiler should be veriïŹed again to guarantee
that its correctness was preserved, and then that it can be executed in safety.
In the context of a Ph.D. work in the area of software analysis and transformation, we are looking for a suitable approach to prove that the
software properties (validated at source level) are kept during translation.
In this position paper we introduce our architectural proposal, and discuss the platform and we are building for Java+JML on the top of Eclipse.Fundação para a CiĂȘncia e a Tecnologia (FCT) - MAPi/FCT, bolsa de doutoramento nÂș. SFRH/BD/33231/2007
Formalizing non-interference for a simple bytecode language in Coq
In this paper, we describe the application of the interactive theorem prover Coq to the security analysis of bytecode as used in Java. We provide a generic specification and proof of non-interference for bytecode languages using the Coq module system. We illustrate the use of this formalization by applying it to a small subset of Java bytecode. The emphasis of the paper is on modularity of a language formalization and its analysis in a machine proof
06191 Abstracts Collection -- Rigorous Methods for Software Construction and Analysis
From 07.05.06 to 12.05.06, the Dagstuhl Seminar 06191 ``Rigorous Methods for Software Construction and Analysis\u27\u27 was held in the International Conference and Research Center (IBFI), Schloss Dagstuhl.
During the seminar, several participants presented their current
research, and ongoing work and open problems were discussed. Abstracts of
the presentations given during the seminar as well as abstracts of
seminar results and ideas are put together in this paper. The first section
describes the seminar topics and goals in general.
Links to extended abstracts or full papers are provided, if available
- âŠ