20,066 research outputs found
Optimizing for confidence - Costs and opportunities at the frontier between abstraction and reality
Is there a relationship between computing costs and the confidence people
place in the behavior of computing systems? What are the tuning knobs one can
use to optimize systems for human confidence instead of correctness in purely
abstract models? This report explores these questions by reviewing the
mechanisms by which people build confidence in the match between the physical
world behavior of machines and their abstract intuition of this behavior
according to models or programming language semantics. We highlight in
particular that a bottom-up approach relies on arbitrary trust in the accuracy
of I/O devices, and that there exists clear cost trade-offs in the use of I/O
devices in computing systems. We also show various methods which alleviate the
need to trust I/O devices arbitrarily and instead build confidence
incrementally "from the outside" by considering systems as black box entities.
We highlight cases where these approaches can reach a given confidence level at
a lower cost than bottom-up approaches.Comment: 11 pages, 1 figur
Hierarchical gate-level verification of speed-independent circuits
This paper presents a method for the verification of speed-independent circuits. The main contribution is the reduction of the circuit to a set of complex gates that makes the verification time complexity depend only on the number of state signals (C elements, RS flip-flops) of the circuit. Despite the reduction to complex gates, verification is kept exact. The specification of the environment only requires to describe the transitions of the input/output signals of the circuit and is allowed to express choice and non-determinism. Experimental results obtained from circuits with more than 500 gates show that the computational cost can be drastically reduced when using hierarchical verification.Peer ReviewedPostprint (published version
Program equivalence for a concurrent lambda calculus with futures
Reasoning about the correctness of program transformations requires a notion of program equivalence. We present an observational semantics for the concurrent lambda calculus with futures Lambda(fut), which formalizes the operational semantics of the programming language Alice ML. We show that natural program optimizations, as well as partial evaluation with respect to deterministic rules, are correct for Lambda(fut). This relies on a number of fundamental properties that we establish for our observational semantics
Beyond Good and Evil: Formalizing the Security Guarantees of Compartmentalizing Compilation
Compartmentalization is good security-engineering practice. By breaking a
large software system into mutually distrustful components that run with
minimal privileges, restricting their interactions to conform to well-defined
interfaces, we can limit the damage caused by low-level attacks such as
control-flow hijacking. When used to defend against such attacks,
compartmentalization is often implemented cooperatively by a compiler and a
low-level compartmentalization mechanism. However, the formal guarantees
provided by such compartmentalizing compilation have seen surprisingly little
investigation.
We propose a new security property, secure compartmentalizing compilation
(SCC), that formally characterizes the guarantees provided by
compartmentalizing compilation and clarifies its attacker model. We reconstruct
our property by starting from the well-established notion of fully abstract
compilation, then identifying and lifting three important limitations that make
standard full abstraction unsuitable for compartmentalization. The connection
to full abstraction allows us to prove SCC by adapting established proof
techniques; we illustrate this with a compiler from a simple unsafe imperative
language with procedures to a compartmentalized abstract machine.Comment: Nit
Lambda-lifting and CPS conversion in an imperative language
This paper is a companion technical report to the article
"Continuation-Passing C: from threads to events through continuations". It
contains the complete version of the proofs of correctness of lambda-lifting
and CPS-conversion presented in the article.Comment: arXiv admin note: substantial text overlap with arXiv:1011.455
- …