29,279 research outputs found
Total Haskell is Reasonable Coq
We would like to use the Coq proof assistant to mechanically verify
properties of Haskell programs. To that end, we present a tool, named
hs-to-coq, that translates total Haskell programs into Coq programs via a
shallow embedding. We apply our tool in three case studies -- a lawful Monad
instance, "Hutton's razor", and an existing data structure library -- and prove
their correctness. These examples show that this approach is viable: both that
hs-to-coq applies to existing Haskell code, and that the output it produces is
amenable to verification.Comment: 13 pages plus references. Published at CPP'18, In Proceedings of 7th
ACM SIGPLAN International Conference on Certified Programs and Proofs
(CPP'18). ACM, New York, NY, USA, 201
FunTAL: Reasonably Mixing a Functional Language with Assembly
We present FunTAL, the first multi-language system to formalize safe
interoperability between a high-level functional language and low-level
assembly code while supporting compositional reasoning about the mix. A central
challenge in developing such a multi-language is bridging the gap between
assembly, which is staged into jumps to continuations, and high-level code,
where subterms return a result. We present a compositional stack-based typed
assembly language that supports components, comprised of one or more basic
blocks, that may be embedded in high-level contexts. We also present a logical
relation for FunTAL that supports reasoning about equivalence of high-level
components and their assembly replacements, mixed-language programs with
callbacks between languages, and assembly components comprised of different
numbers of basic blocks.Comment: 15 pages; implementation at https://dbp.io/artifacts/funtal/;
published in PLDI '17, Proceedings of the 38th ACM SIGPLAN Conference on
Programming Language Design and Implementation, June 18 - 23, 2017,
Barcelona, Spai
Bootbandit: A macOS Bootloader Attack
Full disk encryption (FDE) is used to protect a computer system against data theft by physical access. If a laptop or hard disk drive protected with FDE is stolen or lost, the data remains unreadable without the encryption key. To foil this defense, an intruder can gain physical access to a computer system in a so-called “evil maid” attack, install malware in the boot (pre-operating system) environment, and use the malware to intercept the victim’s password. Such an attack relies on the fact that the system is in a vulnerable state before booting into the operating system. In this paper, we discuss an evil maid type of attack, in which the victim’s password is stolen in the boot environment, passed to the macOS user environment, and then exfiltrated from the system to the attacker’s remote command and control server. On a macOS system, this attack has additional implications due to “password forwarding” technology, in which users’ account passwords also serve as FDE passwords
Automated verification of termination certificates
In order to increase user confidence, many automated theorem provers provide
certificates that can be independently verified. In this paper, we report on
our progress in developing a standalone tool for checking the correctness of
certificates for the termination of term rewrite systems, and formally proving
its correctness in the proof assistant Coq. To this end, we use the extraction
mechanism of Coq and the library on rewriting theory and termination called
CoLoR
Formal Verification of Probabilistic SystemC Models with Statistical Model Checking
Transaction-level modeling with SystemC has been very successful in
describing the behavior of embedded systems by providing high-level executable
models, in which many of them have inherent probabilistic behaviors, e.g.,
random data and unreliable components. It thus is crucial to have both
quantitative and qualitative analysis of the probabilities of system
properties. Such analysis can be conducted by constructing a formal model of
the system under verification and using Probabilistic Model Checking (PMC).
However, this method is infeasible for large systems, due to the state space
explosion. In this article, we demonstrate the successful use of Statistical
Model Checking (SMC) to carry out such analysis directly from large SystemC
models and allow designers to express a wide range of useful properties. The
first contribution of this work is a framework to verify properties expressed
in Bounded Linear Temporal Logic (BLTL) for SystemC models with both timed and
probabilistic characteristics. Second, the framework allows users to expose a
rich set of user-code primitives as atomic propositions in BLTL. Moreover,
users can define their own fine-grained time resolution rather than the
boundary of clock cycles in the SystemC simulation. The third contribution is
an implementation of a statistical model checker. It contains an automatic
monitor generation for producing execution traces of the
model-under-verification (MUV), the mechanism for automatically instrumenting
the MUV, and the interaction with statistical model checking algorithms.Comment: Journal of Software: Evolution and Process. Wiley, 2017. arXiv admin
note: substantial text overlap with arXiv:1507.0818
- …