46 research outputs found
A Finite Exact Representation of Register Automata Configurations
A register automaton is a finite automaton with finitely many registers
ranging from an infinite alphabet. Since the valuations of registers are
infinite, there are infinitely many configurations. We describe a technique to
classify infinite register automata configurations into finitely many exact
representative configurations. Using the finitary representation, we give an
algorithm solving the reachability problem for register automata. We moreover
define a computation tree logic for register automata and solve its model
checking problem.Comment: In Proceedings INFINITY 2013, arXiv:1402.661
Analyzing FreeRTOS Scheduling Behaviors with the Spin Model Checker
FreeRTOS is a real-time operating system with configurable scheduling
policies. Its portability and configurability make FreeRTOS one of the most
popular real-time operating systems for embedded devices. We formally analyze
the FreeRTOS scheduler on ARM Cortex-M4 processor in this work. Specifically,
we build a formal model for the FreeRTOS ARM Cortex-M4 port and apply model
checking to find errors in our models for FreeRTOS example applications.
Intriguingly, several errors are found in our application models under
different scheduling policies. In order to confirm our findings, we modify
application programs distributed by FreeRTOS and reproduce assertion failures
on the STM32F429I-DISC1 board
Predicate Generation for Learning-Based Quantifier-Free Loop Invariant Inference
We address the predicate generation problem in the context of loop invariant
inference. Motivated by the interpolation-based abstraction refinement
technique, we apply the interpolation theorem to synthesize predicates
implicitly implied by program texts. Our technique is able to improve the
effectiveness and efficiency of the learning-based loop invariant inference
algorithm in [14]. We report experiment results of examples from Linux,
SPEC2000, and Tar utility
Predicate Generation for Learning-Based Quantifier-Free Loop Invariant Inference
PETITION FOR ORIGINAL WRIT OF MANDAMUS DIRECTED TO THE HONORABLE DAVID L. MOWER DISTRICT JUDGE OF SEVIER COUNTY, STATE OF UTA
Automatic Verification of Cryptographic Block Function Implementations with Logical Equivalence Checking
Given a fixed-size block, cryptographic block functions gen-
erate outputs by a sequence of bitwise operations. Block functions are
widely used in the design of hash functions and stream ciphers. Their
correct implementations hence are crucial to computer security. We pro-
pose a method that leverages logic equivalence checking to verify assem-
bly implementations of cryptographic block functions. Logic equivalence
checking is a well-established technique from hardware verification. Using
our proposed method, we verify two dozen assembly implementations of
ChaCha20, SHA-256, and SHA-3 block functions from OpenSSL and
XKCP automatically. We also compare the performance of our technique
with the conventional SMT-based technique in experiments
Automatic Certified Verification of Cryptographic Programs with COQCRYPTOLINE
COQCRYPTOLINE is an automatic certified verification tool for cryptographic programs. It is built on OCAML programs extracted from algorithms fully certified in COQ with SS- REFLECT. Similar to other automatic tools, COQCRYPTO- LINE calls external decision procedures during verification. To ensure correctness, all answers from external decision procedures are validated by certified certificate checkers in COQCRYPTOLINE. We evaluate COQCRYPTOLINE on cryp- tographic programs from BITCOIN, BORINGSSL, NSS, and OPENSSL. The first certified verification of the reference implementation for number theoretic transform in the post- quantum key exchange mechanism KYBER is also reported
Verified NTT Multiplications for NISTPQC KEM Lattice Finalists: Kyber, SABER, and NTRU
Postquantum cryptography requires a different set of arithmetic routines from traditional public-key cryptography such as elliptic curves. In particular, in each of the lattice-based NISTPQC Key Establishment finalists, every state-ofthe-art optimized implementation for lattice-based schemes still in the NISTPQC round 3 currently uses a different complex multiplication based on the Number Theoretic Transform. We verify the NTT-based multiplications used in NTRU, Kyber, and SABER for both the AVX2 implementation for Intel CPUs and for the pqm4 implementation for the ARM Cortex M4 using the tool CryptoLine. e extended CryptoLine and as a result are able to verify that in six instances multiplications are correct including range properties.
We demonstrate the feasibility for a programmer to verify his or her high-speed assembly code for PQC, as well as to verify someone else’s high-speed PQC software in assembly code, with some cooperation from the programmer
Automatic verification of a model checker in rewriting logic
Abstract. In this paper, we use the reflection of rewriting logic to analyze a bounded local model checker for infinite-state systems formally. We introduce three-valued logic in a local model checking algorithm to formalize aborted verification. To improve its efficiency, several optimizations are introduced in the algorithm. We show how to exploit the reflection of rewriting logic and model check our bounded local model checker in rewriting logic formally.