skip to main content
research-article
Free Access

Decomposing bytecode verification by abstract interpretation

Published:12 December 2008Publication History
Skip Abstract Section

Abstract

Bytecode verification is a key point in the security chain of the Java platform. This feature is only optional in many embedded devices since the memory requirements of the verification process are too high. In this article we propose an approach that significantly reduces the use of memory by a serial/parallel decomposition of the verification into multiple specialized passes. The algorithm reduces the type encoding space by operating on different abstractions of the domain of types. The results of our evaluation show that this bytecode verification can be performed directly on small memory systems. The method is formalized in the framework of abstract interpretation.

References

  1. Barthe, G., Courtieu, P., Dufay, G., and de Sousa, S. M. 2005. Tool-assisted specification and verification of typed low-level languages. J. Autom. Reason. 35, 4, 295--354. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Bernardeschi, C., De Francesco, N., and Martini, L. 2003. Efficient bytecode verification using immediate postdominators in control flow graphs. In Proceedings of the OTM Workshops. Lecture Notes in Computer Science, vol. 2889. Springer, 425--436.Google ScholarGoogle Scholar
  3. Bernardeschi, C., Francesco, N. D., Lettieri, G., Martini, L., and Masci, P. 2007. Decomposing bytecode verification by abstract interpretation for space awareness in embedded systems. Tech. rep. IET-07-01, Dipartimento di Ingegneria dell'Informazione, Università di Pisa, http://www.ing.unipi.it/~o1103499/papers/IET-07-01.pdf.Google ScholarGoogle Scholar
  4. Bernardeschi, C., Lettieri, G., Martini, L., and Masci, P. 2006a. Using control dependencies for space-aware bytecode verification. Comput. J. 49, 2, 234--248. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Bernardeschi, C., Lettieri, G., Martini, L., and Masci, P. 2006b. Using postdomination to reduce space requirements of data flow analysis. Inform. Proc. Lett. 98, 1, 11--18.Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Bieber, P., Cazin, J., Marouani, A. E., Girard, P., Lanet, J.-L., Wiels, V., and Zanon, G. 2001. The PACAP prototype: A tool for detecting Java card illegal flow. Lecture Notes in Computer Science vol. 2041. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Casset, L., Burdy, L., and Requet, A. 2002. Formal development of an embedded verifier for Java Card byte code. In Proceedings of the International Conference on Dependable Systems and Networks (DSN'02). IEEE Computer Society, 51--58. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Click, C. and Rose, J. 2002. Fast subtype checking in the HotSpot JVM. In Proceedings of the Joint ACM-ISCOPE Conference on Java Grande (JGI'02). ACM Press, New York, 96--107. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Coglio, A. 2003. Improving the official specification of Java bytecode verification. Concur. Computat. Pract. Exper. 15, 2, 155--179.Google ScholarGoogle ScholarCross RefCross Ref
  10. Coglio, A. 2004. Simple verification technique for complex Java bytecode subroutines. Concur.—Pract. Exper. 16, 7, 647--670. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Cohen, N. H. 1991. Type-extension type test can be performed in constant time. ACM Trans. Program. Lang. Syst. 13, 4, 626--629. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Cortesi, A., Filé, G., Ranzato, F., Giacobazzi, R., and Palamidessi, C. 1997. Complementation in abstract interpretation. ACM Trans. Program. Lang. Syst. 19, 1, 7--47. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Cousot, P. and Cousot, R. 1977. Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In Proceedings of the 4th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. ACM Press, New York, 238--252. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Cousot, P. and Cousot, R. 1979. Systematic design of program analysis frameworks. In Proceedings of the 6th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. ACM Press, New York, 269--282. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Cousot, P. and Cousot, R. 1992. Abstract interpretation frameworks. J. Logic Comput. 2, 511--547.Google ScholarGoogle ScholarCross RefCross Ref
  16. Davey, B. A. and Priestley, H. A. 2002. Introduction to Lattices and Order. Cambridge University Press.Google ScholarGoogle Scholar
  17. Deville, D. and Grimaud, G. 2002. Building an “impossible” verifier on a Java Card. In Proceedings of the 2nd USENIX Workshop on Industrial Experiences with Systems Software. USENIX, 15--24. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Freund, S. N. and Mitchell, J. C. 1999. The type system for object initialization in the Java bytecode language. ACM Trans. Program. Lang. Syst. 21, 6, 1196--1250. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Giacobazzi, R. and Ranzato, F. 1998. Optimal domains for disjunctive abstract interpretation. Sci. Comput. Program. 32, 1-3, 177--210. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Giacobazzi, R., Ranzato, F., and Scozzari, F. 2000. Making abstract interpretations complete. J. ACM 47, 2, 361--416. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Giacobazzi, R. and Scozzari, F. 1998. A logical model for relational abstract domains. ACM Trans. Program. Lang. Syst. 20, 5, 1067--1109. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. Goldberg, A. 1998. A specification of Java loading and bytecode verification. In Proceedings of the ACM Conference on Computer and Communications Security. ACM Press, New York, 49--58. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Gosling, J., Joy, B., Steele, G., and Bracha, G. 2000. Java Language Specification, 2nd Ed.: The Java Series. Addison-Wesley Longman Publishing Co., Inc., Boston, MA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Hyppönen, K., Naccache, D., Trichina, E., and Tchoulkine, A. 2003. Trading-off type-inference memory complexity against communication. In Proceedings of the 5th International Conference Information and Communications Security (ICICS'03), S. Qing, D. Gollmann, and J. Zhou, Eds. Lecture Notes in Computer Science. Springer, 60--71.Google ScholarGoogle Scholar
  25. JSR 2006. Jsr-000202 Java class file specification update. Tech. rep. JSR202, Java Community Process, http://jcp.org/en/jsr/detail?id=202.Google ScholarGoogle Scholar
  26. Klein, G. and Nipkow, T. 2006. A machine-checked model for a Java-like language, virtual machine, and compiler. ACM Trans. Program. Lang. Syst. 28, 4, 619--695. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Knoblock, T. B. and Rehof, J. 2001. Type elaboration and subtype completion for Java bytecode. ACM Trans. Program. Lang. Syst. 23, 2, 243--272. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. Lanet, J.-L. and Requet, A. 2000. Formal proof of smart card applets correctness. In Proceedings of International Conference on Smart Card Research and Applications (CARDIS'98), J.-J. Quisquater and B. Schneier, Eds. Lecture Notes in Computer Science, vol. 1820. Springer, 85--97. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Leroy, X. 2001. Java bytecode verification: an overview. In Proceedings of the 13th International Conference on Computer Aided Verification, Lecture Notes in Computer Science, vol. 2102. 265--285. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. Leroy, X. 2002. Bytecode verification for Java smart card. Softw. Pract. Exper. 32, 319--340. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Leroy, X. 2003. Java bytecode verification: algorithms and formalizations. J. Autom. Reason. 30, 235--269. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. Lindholm, T. and Yellin, F. 1999. Java Virtual Machine Specification 2nd Ed. Addison-Wesley Longman Publishing Co., Inc., Reading, MA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. Mycroft, A. 1993. Completeness and predicate-based abstract interpretation. In Proceedings of the ACM SIGPLAN Symposium on Partial Evaluation and Semantics-Based Program Manipulation (PEPM'93). ACM Press, New York, 179--185. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Naccache, D., Tchoulkine, A., Tymen, C., and Trichina, E. 2003. Reducing the memory complexity of type-inference algorithms. In Information and Communications Security, R. Deng, S.Quing, F.Bao, and J. Zhou, Eds. Lecture Notes in Computer Science, vol. 2513, Springer-Verlag, 109--121. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Necula, G. C. 1997. Proof-carrying code. In Proceedings of the 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL'97). ACM Press, New York, USA, 106--119. Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. Qian, Z. 2000. Standard fixpoint iteration for Java bytecode verification. ACM Trans. Program. Lang. Syst. 22, 4, 638--672. Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. Requet, A. 2003. A B model for ensuring soundness of a large subset of the Java Card virtual machine. Sci. Comput. Program. 46, 3, 283--306. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. Rose, E. 2003. Lightweight bytecode verification. J. Autom. Reason. 31, 3-4, 303--334. Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. Rose, E. and Rose, K. 1998. Lightweight bytecode verification. In Proceeding of the Workshop on the Formal Underpinning of Java.Google ScholarGoogle Scholar
  40. Ward, M. 1942. The closure operators of a lattice. Annals Math. 43, 2, 191--196.Google ScholarGoogle ScholarCross RefCross Ref

Index Terms

  1. Decomposing bytecode verification by abstract interpretation

            Recommendations

            Comments

            Login options

            Check if you have access through your login credentials or your institution to get full access on this article.

            Sign in

            Full Access

            • Published in

              cover image ACM Transactions on Programming Languages and Systems
              ACM Transactions on Programming Languages and Systems  Volume 31, Issue 1
              December 2008
              261 pages
              ISSN:0164-0925
              EISSN:1558-4593
              DOI:10.1145/1452044
              Issue’s Table of Contents

              Copyright © 2008 ACM

              Publisher

              Association for Computing Machinery

              New York, NY, United States

              Publication History

              • Published: 12 December 2008
              • Accepted: 1 March 2008
              • Revised: 1 August 2007
              • Received: 1 January 2007
              Published in toplas Volume 31, Issue 1

              Permissions

              Request permissions about this article.

              Request Permissions

              Check for updates

              Qualifiers

              • research-article
              • Research
              • Refereed

            PDF Format

            View or Download as a PDF file.

            PDF

            eReader

            View online with eReader.

            eReader
            About Cookies On This Site

            We use cookies to ensure that we give you the best experience on our website.

            Learn more

            Got it!