Abstract
Bytecode verification is a key point in the security chain of the Java platform. This feature is only optional in many embedded devices since the memory requirements of the verification process are too high. In this article we propose an approach that significantly reduces the use of memory by a serial/parallel decomposition of the verification into multiple specialized passes. The algorithm reduces the type encoding space by operating on different abstractions of the domain of types. The results of our evaluation show that this bytecode verification can be performed directly on small memory systems. The method is formalized in the framework of abstract interpretation.
- Barthe, G., Courtieu, P., Dufay, G., and de Sousa, S. M. 2005. Tool-assisted specification and verification of typed low-level languages. J. Autom. Reason. 35, 4, 295--354. Google Scholar
Digital Library
- Bernardeschi, C., De Francesco, N., and Martini, L. 2003. Efficient bytecode verification using immediate postdominators in control flow graphs. In Proceedings of the OTM Workshops. Lecture Notes in Computer Science, vol. 2889. Springer, 425--436.Google Scholar
- Bernardeschi, C., Francesco, N. D., Lettieri, G., Martini, L., and Masci, P. 2007. Decomposing bytecode verification by abstract interpretation for space awareness in embedded systems. Tech. rep. IET-07-01, Dipartimento di Ingegneria dell'Informazione, Università di Pisa, http://www.ing.unipi.it/~o1103499/papers/IET-07-01.pdf.Google Scholar
- Bernardeschi, C., Lettieri, G., Martini, L., and Masci, P. 2006a. Using control dependencies for space-aware bytecode verification. Comput. J. 49, 2, 234--248. Google Scholar
Digital Library
- Bernardeschi, C., Lettieri, G., Martini, L., and Masci, P. 2006b. Using postdomination to reduce space requirements of data flow analysis. Inform. Proc. Lett. 98, 1, 11--18.Google Scholar
Digital Library
- Bieber, P., Cazin, J., Marouani, A. E., Girard, P., Lanet, J.-L., Wiels, V., and Zanon, G. 2001. The PACAP prototype: A tool for detecting Java card illegal flow. Lecture Notes in Computer Science vol. 2041. Google Scholar
Digital Library
- Casset, L., Burdy, L., and Requet, A. 2002. Formal development of an embedded verifier for Java Card byte code. In Proceedings of the International Conference on Dependable Systems and Networks (DSN'02). IEEE Computer Society, 51--58. Google Scholar
Digital Library
- Click, C. and Rose, J. 2002. Fast subtype checking in the HotSpot JVM. In Proceedings of the Joint ACM-ISCOPE Conference on Java Grande (JGI'02). ACM Press, New York, 96--107. Google Scholar
Digital Library
- Coglio, A. 2003. Improving the official specification of Java bytecode verification. Concur. Computat. Pract. Exper. 15, 2, 155--179.Google Scholar
Cross Ref
- Coglio, A. 2004. Simple verification technique for complex Java bytecode subroutines. Concur.—Pract. Exper. 16, 7, 647--670. Google Scholar
Digital Library
- Cohen, N. H. 1991. Type-extension type test can be performed in constant time. ACM Trans. Program. Lang. Syst. 13, 4, 626--629. Google Scholar
Digital Library
- Cortesi, A., Filé, G., Ranzato, F., Giacobazzi, R., and Palamidessi, C. 1997. Complementation in abstract interpretation. ACM Trans. Program. Lang. Syst. 19, 1, 7--47. Google Scholar
Digital Library
- Cousot, P. and Cousot, R. 1977. Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In Proceedings of the 4th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. ACM Press, New York, 238--252. Google Scholar
Digital Library
- Cousot, P. and Cousot, R. 1979. Systematic design of program analysis frameworks. In Proceedings of the 6th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. ACM Press, New York, 269--282. Google Scholar
Digital Library
- Cousot, P. and Cousot, R. 1992. Abstract interpretation frameworks. J. Logic Comput. 2, 511--547.Google Scholar
Cross Ref
- Davey, B. A. and Priestley, H. A. 2002. Introduction to Lattices and Order. Cambridge University Press.Google Scholar
- Deville, D. and Grimaud, G. 2002. Building an “impossible” verifier on a Java Card. In Proceedings of the 2nd USENIX Workshop on Industrial Experiences with Systems Software. USENIX, 15--24. Google Scholar
Digital Library
- Freund, S. N. and Mitchell, J. C. 1999. The type system for object initialization in the Java bytecode language. ACM Trans. Program. Lang. Syst. 21, 6, 1196--1250. Google Scholar
Digital Library
- Giacobazzi, R. and Ranzato, F. 1998. Optimal domains for disjunctive abstract interpretation. Sci. Comput. Program. 32, 1-3, 177--210. Google Scholar
Digital Library
- Giacobazzi, R., Ranzato, F., and Scozzari, F. 2000. Making abstract interpretations complete. J. ACM 47, 2, 361--416. Google Scholar
Digital Library
- Giacobazzi, R. and Scozzari, F. 1998. A logical model for relational abstract domains. ACM Trans. Program. Lang. Syst. 20, 5, 1067--1109. Google Scholar
Digital Library
- Goldberg, A. 1998. A specification of Java loading and bytecode verification. In Proceedings of the ACM Conference on Computer and Communications Security. ACM Press, New York, 49--58. Google Scholar
Digital Library
- Gosling, J., Joy, B., Steele, G., and Bracha, G. 2000. Java Language Specification, 2nd Ed.: The Java Series. Addison-Wesley Longman Publishing Co., Inc., Boston, MA. Google Scholar
Digital Library
- Hyppönen, K., Naccache, D., Trichina, E., and Tchoulkine, A. 2003. Trading-off type-inference memory complexity against communication. In Proceedings of the 5th International Conference Information and Communications Security (ICICS'03), S. Qing, D. Gollmann, and J. Zhou, Eds. Lecture Notes in Computer Science. Springer, 60--71.Google Scholar
- JSR 2006. Jsr-000202 Java class file specification update. Tech. rep. JSR202, Java Community Process, http://jcp.org/en/jsr/detail?id=202.Google Scholar
- Klein, G. and Nipkow, T. 2006. A machine-checked model for a Java-like language, virtual machine, and compiler. ACM Trans. Program. Lang. Syst. 28, 4, 619--695. Google Scholar
Digital Library
- Knoblock, T. B. and Rehof, J. 2001. Type elaboration and subtype completion for Java bytecode. ACM Trans. Program. Lang. Syst. 23, 2, 243--272. Google Scholar
Digital Library
- Lanet, J.-L. and Requet, A. 2000. Formal proof of smart card applets correctness. In Proceedings of International Conference on Smart Card Research and Applications (CARDIS'98), J.-J. Quisquater and B. Schneier, Eds. Lecture Notes in Computer Science, vol. 1820. Springer, 85--97. Google Scholar
Digital Library
- Leroy, X. 2001. Java bytecode verification: an overview. In Proceedings of the 13th International Conference on Computer Aided Verification, Lecture Notes in Computer Science, vol. 2102. 265--285. Google Scholar
Digital Library
- Leroy, X. 2002. Bytecode verification for Java smart card. Softw. Pract. Exper. 32, 319--340. Google Scholar
Digital Library
- Leroy, X. 2003. Java bytecode verification: algorithms and formalizations. J. Autom. Reason. 30, 235--269. Google Scholar
Digital Library
- Lindholm, T. and Yellin, F. 1999. Java Virtual Machine Specification 2nd Ed. Addison-Wesley Longman Publishing Co., Inc., Reading, MA. Google Scholar
Digital Library
- Mycroft, A. 1993. Completeness and predicate-based abstract interpretation. In Proceedings of the ACM SIGPLAN Symposium on Partial Evaluation and Semantics-Based Program Manipulation (PEPM'93). ACM Press, New York, 179--185. Google Scholar
Digital Library
- Naccache, D., Tchoulkine, A., Tymen, C., and Trichina, E. 2003. Reducing the memory complexity of type-inference algorithms. In Information and Communications Security, R. Deng, S.Quing, F.Bao, and J. Zhou, Eds. Lecture Notes in Computer Science, vol. 2513, Springer-Verlag, 109--121. Google Scholar
Digital Library
- Necula, G. C. 1997. Proof-carrying code. In Proceedings of the 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL'97). ACM Press, New York, USA, 106--119. Google Scholar
Digital Library
- Qian, Z. 2000. Standard fixpoint iteration for Java bytecode verification. ACM Trans. Program. Lang. Syst. 22, 4, 638--672. Google Scholar
Digital Library
- Requet, A. 2003. A B model for ensuring soundness of a large subset of the Java Card virtual machine. Sci. Comput. Program. 46, 3, 283--306. Google Scholar
Digital Library
- Rose, E. 2003. Lightweight bytecode verification. J. Autom. Reason. 31, 3-4, 303--334. Google Scholar
Digital Library
- Rose, E. and Rose, K. 1998. Lightweight bytecode verification. In Proceeding of the Workshop on the Formal Underpinning of Java.Google Scholar
- Ward, M. 1942. The closure operators of a lattice. Annals Math. 43, 2, 191--196.Google Scholar
Cross Ref
Index Terms
Decomposing bytecode verification by abstract interpretation
Recommendations
Java Bytecode Verification: Algorithms and Formalizations
Bytecode verification is a crucial security component for Java applets, on the Web and on embedded devices such as smart cards. This paper reviews the various bytecode verification algorithms that have been proposed, recasts them in a common framework ...
Using abstract interpretation to add type checking for interfaces in Java bytecode verification
Java interface types support multiple inheritance. Because of this, the standard bytecode verifier ignores them, since it is not able to model the class hierarchy as a lattice. Thus, type checks on interfaces are performed at run time. We propose a ...
Lightweight Bytecode Verification
In this paper, we provide a theoretical foundation for and improvements to the existing bytecode verification technology, a critical component of the Java security model, for mobile code used with the Java “micro edition” (J2ME), which is intended for ...






Comments