Abstract
Proof Carrying Code provides trust in mobile code by requiring certificates that ensure the code adherence to specific conditions. The prominent approach to generate certificates for compiled code is Certifying Compilation, that automatically generates certificates for simple safety properties.
In this work, we present Certificate Translation, a novel extension for standard compilers that automatically transforms formal proofs for more expressive and complex properties of the source program to certificates for the compiled code.
The article outlines the principles of certificate translation, instantiated for a nonoptimizing compiler and for standard compiler optimizations in the context of an intermediate RTL Language.
- ]]Bannwart, F. Y. and Müller, P. 2005. A program logic for bytecode. Electron. Notes Theoret. Comput. Sci. 141, 255--273. Google Scholar
Digital Library
- ]]Barnett, M., Chang, B.-Y. E., DeLine, R., Jacobs, B., and Leino, K. R. M. 2005. Boogie: A modular reusable verifier for object-oriented programs. In Formal Methods for Components and Objects. Lecture Notes in Computer Science, vol. 4111. Springer-Verlag. Google Scholar
Digital Library
- ]]Barnett, M., Leino, K. R. M., and Schulte, W. 2005. The Spec# programming system: An overview. In Construction and Analysis of Safe, Secure and Interoperable Smart Devices: Proceedings of the International Workshop CASSIS 2004, G. Barthe, L. Burdy, M. Huisman, J.-L. Lanet, and T. Muntean, Eds. Lecture Notes in Computer Science, vol. 3362. Springer-Verlag, 151--171. Google Scholar
Digital Library
- ]]Barrett, C. W., Fang, Y., Goldberg, B., Hu, Y., Pnueli, A., and Zuck, L. D. 2005. Tvoc: A translation validator for optimizing compilers. In Proceedings of the International Conference on Computer-Aided Verification, K. Etessami and S. K. Rajamani, Eds. Lecture Notes in Computer Science, vol. 3576, Springer-Verlag, 291--295. Google Scholar
Digital Library
- ]]Barthe, G., Burdy, L., Charles, J., Grégoire, B., Huisman, M., Lanet, J.-L., Pavlova, M., and Requet, A. 2007. JACK: A tool for validation of security and behaviour of Java applications. In Formal Methods for Components and Objects: Revised Lectures from the 5th International Symposium (FMCO'06). Lecture Notes in Computer Science, vol. 4709, Springer-Verlag, 152--174. Google Scholar
Digital Library
- ]]Barthe, G., Grégoire, B., Kunz, C., and Rezk, T. 2006. Certificate translation for optimizing compilers. In Proceedings of the Static Analysis Symposium, K. Yi, Ed. Lecture Notes in Computer Science. vol. 4134, Springer-Verlag, 301--317. Google Scholar
Digital Library
- ]]Barthe, G., Grégoire, B., and Pavlova, M. 2008. Preservation of proof obligations for Java. In International Joint Conference on Automated Reasoning. Lecture Notes in Computer Science. Springer-Verlag. Google Scholar
Digital Library
- ]]Barthe, G. and Kunz, C. 2008. Certificate translation in abstract interpretation. In European Symposium on Programming. Lecture Notes in Computer Science, vol. 4960. Springer-Verlag, 368--382. Google Scholar
Digital Library
- ]]Barthe, G., Naumann, D., and Rezk, T. 2006. Deriving an information flow checker and certifying compiler for Java. In Proceedings of the Symposium on Security and Privacy. IEEE Press. Google Scholar
Digital Library
- ]]Barthe, G., T. Rezk, and Saabas, A. 2005. Proof obligations preserving compilation. In Workshop on Formal Aspects in Security and Trust, T. Dimitrakos, F. Martinelli, P. Ryan, and S. Schneider, Eds. Lecture Notes in Computer Science, vol. 3866. Springer-Verlag, 112--126. Google Scholar
Digital Library
- ]]Bertot, Y., Grégoire, B., and Leroy, X. 2004. A structured approach to proving compiler optimizations based on dataflow analysis. In TYPES, J. Filliâtre, C. Paulin-Mohring, and B. Werner, Eds. Lecture Notes in Computer Science, vol. 3839. Springer, 66--81. Google Scholar
Digital Library
- ]]Blazy, S., Dargaye, Z., and Leroy, X. 2006. Formal verification of a c compiler front-end. In Proceedings of the International Conference on Formal Methods (FM), J. Misra, T. Nipkow, and E. Sekerinski, Eds. Lecture Notes in Computer Science, vol. 4085. Springer, 460--475. Google Scholar
Digital Library
- ]]Burdy, L., Cheon, Y., Cok, D., Ernst, M., Kiniry, J., Leavens, G., Leino, K., and Poll, E. 2003. An overview of JML tools and applications. In Proceedings of the Workshop on Formal Methods for Industrial Critical Systems. Electronic Notes in Theoretical Computer Science, vol. 80. Elsevier, 73--89.Google Scholar
- ]]Burdy, L. and Pavlova, M. 2006. Java bytecode specification and verification. In Proceedings of the Symposium on Applied Computing. ACM Press, 1835--1839. Google Scholar
Digital Library
- ]]Chalin, P., Kiniry, J. R., Leavens, G. T., and Poll, E. 2006. Beyond assertions: Advanced specification and verification with JML and ESC/Java2. In Formal Methods for Components and Objects, Lecture Notes in Computer Science, vol. 4111. 342--363. Google Scholar
Digital Library
- ]]Guttman, J. D. and Wand, M. 1995. Special issue on VLISP. Lisp Symbol. Comput. 8, 1/2. Google Scholar
Digital Library
- ]]Laud, P., Uustalu, T., and Vene, V. 2006. Type systems equivalent to data-flow analyses for imperative languages. Theoret. Comput. Sci. 364, 3, 292--310. Google Scholar
Digital Library
- ]]Leino, K. R. M. 2006. Specifying and verifying programs in spec#. In Proceedings of the Ershov Memorial Conference, I. Virbitskaite and A. Voronkov, Eds. Lecture Notes in Computer Science, vol. 4378. Springer, 20. Google Scholar
Digital Library
- ]]Leino, K. R. M. and Schulte, W. 2004. Exception safety for c#. In Proceedings of the International Conference on Software Engineering and Formal Methods. IEEE Computer Society, 218--227. Google Scholar
Digital Library
- ]]Lerner, S., Millstein, T., Rice, E., and Chambers, C. 2005. Automated soundness proofs for dataflow analyses and transformations via local rules. In Proceedings of the 32nd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL'05). ACM, New York, 364--377. Google Scholar
Digital Library
- ]]Leroy, X. 2006a. Coinductive big-step operational semantics. In Programming Languages and Systems: Proceedings of the 15th European Symposium on Programming, (ESOP'06). Lecture Notes in Computer Science, vol. 3924. Springer-Verlag, 54--68. Google Scholar
Digital Library
- ]]Leroy, X. 2006b. Formal certification of a compiler back-end or: Programming a compiler with a proof assistant. In Principles of Programming Languages, J. G. Morrisett and S. L. P. Jones, Eds. ACM Press, 42--54. Google Scholar
Digital Library
- ]]Müller, P. and Nordio, M. 2007. Proof-transforming compilation of programs with abrupt termination. In Proceedings of the Conference on Specification and Verification of Component-Based Systems (SAVCBS'07). ACM, New York, NY, 39--46. Google Scholar
Digital Library
- ]]Necula, G. 1998. Compiling with proofs. Ph.D. thesis, Carnegie Mellon University. Tech. rep. CMU-CS-98-154. Google Scholar
Digital Library
- ]]Necula, G. C. 1997. Proof-carrying code. In Principles of Programming Languages. ACM Press, New York, 106--119. Google Scholar
Digital Library
- ]]Necula, G. C. 2000. Translation validation for an optimizing compiler. ACM SIGPLAN Not. 35, 5, 83--94. Google Scholar
Digital Library
- ]]Necula, G. C. and Lee, P. 1998. The design and implementation of a certifying compiler. In Programming Languages Design and Implementation. Vol. 33. ACM Press, New York, 333--344. Google Scholar
Digital Library
- ]]Nordio, M., Müller, P., and Meyer, B. 2008a. Formalizing proof-transforming compilation of eiffel programs. Tech. rep. 587, ETH Zurich.Google Scholar
- ]]Nordio, M., Müller, P., and Meyer, B. 2008b. Proof-transforming compilation of eiffel programs. In TOOLS-EUROPE, R. Paige, Ed. Lecture Notes in Business and Information Processing. Springer-Verlag.Google Scholar
- ]]Pnueli, A., Singerman, E., and Siegel, M. 1998. Translation validation. In Tools and Algorithms for the Construction and Analysis of Systems, B. Steffen, Ed. Lecture Notes in Computer Science, vol. 1384. Springer-Verlag, 151--166. Google Scholar
Digital Library
- ]]Rival, X. 2004. Symbolic transfer functions-based approaches to certified compilation. In Principles of Programming Languages. ACM Press, 1--13. Google Scholar
Digital Library
- ]]Saabas, A. and Uustalu, T. 2008. Program and proof optimizations with type systems. J. Logic Algebra. Program. 77, 1--2, 131--154.Google Scholar
Cross Ref
- ]]Seo, S., Yang, H., and Yi, K. 2003. Automatic construction of Hoare proofs from abstract interpretation results. In Proceedings of the Asian Programming Languages and Systems Symposium, A. Ohori, Ed. Lecture Notes in Computer Science, vol. 2895. Springer-Verlag, 230--245.Google Scholar
- ]]Shao, Z., Trifonov, V., Saha, B., and Papaspyrou, N. 2005. A type system for certified binaries. ACM Trans. Program. Lang. Syst. 27, 1, 1--45. Google Scholar
Digital Library
- ]]Strecker, M. 2002. Formal Verification of a Java Compiler in Isabelle. In Proceedings of the Conference on Automated Deduction, A. Voronkov, Ed. Lecture Notes in Computer Science, vol. 2392. Springer-Verlag, 63--77. Google Scholar
Digital Library
- ]]Tarditi, D., Morrisett, J. G., Cheng, P., Stone, C., Harper, R., and Lee, P. 1996. TIL: A type-directed optimizing compiler for ML. In Programming Languages Design and Implementation. ACM, 181--192. Google Scholar
Digital Library
- ]]Tristan, J. and Leroy, X. 2008. Formal verification of translation validators: A case study on instruction scheduling optimizations. SIGPLAN Not. 43, 1, 17--27. Google Scholar
Digital Library
- ]]Wildmoser, M., Chaieb, A., and Nipkow, T. 2005. Bytecode analysis for proof carrying code. In Bytecode Semantics, Verification, Analysis and Transformation, F. Spoto, Ed. Electronic Notes in Theoretical Computer Science, vol. 141. Elsevier. Google Scholar
Digital Library
- ]]Zuck, L. D., Pnueli, A., Fang, Y., and Goldberg, B. 2002. Voc: A translation validator for optimizing compilers. Electron. Notes Theor. Comput. Sci. 65, 2.Google Scholar
Cross Ref
Index Terms
Certificate translation for optimizing compilers
Recommendations
An Abstract Model of Certificate Translation
A certificate is a mathematical object that can be used to establish that a piece of mobile code satisfies some security policy. In general, certificates cannot be generated automatically. There is thus an interest in developing methods to reuse ...
Certificate translation for optimizing compilers
SAS'06: Proceedings of the 13th international conference on Static AnalysisCertifying compilation provides a means to ensure that untrusted mobile code satisfies its functional specification. A certifying compiler generates code as well as a machine-checkable “certificate”, i.e. a formal proof that establishes adherence of the ...
A Certifying Compiler for Clike Subset of C Language
TASE '10: Proceedings of the 2010 4th IEEE International Symposium on Theoretical Aspects of Software EngineeringProof-carrying code (PCC) is a technique that allows code consumers to check whether the code is safe to execute or not through a formal safety proof provided by the code producer. And a certifying compiler makes PCC practical by compiling annotated ...








Comments