skip to main content
research-article

A DSL for cross-domain security

Published:02 December 2012Publication History
Skip Abstract Section

Abstract

Guardol is a domain-specific language focused on the creation of high-assurance network guards and the specification of guard properties. The Guardol system generates Ada code from Guardol programs and also provides specification and automated verification support. Guard programs and specifications are translated to higher order logic, then deductively transformed to a form suitable for a SMT-style decision procedure for recursive functions over tree-structured data. The result is that difficult properties of Guardol programs can be proved fully automatically.

References

  1. C. Barrett, C. L. Conway, M. Deters, L. Hadarean, D. Jovanović, T. King, A. Reynolds, and C. Tinelli. CVC4. In Proceedings of the 23rd international conference on Computer aided verification, CAV'11, pages 171--177, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. C. Barrett, A. Stump, and C. Tinelli. The SMT-LIB standard: Version 2.0. In A. Gupta and D. Kroening, editors, Proceedings of the 8th International Workshop on Satisfiability Modulo Theories (Edinburgh, England), 2010.Google ScholarGoogle Scholar
  3. S. Böhme, A. Fox, T. Sewell, and T. Weber. Reconstruction of Z3's bit-vector proofs in HOL4 and Isabelle/HOL. In Proceedings of Certified Programs and Proofs, volume 7086 of LNCS. Springer, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. R. Bruttomesso, E. Pek, N. Sharygina, and A. Tsitovich. The OpenSMT solver. In Proceedings of TACAS, volume 6015 of LNCS, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. L. De Moura and N. Bjorner. Z3: An Efficient SMT Solver. In Proceedings of the Theory and practice of software, 14th international conference on Tools and algorithms for the construction and analysis of systems, TACAS'08/ETAPS'08, pages 337--340, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. M. Eysholdt and H. Behrens. Xtext: implement your language faster than the quick and dirty way. In Proceedings of the ACM international conference companion on Object oriented programming systems languages and applications companion, SPLASH'10, pages 307--309. ACM, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. J.-C. Filliatre. Deductive Program Verification. Thàse d'habilitation, Universite Paris 11, Dec. 2011.Google ScholarGoogle Scholar
  8. H. Ganzinger, G. Hagen, R. Nieuwenhuis, A. Oliveras, and C. Tinelli. DPLL(T): Fast decision procedures. In Proceedings of CAV, volume 3114 of LNCS, pages 175--188. Springer, 2004.Google ScholarGoogle Scholar
  9. J. Goguen and J. Meseguer. Security policies and security models. In Proc of IEEE Symposium on Security and Privacy, pages 11--20. IEEE Computer Society Press, 1982.Google ScholarGoogle ScholarCross RefCross Ref
  10. D. Greve. Assuming termination. In Proceedings of ACL2 Workshop, ACL2'09, pages 114--122. ACM, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. P. Hooimeijer, B. Livshits, D. Molnar, P. Saxena, and M. Veanes. Fast and precise sanitizer analysis with BEK. In Proceedings of the 20th USENIX conference on Security, pages 1--16, Berkeley, CA, USA, 2011. USENIX Association. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. R. C. Inc. Turnstile High Assurance Guard Homepage. http://www.rockwellcollins.com/.Google ScholarGoogle Scholar
  13. A. Kiezun, V. Ganesh, P. Guo, P. Hooimeijer, and M. Ernst. HAMPI: A solver for string constraints. In Proceedings of ISSTA, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. A. Krauss. Automating recursive definitions and termination proofs in higher order logic. PhD thesis, TU Munich, 2009.Google ScholarGoogle Scholar
  15. K. R. Leino. Automating induction with an SMT solver. In Proceedings of VMCAI, volume 7148 of LNCS. Springer, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. K. R. Leino and P. Ruemmer. A polymorphic intermediate verification language: Design and logical encoding. In Proceedings of TACAS, volume 6015 of LNCS, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. E. Meijer, M. Fokkinga, and R. Paterson. Functional programming with bananas, lenses, envelopes, and barbed wire. In Proceedings of FPCA, volume 523 of LNCS, 1991. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. S. Miller, M. Whalen, and D. Cofer. Software model checking takes off. CACM, 53:58--64, February 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. R. Milner, M. Tofte, R. Harper, and D. MacQueen. The Definition of Standard ML (Revised). The MIT Press, 1997. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. M. Myreen. Formal verification of machine-code programs. PhD thesis, University of Cambridge, 2009.Google ScholarGoogle Scholar
  21. S. Peyton Jones et al. The Haskell 98 language and libraries: The revised report. Journal of Functional Programming, 13(1):0--255, Jan 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. N. Schirmer. Verification of sequential imperative programs in Isabelle/HOL. PhD thesis, TU Munich, 2006.Google ScholarGoogle Scholar
  23. P. Sestoft. ML pattern match compilation and partial evaluation. In Dagstuhl Seminar on Partial Evaluation, volume 1110 of LNCS, pages 446--464, 1996. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. K. Slind and M. Norrish. A brief overview of HOL4. In Proceedings of TPHOLs, volume 5170 of LNCS, pages 28--32, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. P. Suter, M. Dotta, and V. Kuncak. Decision procedures for algebraic data types with abstractions. In Proceedings of POPL, pages 199--210. ACM, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. P. Suter, A. Köksal, and V. Kuncak. Satisfiability modulo recursive programs. In E. Yahav, editor, Proceedings of Static Analysis, volume 6887 of LNCS, pages 298--315. Springer, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. M. Whalen, D. Greve, and L. Wagner. Model checking information flow. In D. Hardin, editor, Design and Verification of Microprocessor Systems for High-Assurance Applications. Springer, 2010.Google ScholarGoogle ScholarCross RefCross Ref

Index Terms

  1. A DSL for cross-domain security

        Recommendations

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in

        Full Access

        • Published in

          cover image ACM SIGAda Ada Letters
          ACM SIGAda Ada Letters  Volume 32, Issue 3
          HILT '12
          December 2012
          89 pages
          ISSN:1094-3641
          DOI:10.1145/2402709
          Issue’s Table of Contents
          • cover image ACM Conferences
            HILT '12: Proceedings of the 2012 ACM conference on High integrity language technology
            December 2012
            118 pages
            ISBN:9781450315050
            DOI:10.1145/2402676

          Copyright © 2012 ACM

          Publisher

          Association for Computing Machinery

          New York, NY, United States

          Publication History

          • Published: 2 December 2012

          Check for updates

          Qualifiers

          • research-article
        • Article Metrics

          • Downloads (Last 12 months)2
          • Downloads (Last 6 weeks)0

          Other Metrics

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader
        About Cookies On This Site

        We use cookies to ensure that we give you the best experience on our website.

        Learn more

        Got it!