Certifying Domain-Specific Policies
نویسندگان
چکیده
Proof-checking code for compliance to safety policies potentially enables a product-oriented approach to certain aspects of software certification. To date, previous research has focused on generic, low-level programming-language properties such as memory type safety. In this paper we consider proof-checking higher-level domain-specific properties for compliance to safety policies. The paper first describes a framework related to abstract interpretation in which compliance to a class of certification policies can be efficiently calculated. Membership equational logic is shown to provide a rich logic for carrying out such calculations, including partiality, for certification. The architecture for a domain-specific certifier is described, followed by an implemented case study. The case study considers consistency of abstract variable attributes in code that performs geometric calculations in Aerospace systems.
منابع مشابه
Certifying Measurement Unit Safety Policy
Measurement unit safety policy checking is a topic in software analysis concerned with ensuring that programs do not violate basic principles of units of measurement. Such violations can hide significant domain-specific errors which are hard or impossible to find otherwise. Measurement unit analysis by means of automatic deduction is addressed in this paper. We draw general design principles fo...
متن کاملTowards Certifying Domain-Specific Properties of Synthesized Code
We present a technique for certifying domain-specific properties of code generated using program synthesis technology. Program synthesis is a maturing technology that generates code from high-level specifications in particular domains. For acceptance in safety-critical applications, the generated code must be thoroughly tested which is a costly process. We show how the program synthesis system ...
متن کاملMapping Linux Security Targets to Existing Test Suites
The Common Criteria standard provides an infrastructure for evaluating security functions of IT products and for certifying that security policies claimed by product suppliers are correctly enforced by the security functions themselves. Certifying Open Source software (OSS) can pave the way to OSS adoption in a number of security-conscious application environments. Recent experiences in certify...
متن کاملA Method for Certifying Code in Trust-By-Policy-Adherence
This paper proposes and details the notion of trust by policy adherence (TBPA), meaning that code can be certified on the basis of its security-related behaviors rather than its origins and integrity. We describe the overall life cycle of code in this setting, and propose a detailed method whereby a program’s policy adherence can be verified. We suggest enforcing security policies over code by ...
متن کاملFrom Network Interface to Multithreaded Web Applications: A Case Study in Modular Program Verification Citation
Many verifications of realistic software systems are monolithic, in the sense that they define single global invariants over complete system state. More modular proof techniques promise to support reuse of component proofs and even reduce the effort required to verify one concrete system, just as modularity simplifies standard software development. This paper reports on one case study applying ...
متن کامل