A Constructive Approach to Correctness, Exemplified by a Generator for Certified Java Card Applets
نویسندگان
چکیده
We present a constructive approach to correctness and exemplify it by describing a generator for certified Java Card applets that we are building. A proof of full functional correctness is generated, along with the code, from the specification; the proof can be independently checked by a simple proof checker, so that the larger and more complex generator needs not be trusted. We argue that such an approach is a valuable alternative to post-hoc verification, in addressing the Program Verifier Grand Challenge.
منابع مشابه
Toward Automatic Generation of Provably Correct Java Card Applets
This paper overviews an ongoing project aimed at developing an automatic generator of Java Card applets from higher-level spec(ification)s written in a domain-specific language called “SmartSlang”. The generator is based on Specware, a system for the formal specification and refinement of software. The applet generator translates a SmartSlang spec into the logical language of Specware, re-expre...
متن کاملFrom Finite State Machines to Provably Correct Java Card Applets
This paper presents a systematic approach to developing Java Card applets and/or formal specifications for them, starting from descriptions in the form of finite state machines. The formal specifications are written in the specification language JML, and can be checked against Java Card source code using the static checker ESC/Java.
متن کاملFormal Proof of Smart Card Applets Correctness
The new Gemplus smart card is based on the Java technology, embedding a virtual machine. The security policy uses mechanisms that are based on Java properties. This language provides segregation between applets. But due to the smart card constraints a byte code verifier can not be embedded. Moreover, in order to maximise the number of applets the byte code must be optimised. The security proper...
متن کاملUsing Control Dependencies for Space-Aware Bytecode Verification
Java applets run on a Virtual Machine that checks code integrity and correctness before execution using a module called the Bytecode Verifier. Java Card technology allows Java applets to run on smart cards. The large memory requirements of the verification process do not allow the implementation of an embedded Bytecode Verifier in the Java Card Virtual Machine. To address this problem, we propo...
متن کاملJava bytecode verification with dynamic structures
Java applets run on a Virtual Machine that checks code’s integrity and correctness before execution using a module called Bytecode Verifier. Java Card technology allows Java applets to run on smart cards. Large memory space requirements of the verification process do not allow the implementation of a Bytecode Verifier embedded in the Java Card Virtual Machine. To address this feasibility proble...
متن کامل