Directed Proof Generation for Machine Code
نویسندگان
چکیده
We present the algorithms used in MCVETO (Machine-Code VErification TOol), a tool to check whether a stripped machinecode program satisfies a safety property. The verification problem that MCVETO addresses is challenging because it cannot assume that it has access to (i) certain structures commonly relied on by source-code verification tools, such as control-flow graphs and call-graphs, and (ii) metadata, such as information about variables, types, and aliasing. It cannot even rely on out-of-scope local variables and return addresses being protected from the program’s actions. What distinguishes MCVETO from other work on software model checking is that it shows how verification of machine-code can be performed, while avoiding conventional techniques that would be unsound if applied at the machine-code level.
منابع مشابه
The Logical Abstract Machine: A Curry-Howard Isomorphism for Machine Code
This paper presents a logical framework for low-level machine code and code generation. We first define a calculus, called sequential sequent calculus, of intuitionistic propositional logic. A proof of the calculus only contains left rules and has a linear (non-branching) structure, which reflects the properties of sequential machine code. We then establish a Curry-Howard isomorphism between th...
متن کاملProof-Directed De-compilation of Low-Level Code
We present a proof theoretical method for de-compiling lowlevel code to the typed lambda calculus. We first define a proof system for a low-level code language based on the idea of Curry-Howard isomorphism. This allows us to regard an executable code as a proof in intuitionistic propositional logic. As being a proof of intuitionistic logic, it can be translated to an equivalent proof of natural...
متن کاملProof-Directed De-compilation of Java Bytecode
We present a proof system for the Java bytecode language based on a Curry-Howard isomorphism for machine code, where an executable code is regarded as a proof of a variant of a sequent calculus of the intuitionistic propositional logic. Diierent from type systems for Java bytecode so far proposed, our proof system not only speciies type consistency but also represents the computation denoted by...
متن کاملAUSPICE-R: Automatic Safety-Property Proofs for Realistic Features in Machine Code
Automatically generating proofs of safety properties for software is important as software becomes safety-critical, e.g., in medical devices and automobiles. While current techniques can automatically prove safety properties for machine code, they either: (i) do not support user-mode programs in an operating system, (ii) do not support realistic program features such as system calls, or (iii) h...
متن کاملCode generation from specifications in higher-order logic
A very rigorous weapon against implementation errors in software systems is formal verification: both the desired behaviour (abstract specification) and the implementation (executable specification) are formalised in a suitable logical calculus, and the equivalence of both is proved. The numerous technical details involved in such a procedure suggest to let a proof assistant check all proof ste...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2010