A Sound Framework for Untrusted Verification-Condition Generators
نویسندگان
چکیده
We propose a framework called configurable proofcarrying code, which allows the untrusted producer of mobile code to provide the bulk of the code verifier used by a code receiver to check the safety of the received code. The resulting system is both more flexible and also more trustworthy than a standard proof-carrying code system, because only a small part of the verifier needs to be trusted, while the remaining part can be configured freely to suit the safety policy on one hand, and the structure of the mobile code on the other hand. In this paper we describe formally the protocol that the untrusted verifier must follow in the interaction with the trusted infrastructure. We present a proof of the soundness of the system, and we give preliminary evidence that the architecture is expressive enough to delegate to the untrusted verifier even the handling of loop invariants, indirect jumps and calling conventions.
منابع مشابه
Extensible Code Verification
Popular language-based security mechanisms for software systems are based on verifiers that enforce a fixed and trusted type system. We live in a multi-lingual world and no system is written entirely in a single strongly-typed language. Rather than seek the absolute most general type system, we propose a sound framework for customizing the mechanism (e.g., a type system or an explicit safety pr...
متن کاملProgram Verification by Coinduction
We present a novel program verification approach based on coinduction, which takes as input an operational semantics. No intermediates like axiomatic semantics or verification condition generators are needed. Specifications can be written using any state predicates. We implement our approach in Coq, giving a certifying language-independent verification framework. Our proof system is implemented...
متن کاملبررسی آلودگی صوتی مولد های دیزلی در فعالیت های ساختمان سازی دریکی از مناطق تهران
Introduction: Using diesel generators is necessary for activities like welding in construction sites and it is often accompanied with noise pollution. The aim of this study was to evaluate noise pollution induced by diesel generators in construction activities in one of the districts of Tehran city. Material and Method: In this descriptive study, 14 construction sites were selected for th...
متن کاملPartial Translation Verification for Untrusted Code-Generators
Within the context of model-based development, the correctness of code generators for modeling notations such as Simulink and Stateflow is of obvious importance. If correctness of code generation can be shown, the extensive and often costly verification and validation activities conducted in the modeling domain could be effectively leveraged in the code domain. Unfortunately, most code generato...
متن کاملDesign and fabrication of an ultrasonic thermoacoustic generator using metal nanocoatings (Research Article)
In this paper, we design, simulate, and build an ultrasonic heat generator. In thermoacoustics, heat generated by the passage of alternating current through a thin conductor produces a sound wave. In this method, unlike other methods of sound production, moving parts are not used to vibrate air molecules, and as a result, the frequency response of these generators is flatter than other sound ge...
متن کامل