Proof-Carrying Apps: Contract-Based Deployment-Time Verification
نویسندگان
چکیده
For extensible software platforms in safety-critical domains, it is important that deployed plug-ins work as specified. This is especially true with the prospect of allowing third parties to add plug-ins. We propose a contract-based approach for deployment-time verification. Every plug-in guarantees its functional behavior under a specific set of assumptions towards its environment. With proof-carrying apps, we generalize proof-carrying code from proofs to artifacts that facilitate deployment-time verification, where the expected behavior is specified by the means of design-by-contract. With proof artifacts, the conformance of apps to environment assumptions is checked during deployment, even on resource-constrained devices. This procedure prevents unsafe operation by unintended programming mistakes as well as intended malicious behavior. We discuss which criteria a formal verification technique has to fulfill to be applicable to proof-carrying apps and evaluate the verification tools KeY and Soot for proof-carrying apps.
منابع مشابه
Proof-Transforming Compilation of Eiffel Programs
In modern development schemes the processing of programs often involves an intermediate step of translation to some intermediate bytecode, complicating the verification task. Expanding on the ideas of Proof-Carrying Code (PCC), we have built a proof-transforming compiler which translates a contract-equipped program and its proof into bytecode representing both the program and the proof; before ...
متن کاملRaziel: Private and Verifiable Smart Contracts on Blockchains
Raziel combines secure multi-party computation and proof-carrying code to provide privacy, correctness and verifiability guarantees for smart contracts on blockchains. Effectively solving DAO and Gyges attacks, this paper describes an implementation and presents examples to demonstrate its practical viability (e.g., private and verifiable crowdfundings and investment funds, double auctions for ...
متن کاملControl Simulation and Experimental Verification of Maximum Power Point Tracking Based on RT-LAB (TECHNICAL NOTE)
The maximum power point tracking (MPPT) control in the Photovoltaic system is the key control technology, however present controller has the disadvantages of long development cycle, high cost and complex verification, and there are some disadvantages carrying out totally physical simulation or totally digital simulation of different control algorithms. This paper carried out design of hardware ...
متن کاملScripting smart contracts for distributed ledger technology
We give an overview of the scripting languages used in existing cryptocurrencies, and in particular we review in some detail the scripting languages of Bitcoin, Nxt and Ethereum, in the context of a high-level overview of Distributed Ledger Technology and cryptocurrencies. We survey different approaches, and give an overview of critiques of existing languages. We also cover technologies that mi...
متن کاملFoundational Proof-Carrying Code
Proof-carrying code is a framework for the mechanical verification of safety properties of machine language programs, but the problem arises of quis custodiat ipsos custodes—who will verify the verifier itself? Foundational proof-carrying code is verification from the smallest possible set of axioms, using the simplest possible verifier and the smallest possible runtime system. I will describe ...
متن کامل