Incremental Certificates and Checkers for Abstraction-Carrying Code

ion-Carrying Code Elvira Albert, Puri Arenas, and Germán Puebla 1 Complutense University of Madrid, {elvira,puri}@sip.ucm.es 2 Technical University of Madrid, [email protected] Abstract. Abstraction-Carrying Code (ACC) has recently been proAbstraction-Carrying Code (ACC) has recently been proposed as a framework for proof-carrying code (PCC) in which the code supplier provides a program together with an abstraction (or abstract model of the program) whose validity entails compliance with a predefined safety policy. The abstraction plays thus the role of safety certificate and its generation is carried out automatically by a fixed-point analyzer. Existing approaches for PCC are developed under the assumption that the consumer reads and validates the entire program w.r.t. the original certificate at once, in a non-incremental way. In the context of ACC, we propose an incremental approach to PCC for the generation of certificates and the checking of untrusted increments of a (trusted) program, i.e., when a producer provides a new increment of a previously validated program. This increment may not only include new procedures, but also extend the definition of already existing ones. Our proposal is that, if the consumer keeps the original abstraction, it is possible to provide, together with the program increment, only the difference of both abstractions, i.e., the incremental certificate. The first obvious advantage is that the size of the transmitted certificate can be considerably reduced. Furthermore, it is now possible to define an incremental checking algorithm which, given a program increment and its incremental certificate, only re-checks the fixpoint for each procedure affected by the increment and the propagation of the effect of these fixpoint changes. As a consequence, both certificate transmission time and checking time can be reduced significantly. To the best of our knowledge, this is the first proposal to incremental certificates and incremental checkers for PCC.