Verified Translation Validation of Static Analyses

被引：3

作者：

Barthe, Gilles ^{[1
]}

Blazy, Sandrine ^{[2
]}

Laporte, Vincent ^{[1
]}

Pichardie, David ^{[3
]}

Trieu, Alix ^{[2
]}

机构：

[1] IMDEA Software Inst, Madrid, Spain

[2] Univ Rennes 1, INRIA, CNRS IRISA, Rennes, France

[3] ENS Rennes, CNRS IRISA, INRIA, Rennes, France

来源：

2017 IEEE 30TH COMPUTER SECURITY FOUNDATIONS SYMPOSIUM (CSF) | 2017年

关键词：

verified compilation; Coq proof assistant; program analysis; constant-time programming; SECURE INFORMATION-FLOW; EQUIVALENCE; SAFETY;

D O I：

10.1109/CSF.2017.16

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Motivated by applications to security and high efficiency, we propose an automated methodology for validating on low-level intermediate representations the results of a source-level static analysis. Our methodology relies on two main ingredients: a relative-safety checker, an instance of a relational verifier which proves that a program is "safer" than another, and a transformation of programs into defensive form which verifies the analysis results at runtime. We prove the soundness of the methodology, and provide a formally verified instantiation based on the Verasco verified C static analyzer and the CompCert verified C compiler. We experiment with the effectiveness of our approach with client optimizations at RTL level, and static analyses for cache-based timing side-channels and memory usage at pre-assembly levels.

引用

页码：405 / 419

页数：15

共 48 条

[1] Almeida Jose Carlos Bacelar, 2016, 25 USENIX SEC S USEN
[2] WYSINWYX: What You See Is Not What You eXecute
Balakrishnan, Gogul
Reps, Thomas
[J]. ACM TRANSACTIONS ON PROGRAMMING LANGUAGES AND SYSTEMS, 2010, 32 (06):
[3] Secure information flow by self-composition
Barthe, G
D'Argenio, PR
Rezk, T
[J]. 17TH IEEE COMPUTER SECURITY FOUNDATIONS WORKSHOP, PROCEEDINGS, 2004, : 100 - 114
[4] Barthe Gilles, 2011, FM 2011: Formal Methods. Proceedings 17th International Symposium on Formal Methods, P200, DOI 10.1007/978-3-642-21437-0_17
[5] Barthe G., 2014, ACM SIGSAC C COMP CO
[6] An Abstract Model of Certificate Translation
Barthe, Gilles
Kunz, Cesar
[J]. ACM TRANSACTIONS ON PROGRAMMING LANGUAGES AND SYSTEMS, 2011, 33 (04):
[7] Certificate Translation for Optimizing Compilers
Barthe, Gilles
Gregoire, Benjamin
Kunz, Cesar
Rezk, Tamara
[J]. ACM TRANSACTIONS ON PROGRAMMING LANGUAGES AND SYSTEMS, 2009, 31 (05):
[8] Bernstein Daniel J., 2012, Progress in Cryptology - LATINCRYPT 2012. Proceedings of the 2nd International Conference on Cryptology and Information Security in Latin America, P159, DOI 10.1007/978-3-642-33481-8_9
[9] Bertot Yves, 2008, LANGUAGE ENG RIGOROU, P153, DOI Springer
[10] Blazy S., 2016, P 21 ACM SIGPLAN INT

← 1 2 3 4 5 →