Verified Translation Validation of Static Analyses

被引：3

作者：

Barthe, Gilles ^{[1
]}

Blazy, Sandrine ^{[2
]}

Laporte, Vincent ^{[1
]}

Pichardie, David ^{[3
]}

Trieu, Alix ^{[2
]}

机构：

[1] IMDEA Software Inst, Madrid, Spain

[2] Univ Rennes 1, INRIA, CNRS IRISA, Rennes, France

[3] ENS Rennes, CNRS IRISA, INRIA, Rennes, France

来源：

2017 IEEE 30TH COMPUTER SECURITY FOUNDATIONS SYMPOSIUM (CSF) | 2017年

关键词：

verified compilation; Coq proof assistant; program analysis; constant-time programming; SECURE INFORMATION-FLOW; EQUIVALENCE; SAFETY;

D O I：

10.1109/CSF.2017.16

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Motivated by applications to security and high efficiency, we propose an automated methodology for validating on low-level intermediate representations the results of a source-level static analysis. Our methodology relies on two main ingredients: a relative-safety checker, an instance of a relational verifier which proves that a program is "safer" than another, and a transformation of programs into defensive form which verifies the analysis results at runtime. We prove the soundness of the methodology, and provide a formally verified instantiation based on the Verasco verified C static analyzer and the CompCert verified C compiler. We experiment with the effectiveness of our approach with client optimizations at RTL level, and static analyses for cache-based timing side-channels and memory usage at pre-assembly levels.

引用

页码：405 / 419

页数：15

共 48 条

[31]

Lahiri Shuvendu K., 2012, Computer Aided Verification. Proceedings 24th International Conference, CAV 2012, P712, DOI 10.1007/978-3-642-31424-7_54

[32] Automatic Rootcausing for Program Equivalence Failures in Binaries [J].

Lahiri, Shuvendu K. ;

Sinha, Rohit ;

Hawblitzel, Chris .

COMPUTER AIDED VERIFICATION, PT I, 2015, 9206 :362-379

[33] Formal certification of a compiler back-end or:: Programming a compiler with a proof assistant [J].

Leroy, X .

ACM SIGPLAN NOTICES, 2006, 41 (01) :42-54

[34] A Formally Verified Compiler Back-end [J].

Leroy, Xavier .

JOURNAL OF AUTOMATED REASONING, 2009, 43 (04) :363-446

[35]

LOGOZZO F, 2014, P 2014 ACM SIGPL C, V49, P294, DOI DOI 10.1145/2594291.2594326

[36]

Misailovic S, 2014, ACM SIGPLAN NOTICES, V49, P309, DOI [10.1145/10.1145/2660193.2660231, 10.1145/2714064.2660231]

[37] Verification of Information Flow and Access Control Policies with Dependent Types [J].

Nanevski, Aleksandar ;

Banerjee, Anindya ;

Garg, Deepak .

2011 IEEE SYMPOSIUM ON SECURITY AND PRIVACY (SP 2011), 2011, :165-179

[38] Translation validation for an optimizing compiler [J].

Necula, GC .

ACM SIGPLAN NOTICES, 2000, 35 (05) :83-94

[39]

Necula G. C., 1997, Conference Record of POPL '97: The 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, P106, DOI 10.1145/263699.263712

[40] The design and implementation of a certifying compiler [J].

Necula, GC ;

Lee, P .

ACM SIGPLAN NOTICES, 1998, 33 (05) :333-344

← 1 2 3 4 5 →