Ghosts for Lists: A Critical Module of Contiki Verified in Frama-C

被引：12

作者：

Blanchard, Allan ^{[1
]}

Kosmatov, Nikolai ^{[2
]}

Loulergue, Frederic ^{[3
]}

机构：

[1] Inria Lille Nord Europe, Villeneuve Dascq, France

[2] CEA, List, Software Reliabil & Secur Lab, PC 174, Gif Sur Yvette, France

[3] No Arizona Univ, Sch Informat Comp & Cyber Syst, Flagstaff, AZ 86011 USA

来源：

NASA FORMAL METHODS, NFM 2018 | 2018年 / 10811卷

基金：

欧盟地平线“2020”;

关键词：

Linked lists; Deductive verification; Operating system; Internet of Things; Frama-C;

D O I：

10.1007/978-3-319-77935-5_3

中图分类号：

V [航空、航天];

学科分类号：

08 ; 0825 ;

摘要：

Internet of Things (IoT) applications are becoming increasingly critical and require rigorous formal verification. In this paper we target Contiki, a widely used open-source OS for IoT, and present a verification case study of one of its most critical modules: that of linked lists. Its API and list representation differ from the classical linked list implementations, and are particularly challenging for deductive verification. The proposed verification technique relies on a parallel view of a list through a companion ghost array. This approach makes it possible to perform most proofs automatically using the Frama-C/WP tool, only a small number of auxiliary lemmas being proved interactively in the Coq proof assistant. We present an elegant segment-based reasoning over the companion array developed for the proof. Finally, we validate the proposed specification by proving a few functions manipulating lists.

引用

页码：37 / 53

页数：17

共 25 条

[1] Verification of a Cryptographic Primitive: SHA-256
Appel, Andrew W.
[J]. ACM TRANSACTIONS ON PROGRAMMING LANGUAGES AND SYSTEMS, 2015, 37 (02):
[2] Appel AW, 2011, LECT NOTES COMPUT SC, V6602, P1, DOI 10.1007/978-3-642-19718-5_1
[3] Appel Andrew W, 2014, PROGRAM LOGICS CERTI, DOI DOI 10.1017/CBO9781107256552
[4] Baudin P, ACSL: ANSI/ISO C Specification Language
[5] Bertot Y., 2004, TEXT THEORET COMP S
[6] Blanchard Allan, 2015, Formal Methods for Industrial Critical Systems. 20th International Workshop, FMICS 2015. Proceedings: LNCS 9128, P15, DOI 10.1007/978-3-319-19458-5_2
[7] Brookes Stephen, 2016, ACM SIGLOG News, V3, P47
[8] Clarke L. A., 2006, Software Engineering Notes, V31, P25, DOI 10.1145/1127878.1127900
[9] Auto-Active Proof of Red-Black Trees in SPARK
Dross, Claire
Moy, Yannick
[J]. NASA FORMAL METHODS (NFM 2017), 2017, 10227 : 68 - 83
[10] Dunkels A., 2004, LCN 2014

← 1 2 3 →