certificate translation for specification preserving
play

Certificate Translation for Specification Preserving Advices Gilles - PowerPoint PPT Presentation

Certificate Translation for Specification Preserving Advices Certificate Translation for Specification Preserving Advices Gilles Barthe and Csar Kunz INRIA Sophia Antipolis - Mditerrane FOAL 2008 Csar Kunz (with Gilles Barthe) FOAL


  1. Certificate Translation for Specification Preserving Advices Certificate Translation for Specification Preserving Advices Gilles Barthe and César Kunz INRIA Sophia Antipolis - Méditerranée FOAL 2008 César Kunz (with Gilles Barthe) FOAL 2008

  2. Certificate Translation for Specification Preserving Advices MOTIVATION SPECIFICATION PRESERVING ADVICES PROVING SPECIFICATION PRESERVING ADVICES REDUCING PROOF OBLIGATIONS IMPROVING THE VERIFICATION POWER CERTIFICATE TRANSLATION César Kunz (with Gilles Barthe) FOAL 2008

  3. Certificate Translation for Specification Preserving Advices Local reasoning on: - Baseline Code (to understand main functionality) César Kunz (with Gilles Barthe) FOAL 2008 3

  4. Certificate Translation for Specification Preserving Advices Local reasoning on: - Baseline Code (to understand main functionality) - Advice Code (to understand the implemented aspect Incremental concerns: - Contract enforcement - Logging / Profiling - Evolving Security Requirements César Kunz (with Gilles Barthe) FOAL 2008 4

  5. Certificate Translation for Specification Preserving Advices Local reasoning on: - Baseline Code (to understand main functionality) - Advice Code (to understand the implemented aspect Incremental concerns: - Contract enforcement - Logging / Profiling - Evolving Security Requirements Global analysis of pointcuts to understand interaction of aspects César Kunz (with Gilles Barthe) FOAL 2008 5

  6. Certificate Translation for Specification Preserving Advices Producer vs Consumer Perspective PCC setting: contract enforcement Obliviousness -> Local Reasoning? ● functional properties (logic formulae) ● Absence of null pointer access ● Type Safety, etc. Syntactic Obliviousness is not enough Contract preserv. vs semantic preserv weaker requirement Syntactic Obliviousness vs. Semantic Obliviousness Satisfies baseline contract P code Advice code Dantas & Walker [POPL06]: Satisfies ● characterize Harmless Advices that baseline contract P allow local reasoning code ● information flow analysis to check advice non-interference. César Kunz (with Gilles Barthe) FOAL 2008 6

  7. Certificate Translation for Specification Preserving Advices MOTIVATION SPECIFICATION PRESERVING ADVICES PROVING SPECIFICATION PRESERVING ADVICES REDUCING PROOF OBLIGATIONS IMPROVING THE VERIFICATION POWER CERTIFICATE TRANSLATION César Kunz (with Gilles Barthe) FOAL 2008 7

  8. Certificate Translation for Specification Preserving Advices Specification Preserving Advices Harmless Spec. preserving NO NO Strong specification César Kunz (with Gilles Barthe) FOAL 2008 8

  9. Certificate Translation for Specification Preserving Advices Specification Preserving Advices Harmless Spec. preserving NO YES César Kunz (with Gilles Barthe) FOAL 2008 9

  10. Certificate Translation for Specification Preserving Advices Specification Preserving Advices Harmless Spec. preserving YES NO César Kunz (with Gilles Barthe) FOAL 2008 10

  11. Certificate Translation for Specification Preserving Advices Specification Preserving Advices Harmless Spec. preserving A specification preserving advice may modify variables in the specification. NO YES ● Output value may differ ● is not invalidated. ● is ensured. César Kunz (with Gilles Barthe) FOAL 2008 11

  12. Certificate Translation for Specification Preserving Advices MOTIVATION SPECIFICATION PRESERVING ADVICES PROVING SPECIFICATION PRESERVING ADVICES REDUCING PROOF OBLIGATIONS IMPROVING THE VERIFICATION POWER CERTIFICATE TRANSLATION César Kunz (with Gilles Barthe) FOAL 2008 12

  13. Certificate Translation for Specification Preserving Advices Proving spec-preservation Baseline Code Verification: wp-based Vcgen Verification of spec. preservation: wp-based Vcgen over modified advice code. f f César Kunz (with Gilles Barthe) FOAL 2008 13

  14. Certificate Translation for Specification Preserving Advices Proving spec-preservation f f César Kunz (with Gilles Barthe) FOAL 2008 14

  15. Certificate Translation for Specification Preserving Advices MOTIVATION SPECIFICATION PRESERVING ADVICES PROVING SPECIFICATION PRESERVING ADVICES REDUCING PROOF OBLIGATIONS IMPROVING THE VERIFICATION POWER CERTIFICATE TRANSLATION César Kunz (with Gilles Barthe) FOAL 2008 15

  16. Certificate Translation for Specification Preserving Advices Specification Harmless Advices César Kunz (with Gilles Barthe) FOAL 2008 16

  17. Certificate Translation for Specification Preserving Advices Specification Harmless Advices César Kunz (with Gilles Barthe) FOAL 2008 17

  18. Certificate Translation for Specification Preserving Advices Specification Harmless Advices César Kunz (with Gilles Barthe) FOAL 2008 18

  19. Certificate Translation for Specification Preserving Advices Specification Harmless Advices Does not modify V Does not modify V and res=x César Kunz (with Gilles Barthe) FOAL 2008 19

  20. Certificate Translation for Specification Preserving Advices Specification Harmless Advices Does not modify V Does not modify V and res=x César Kunz (with Gilles Barthe) FOAL 2008 20

  21. Certificate Translation for Specification Preserving Advices Specification Harmless Advices Does not Does not modify V modify V Does not Does not modify V modify V and res=x and res=x César Kunz (with Gilles Barthe) FOAL 2008 21

  22. Certificate Translation for Specification Preserving Advices Specification Harmless Advices Does not Does not modify V modify V Does not Does not modify V modify V and res=x and res=x César Kunz (with Gilles Barthe) FOAL 2008 22

  23. Certificate Translation for Specification Preserving Advices MOTIVATION SPECIFICATION PRESERVING ADVICES PROVING SPECIFICATION PRESERVING ADVICES REDUCING PROOF OBLIGATIONS IMPROVING THE VERIFICATION POWER CERTIFICATE TRANSLATION César Kunz (with Gilles Barthe) FOAL 2008 23

  24. Certificate Translation for Specification Preserving Advices IMPROVING THE VERIFICATION POWER f f César Kunz (with Gilles Barthe) FOAL 2008 24

  25. Certificate Translation for Specification Preserving Advices IMPROVING THE VERIFICATION POWER f f g g César Kunz (with Gilles Barthe) FOAL 2008 25

  26. Or you want to verify the advice locally without Certificate Translation for Specification Preserving Advices considering for the moment in which contexts it will be IMPROVING THE VERIFICATION POWER executed! Drawback Multiple advised procedures = multiple verification invariants. f f g g César Kunz (with Gilles Barthe) FOAL 2008 26

  27. Or you want to verify the advice locally without Certificate Translation for Specification Preserving Advices considering for the moment in which contexts it will be IMPROVING THE VERIFICATION POWER executed! Drawback Multiple advised procedures = multiple verification invariants. f f g g (specification of proceed improves modularity) César Kunz (with Gilles Barthe) FOAL 2008 27

  28. Certificate Translation for Specification Preserving Advices IMPROVING THE VERIFICATION POWER Interference is not always a bad thing. Some advices are be spec-preserving when combined but not when analyzed in isolation ... ... ... César Kunz (with Gilles Barthe) FOAL 2008 28

  29. Certificate Translation for Specification Preserving Advices IMPROVING THE VERIFICATION POWER ... Baseline proc. César Kunz (with Gilles Barthe) FOAL 2008 29

  30. Certificate Translation for Specification Preserving Advices IMPROVING THE VERIFICATION POWER ... Baseline proc. Baseline proc. César Kunz (with Gilles Barthe) FOAL 2008 30

  31. Certificate Translation for Specification Preserving Advices IMPROVING THE VERIFICATION POWER ... Baseline proc. Baseline proc. César Kunz (with Gilles Barthe) FOAL 2008 31

  32. Certificate Translation for Specification Preserving Advices IMPROVING THE VERIFICATION POWER ... Baseline proc. Baseline proc. César Kunz (with Gilles Barthe) FOAL 2008 32

  33. Certificate Translation for Specification Preserving Advices IMPROVING THE VERIFICATION POWER ... Baseline proc. . . . ... Baseline proc. César Kunz (with Gilles Barthe) FOAL 2008 33

  34. Certificate Translation for Specification Preserving Advices IMPROVING THE VERIFICATION POWER ... Baseline proc. . . . ... Baseline proc. César Kunz (with Gilles Barthe) FOAL 2008 34

  35. Certificate Translation for Specification Preserving Advices IMPROVING THE VERIFICATION POWER . . . ... Baseline proc. Specification Refinement instead of Specification Preservation César Kunz (with Gilles Barthe) FOAL 2008 35

  36. Certificate Translation for Specification Preserving Advices MOTIVATION SPECIFICATION PRESERVING ADVICES PROVING SPECIFICATION PRESERVING ADVICES REDUCING PROOF OBLIGATIONS IMPROVING THE VERIFICATION POWER CERTIFICATE TRANSLATION César Kunz (with Gilles Barthe) FOAL 2008 36

  37. Certificate Translation for Specification Preserving Advices Certificate Translation César Kunz (with Gilles Barthe) FOAL 2008 37

Recommend


More recommend