certificate translation in abstract interpretation
play

Certificate Translation in Abstract Interpretation Gilles Barthe and - PowerPoint PPT Presentation

Nov 24, 2023 •547 likes •1.05k views

Certificate Translation in Abstract Interpretation Gilles Barthe and C esar Kunz Inria April 2, 2008 Gilles Barthe and C esar Kunz (Inria) Certificate Translation in A. I. April 2, 2008 1 / 25 Motivation: source code verification

  1. Certificate Translation in Abstract Interpretation Gilles Barthe and C´ esar Kunz Inria April 2, 2008 Gilles Barthe and C´ esar Kunz (Inria) Certificate Translation in A. I. April 2, 2008 1 / 25

  2. Motivation: source code verification Traditional PCC Source Program Compiler Compiled Execution Program VCGen VCGen Verification Verification Conditions Conditions Proof Prover Certificate OK Checker Producer Consumer Gilles Barthe and C´ esar Kunz (Inria) Certificate Translation in A. I. April 2, 2008 2 / 25

  3. Motivation: source code verification Source Code Verification Source Program Compiler Compiled Execution Program VCGen VCGen Verification Verification Conditions Conditions Proof Prover Certificate OK Checker Producer Consumer Gilles Barthe and C´ esar Kunz (Inria) Certificate Translation in A. I. April 2, 2008 2 / 25

  4. Motivation: source code verification Certificate Translation Source Program Compiler Compiled Execution Program VCGen VCGen Verification Certificate Verification Translator Conditions Conditions Proof Prover Certificate Certificate OK Checker Producer Consumer Gilles Barthe and C´ esar Kunz (Inria) Certificate Translation in A. I. April 2, 2008 2 / 25

  5. Certificate translation vs certifying compilation Source Compiler Compiled Execution Source Compiler Compiled Execution Program Program Program Program VCGen VCGen VCGen VCGen Verification Verification Verification Certificate Verification Translator Conditions Conditions Conditions Conditions Proof Proof Prover Certificate OK Prover Certificate Certificate OK Checker Checker Conventional PCC Certificate Translation Automatically in- Specification Interactive ferred invariants Automatic certifying Interactive source Verification compiler verification Complex func- Safety Properties tional properties Gilles Barthe and C´ esar Kunz (Inria) Certificate Translation in A. I. April 2, 2008 3 / 25

  6. An Abstract Model for Certificate Translation particular language    particular VCgen hard to generate a single unify-  ing framework particular program    optimizations Model: Abstract interpretation of low step trace semantics 1 we show: � interactive verification instances of the same abstract model. automatic program analysis 2 study their interaction in certificate translation Gilles Barthe and C´ esar Kunz (Inria) Certificate Translation in A. I. April 2, 2008 4 / 25

  7. Program Representation c := 1 x ′ := x y ′ := y while ( y ′ � = 1 ) do if ( y ′ mod 2 = 1 ) then c := c × x ′ fi done x ′ = x ′ × c Program: directed graph Nodes denoting execution points ( N ). Edges denoting possible transitions between nodes ( E ). Gilles Barthe and C´ esar Kunz (Inria) Certificate Translation in A. I. April 2, 2008 5 / 25

  8. Abstract Interpretation Program semantics { η 1 , η ′ 1 , η ′′ 1 } l 1 { η 2 , η ′ 2 } l 2 { η 3 } { η ′ 5 } l 3 l 5 . . . . . . { η f , η ′ f } f , η ′′ l f Gilles Barthe and C´ esar Kunz (Inria) Certificate Translation in A. I. April 2, 2008 6 / 25

  9. Abstract Interpretation Program semantics Abstract representation a 1 l 1 { η 1 , η ′ 1 , η ′′ 1 } l 1 a 2 l 2 { η 2 , η ′ 2 } l 2 a 3 l 3 l 5 a 5 { η 3 } { η ′ 5 } l 3 l 5 . . . . . . . . . . . . a f l f { η f , η ′ f } f , η ′′ l f Gilles Barthe and C´ esar Kunz (Inria) Certificate Translation in A. I. April 2, 2008 6 / 25

  10. Solution of an Abstract Interpretation D = � D, ⊑ , ⊓ , . . . � , T � l i ,l j � : D → D a transfer function (for any edge � l i , l j � ) a 1 l 1 { a 1 , a 2 , . . . , a f } a solution of ( D , T ) if: a 2 l 2 T � l 1 ,l 2 � ( a 1 ) ⊑ a 2 a 3 l 3 l 5 a 5 T � l 2 ,l 5 � ( a 2 ) ⊑ a 5 T � l 1 ,l f � ( a 1 ) ⊑ a f . . . . . . . . . a f l f Gilles Barthe and C´ esar Kunz (Inria) Certificate Translation in A. I. April 2, 2008 7 / 25

  11. Example of decidable solution (e.g. constant propagation) ( D, T ) : constant analysis ⊥ i:=0 ( i, 0) x:=b+i ( x, b ) i � = n ( x, b ) j:=x.i i=c+i ( x, b ) i = 0 ⊥ Gilles Barthe and C´ esar Kunz (Inria) Certificate Translation in A. I. April 2, 2008 8 / 25

  12. Example of non-decidable solution (e.g. program verification) ( D, T ) : weakest precondition calculus { j = 0 } i:=0 { j = ( b + i ) ∗ i ∧ b ≤ ( b + i ) ∧ 0 ≤ i } x:=b+i { Inv : j = x ∗ i ∧ b ≤ x ∧ 0 ≤ i } i � = n { x ∗ i = x ∗ i ∧ b ≤ x ∧ 0 ≤ i } j:=x.i i=c+i { j = x ∗ i ∧ b ≤ x ∧ 0 ≤ i } i = 0 { n ∗ b ≤ j } Gilles Barthe and C´ esar Kunz (Inria) Certificate Translation in A. I. April 2, 2008 9 / 25

  13. Galois connections captures notion of imprecision In the following (intuition): ( D, T ) : weakest precondition based verification framework ( D ♯ , T ♯ ) : static analysis that justifies a program optimization. Gilles Barthe and C´ esar Kunz (Inria) Certificate Translation in A. I. April 2, 2008 10 / 25

  14. Consistency of T ♯ w.r.t. T T ( γ ( a )) ⊑ γ ( T ♯ ( a )) Gilles Barthe and C´ esar Kunz (Inria) Certificate Translation in A. I. April 2, 2008 11 / 25

  15. Consistency of T ♯ w.r.t. T T ( γ ( a )) ⊑ γ ( T ♯ ( a )) Smaller elements: more information Gilles Barthe and C´ esar Kunz (Inria) Certificate Translation in A. I. April 2, 2008 11 / 25

  16. Consistency of T ♯ w.r.t. T γ ( a 1 ) a 1 l 1 l 1 γ ( a 2 ) a 2 l 2 l 2 γ ( a 3 ) γ ( a 5 ) a 3 l 3 l 5 a 5 l 3 l 5 . . . . . . . . . . . . a f l f γ ( a f ) l f Result: { a 1 , a 2 . . . a n } a solution of ( D ♯ , T ♯ ) , then { γ ( a 1 ) , γ ( a 2 ) . . . γ ( a n ) } is a solution of ( D, T ) . Gilles Barthe and C´ esar Kunz (Inria) Certificate Translation in A. I. April 2, 2008 12 / 25

  17. A Primer on Certificate Translation x:=4 y:=x x = y ? x � = y ? Gilles Barthe and C´ esar Kunz (Inria) Certificate Translation in A. I. April 2, 2008 13 / 25

  18. A Primer on Certificate Translation D :logic formulae true x:=4 x ≥ 0 y:=x x = y ? x � = y ? true false Gilles Barthe and C´ esar Kunz (Inria) Certificate Translation in A. I. April 2, 2008 13 / 25

  19. A Primer on Certificate Translation D ♯ :const. analysis D :logic formulae ⊤ true x:=4 ( x, 4) x ≥ 0 y:=x ( x, 4) , ( y, 4) x = y ? x � = y ? . . . true . . . false Gilles Barthe and C´ esar Kunz (Inria) Certificate Translation in A. I. April 2, 2008 13 / 25

  20. A Primer on Certificate Translation D ♯ :const. analysis D :logic formulae ⊤ true ⊤ true x:=4 x:=4 ( x, 4) x ≥ 0 ( x, 4) x ≥ 0 y:=4 y:=x ( x, 4) , ( y, 4) ( x, 4) , ( y, 4) x = y ? x = y ? x � = y ? . . . true x � = y ? . . . true . . . false . . . false Gilles Barthe and C´ esar Kunz (Inria) Certificate Translation in A. I. April 2, 2008 13 / 25

  21. A Primer on Certificate Translation D ♯ :const. analysis D :logic formulae ⊤ true ⊤ true x:=4 x:=4 ( x, 4) x ≥ 0 ( x, 4) x ≥ 0 y:=4 y:=x ( x, 4) , ( y, 4) ( x, 4) , ( y, 4) x = y ? x = y ? x � = y ? . . . true x � = y ? . . . true . . . false . . . false Gilles Barthe and C´ esar Kunz (Inria) Certificate Translation in A. I. April 2, 2008 13 / 25

  22. A Primer on Certificate Translation Key Idea sufficiently strong solution ↔ preservation along transformations ⊤ true x:=4 ( x, 4) x ≥ 0 { a 1 . . . a n } solution of ( D ♯ , T ♯ ) y:=x ( x, 4) , ( y, 4) x = y ? x � = y ? . . . true . . . false Gilles Barthe and C´ esar Kunz (Inria) Certificate Translation in A. I. April 2, 2008 14 / 25

  23. A Primer on Certificate Translation Key Idea sufficiently strong solution ↔ preservation along transformations γ ( ⊤ ) true x:=4 γ (( x, 4)) x ≥ 0 { a 1 . . . a n } solution of ( D ♯ , T ♯ ) y:=x { γ ( a 1 ) . . . γ ( a n ) } solution of ( D, T ) γ (( x, 4) , ( y, 4)) x = y ? x � = y ? . . . true . . . false Gilles Barthe and C´ esar Kunz (Inria) Certificate Translation in A. I. April 2, 2008 14 / 25

  24. A Primer on Certificate Translation Key Idea sufficiently strong solution ↔ preservation along transformations true true x:=4 x ≥ 0 x = 4 { a 1 . . . a n } solution of ( D ♯ , T ♯ ) y:=x { γ ( a 1 ) . . . γ ( a n ) } solution of ( D, T ) x = 4 ∧ y = 4 x = y ? x � = y ? . . . true . . . false Gilles Barthe and C´ esar Kunz (Inria) Certificate Translation in A. I. April 2, 2008 14 / 25

  25. A Primer on Certificate Translation Key Idea sufficiently strong solution ↔ preservation along transformations true true x:=4 x ≥ 0 x = 4 { a 1 . . . a n } solution of ( D ♯ , T ♯ ) y:=x { γ ( a 1 ) . . . γ ( a n ) } solution of ( D, T ) x = 4 ∧ y = 4 { a 1 . . . a n } solution of ( D, T ) x = y ? { b 1 . . . b n } solution of ( D, T ) { a 1 ⊓ b 1 . . . a n ⊓ b n } solution of ( D, T ) x � = y ? . . . true . . . false Gilles Barthe and C´ esar Kunz (Inria) Certificate Translation in A. I. April 2, 2008 14 / 25

  26. Certified Setting ( a i ) i ∈N a solution of ( D, T ) Gilles Barthe and C´ esar Kunz (Inria) Certificate Translation in A. I. April 2, 2008 15 / 25

  27. Certified Setting ( a i ) i ∈N a solution of ( D, T ) ⊑ is undecidable, e.g. D = logic formulae Gilles Barthe and C´ esar Kunz (Inria) Certificate Translation in A. I. April 2, 2008 15 / 25

Recommend

Abstract interpretation based Analysis [FPCA 95], Predicate Abstraction [Mannas festschrift

Abstract interpretation based Analysis [FPCA 95], Predicate Abstraction [Mannas festschrift

Abstract interpretation The Verification Grand Challenge - Abstract interpretation is a mathematical theory of - - and Abstract Interpretation sound approximation of properties of formal sys- tems (including program specifications, semantics,

422 views • 10 slides
Certificate translation Gilles Barthe INRIA Sophia-Antipolis, France

Certificate translation Gilles Barthe INRIA Sophia-Antipolis, France

EVEREST MOBIUS Certificate translation Summary Certificate translation Gilles Barthe INRIA Sophia-Antipolis, France http://www-sop.inria.fr/everest September 7th, 2005 G. Barthe Certificate translation EVEREST MOBIUS Certificate

642 views • 28 slides
Correctness of Abstract Interpretation Deepak Dsouza and K. V. Raghavan Summary: What is an

Correctness of Abstract Interpretation Deepak Dsouza and K. V. Raghavan Summary: What is an

Correctness of Abstract Interpretation Deepak Dsouza and K. V. Raghavan Summary: What is an abstract interpretation (AI)? Given: A complete join semi-lattice D . This is the abstract semantic domain. A monotonic

297 views • 25 slides
Use of Interpreters in Mediation Dr. Xiaohui Yuan xiaohui.yuan@nottingham.ac.uk Translation vs.

Use of Interpreters in Mediation Dr. Xiaohui Yuan xiaohui.yuan@nottingham.ac.uk Translation vs.

Use of Interpreters in Mediation Dr. Xiaohui Yuan xiaohui.yuan@nottingham.ac.uk Translation vs. Interpretation Translation: writing mode Interpretation: oral mode Contexts: Liaison interpretation vs. Conference interpretation

833 views • 30 slides
Abstract Interpretation Harry Xu CS 253/INF 212 Spring 2013 Acknowledgements Many slides in

Abstract Interpretation Harry Xu CS 253/INF 212 Spring 2013 Acknowledgements Many slides in

Abstract Interpretation Harry Xu CS 253/INF 212 Spring 2013 Acknowledgements Many slides in this file were taken from the tutorial slides that Patrick Cousot used in VMCAI05 Abstract Interpretation A theory of sound approximation of

946 views • 92 slides
Ariane 5.01 failure Patriot failure Mars orbiter loss (overflow) (float rounding) (unit error)

Ariane 5.01 failure Patriot failure Mars orbiter loss (overflow) (float rounding) (unit error)

Motivation (1 mn) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Abstract interpretation, reminder (10 mn) . . . . . . . . . . . . . . . . . . 6 Applications of abstract interpretation (2 mn) . . . . . . . . .

876 views • 16 slides
Abstract Interpretation III Semantics and Application to Program Verification Antoine Min e

Abstract Interpretation III Semantics and Application to Program Verification Antoine Min e

Abstract Interpretation III Semantics and Application to Program Verification Antoine Min e Ecole normale sup erieure, Paris year 20152016 Course 12 20 May 2016 Course 12 Abstract Interpretation III Antoine Min e p. 1 / 60

706 views • 67 slides
A Reconstruction of a Types-and-Effects Analysis by Abstract Interpretation Letterio Galletta

A Reconstruction of a Types-and-Effects Analysis by Abstract Interpretation Letterio Galletta

A Reconstruction of a Types-and-Effects Analysis by Abstract Interpretation Letterio Galletta Dipartimento di Informatica - Universit di Pisa 19/09/2012 - ITCTCS 2012 Outline 1 Type and Effect Systems 2 Abstract Interpretation 3

762 views • 24 slides
Tracing Compilation by Abstract Interpretation S. Dissegna, F. Logozzo, F. Ranzato Thophile

Tracing Compilation by Abstract Interpretation S. Dissegna, F. Logozzo, F. Ranzato Thophile

Just-In-Time compilation Study setup Abstract interpretation Correctness proof Tracing Compilation by Abstract Interpretation S. Dissegna, F. Logozzo, F. Ranzato Thophile Bastian March 7, 2018 Slides: https://tiny.tobast.fr/m2-absint-slides

445 views • 16 slides
Department of Interpretation & Translation DIT Head: Prof. Silvia Bernardini Deputy:

Department of Interpretation & Translation DIT Head: Prof. Silvia Bernardini Deputy:

Department of Interpretation & Translation DIT Head: Prof. Silvia Bernardini Deputy: Prof. Licia Reggiani Tuesday October 2 2018 Who we are International Masters degree programme in Specialized Translation Course coordinator

537 views • 40 slides
30 Years of Abstract Interpretation Thomas Jaudon Ball Microsoft Research [This is the text of a

30 Years of Abstract Interpretation Thomas Jaudon Ball Microsoft Research [This is the text of a

30 Years of Abstract Interpretation Thomas Jaudon Ball Microsoft Research [This is the text of a 20 minute talk I gave at the 30 Years of Abstract Interpretation Workshop in San Francisco, California, USA on January 9, 2008. The subsections

196 views • 9 slides
Logical Abstract Interpretation Sumit Gulwani Microsoft Research, Redmond Final Goal of the

Logical Abstract Interpretation Sumit Gulwani Microsoft Research, Redmond Final Goal of the

Logical Abstract Interpretation Sumit Gulwani Microsoft Research, Redmond Final Goal of the class Automatically verify partial correctness of programs like the following using abstract interpretation. Void Init(int* A, int n) { for (i := 0;

908 views • 62 slides
Static Program Analysis Foundations of Abstract Interpretation Sebastian Hack, Christian Hammer,

Static Program Analysis Foundations of Abstract Interpretation Sebastian Hack, Christian Hammer,

Static Program Analysis Foundations of Abstract Interpretation Sebastian Hack, Christian Hammer, Jan Reineke Advanced Lecture, Winter 2014/15 Abstract Interpretation Semantics-based approach to program analysis Framework to develop

487 views • 33 slides
Outline Static Analysis: Overview, Syntactic Analysis and Abstract Interpretation Overview

Outline Static Analysis: Overview, Syntactic Analysis and Abstract Interpretation Overview

Outline Static Analysis: Overview, Syntactic Analysis and Abstract Interpretation Overview TDDC90: Software Security Syntactic Analysis Ahmed Rezine Abstract Interpretation IDA, Linkpings Universitet Hsttermin 2014 Static Program

75 views • 7 slides
Constraints in Abstract Model Checking Direct implementation of an abstract interpretation John

Constraints in Abstract Model Checking Direct implementation of an abstract interpretation John

Constraints in Abstract Model Checking Direct implementation of an abstract interpretation John Gallagher 12 1 Roskilde University 2 IMDEA Software Institute, Madrid CP meets CAV Turun, Turkey John Gallagher Constraints in Abstract Model

375 views • 16 slides
Formal and informal translation and interpretation for immigrants and asylum seekers Dr.

Formal and informal translation and interpretation for immigrants and asylum seekers Dr.

16/06/2016 Formal and informal translation and interpretation for immigrants and asylum seekers Dr. Caroline Linse School of Education Queens University Belfast Northern Ireland recently has become more culturally and linguistically

428 views • 16 slides
Basic Concepts of Abstract Interpretation Patrick Cousot cole normale suprieure 45

Basic Concepts of Abstract Interpretation Patrick Cousot cole normale suprieure 45

Basic Concepts of Abstract Interpretation Patrick Cousot cole normale suprieure 45 rue dUlm 75230 Paris cedex 05, France Patrick.Cousot@ens.fr www.di.ens.fr/~cousot IFIP WCC Topical day on Abstract Interpretation P.

1.95k views • 183 slides
Abstract Interpretation + Impure Catalysts Our Sparrow Experience YI Jhee, MS Jin, YB Jung, DH

Abstract Interpretation + Impure Catalysts Our Sparrow Experience YI Jhee, MS Jin, YB Jung, DH

Abstract Interpretation + Impure Catalysts Our Sparrow Experience YI Jhee, MS Jin, YB Jung, DH Kim, SH Kong, HJ Lee, HJ Oh, DJ Park, Kwangkeun Yi Programming Research Laboratory Seoul National University Korea 30 Years of Abstract

920 views • 37 slides
A proof - theoretic approach to abstract interpretation Apostolos Tzimoulis joint work with

A proof - theoretic approach to abstract interpretation Apostolos Tzimoulis joint work with

A proof - theoretic approach to abstract interpretation Apostolos Tzimoulis joint work with Vijay DSilva, Alessandra Palmigiano and Caterina Urban (with images from Patrick Cousot) TACL 2017 - Prague A bstract interpretation A bstract

341 views • 14 slides
Evaluation of the Implementation of an Abstract Interpretation Algorithm using Tabled CLP n

Evaluation of the Implementation of an Abstract Interpretation Algorithm using Tabled CLP n

ICLP19 Las Cruces, September 22, 2019 Evaluation of the Implementation of an Abstract Interpretation Algorithm using Tabled CLP n Arias 1 , 2 Manuel Carro 1 , 2 Joaqu 1 IMDEA Software Institute, 2 Universidad Polit ecnica de Madrid

468 views • 42 slides
Second-Order Abstract Interpretation via Kleene Algebra Dexter Kozen Cornell University AVM

Second-Order Abstract Interpretation via Kleene Algebra Dexter Kozen Cornell University AVM

Second-Order Abstract Interpretation via Kleene Algebra Dexter Kozen Cornell University AVM 2015 Attersee, Austria 4 May 2015 Joint work with Lucja Kot CS Department Cornell University Abstract Interpretation Cousot & Cousot 79

737 views • 60 slides
Abstract Interpretation with Applications to Semantics and Static Analysis 1. The

Abstract Interpretation with Applications to Semantics and Static Analysis 1. The

Abstract Interpretation with Applications to Semantics and Static Analysis 1. The Problem: The Design of Safe and Secure Computer- Patrick Cousot cole normale suprieure Based Systems 45 rue dUlm, 75230 Paris cedex 05, France

288 views • 27 slides
Static Analysis: Overview, Syntactic Analysis and Abstract Interpretation TDDC90: Software

Static Analysis: Overview, Syntactic Analysis and Abstract Interpretation TDDC90: Software

Static Analysis: Overview, Syntactic Analysis and Abstract Interpretation TDDC90: Software Security Ahmed Rezine IDA, Linkpings Universitet Hsttermin 2019 Outline Overview Syntactic Analysis Abstract Interpretation Outline Overview

323 views • 28 slides
Kind-AI: When abstract interpretation and SMT-based model-checking meet Pierre-Loc Garoche

Kind-AI: When abstract interpretation and SMT-based model-checking meet Pierre-Loc Garoche

Kind-AI: When abstract interpretation and SMT-based model-checking meet Pierre-Loc Garoche Onera U. of Iowa joint work with T. Kashai and C. Tinelli 04/13/2012 Kind-AI: When abstract interpretation and SMT-based model-checking meet -

652 views • 53 slides

More recommend