Combining a Verification Condition Generator for a Bytecode Language with Static Analyses

Grégoire, Benjamin; Sacchini, Jorge Luis

doi:10.1007/978-3-540-78663-4_4

Cited by 6 publications

(4 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…They focus on a null-pointer analysis; although the analyzer is not formalized in Coq, Hubert and co-workers [11] provides a good starting point for carrying such an implementation. The method of Grégoire and Sacchini [8] supports bidirectional interaction between the analysis and verification condition generation, as the static analysis can extract useful information from the program annotations, at the same time as the results of the analysis are exploited by the verification condition generator to reduce the number of proof obligations (although we have not done so, it is relatively easy to integrate such bidirectional interaction in our work).…”

Section: Related Workmentioning

confidence: 99%

“…For example, Wildmoser, Chaieb and Nipkow [19] have used Isabelle/HOL to prove the soundness of hybrid methods for Java bytecode; they rely on interval analyses to detect arrays out of bounds, and implement a proof-producing version of the analysis that generates proofs that the results of the analysis is correct. More recently, Grégoire and Sacchini [8] have formalized in Coq a hybrid verification method for JVM programs. They focus on a null-pointer analysis; although the analyzer is not formalized in Coq, Hubert and co-workers [11] provides a good starting point for carrying such an implementation.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Preservation of Proof Pbligations for Hybrid Verification Methods

Barthe

Kunz

Pichardie

et al. 2008

2008 Sixth IEEE International Conference on Software Engineering and Formal Methods

View full text Add to dashboard Cite

Program verification environments increasingly rely on hybrid methods that combine static analyses and verification condition generation. While such verification environments operate on source programs, it is often preferable to achieve guarantees about executable code. We show that, for a hybrid verification method based on numerical static analysis and verification condition generation, compilation preserves proof obligations and therefore it is possible to transfer evidence from source to compiled programs. Our result relies on the preservation of the solutions of analysis by compilation; this is achieved by relying on a bytecode analysis that performs symbolic execution of stack expressions in order to overcome the loss of precision incurred by performing static analyses on compiled (rather than source) code. Finally, we show that hybrid verification methods are sound by proving that every program provable by hybrid methods is also provable (at a higher cost) by standard methods.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Preservation of Proof Pbligations for Hybrid Verification Methods

Barthe

Kunz

Pichardie

et al. 2008

2008 Sixth IEEE International Conference on Software Engineering and Formal Methods

View full text Add to dashboard Cite

show abstract

“…In [10], the authors extended the work [9] to bytecode subroutines, virtual method invocation and exceptions. On the behavioral side, using predicate transformation to reason about bytecode properties has been studied in [12] . The authors presented a verification condition generator for bytecode formalized in the Coq proof assistant and based on weakest precondition calculus.…”

Section: Related Workmentioning

confidence: 99%

Towards a General Framework for Formal Reasoning about Java Bytecode Transformation

Lounas

Mezghiche

Lanet

2013

Electron. Proc. Theor. Comput. Sci.

View full text Add to dashboard Cite

Program transformation has gained a wide interest since it is used for several purposes: altering semantics of a program, adding features to a program or performing optimizations. In this paper we focus on program transformations at the bytecode level. Because these transformations may introduce errors, our goal is to provide a formal way to verify the update and establish its correctness. The formal framework presented includes a definition of a formal semantics of updates which is the base of a static verification and a scheme based on Hoare triples and weakest precondition calculus to reason about behavioral aspects in bytecode transformatio

show abstract

“…For example, many verification condition generators rely on a null pointer analysis to reduce the number of proof obligations; see e.g. [Barnett et al 2005], and also [Grégoire and Sacchini 2008], in which Grégoire and Sacchini prove the soundness of a hybrid verification condition generator that relies on a null pointer analysis, and , in which Wildmoser, Chaieb, and Nipkow prove the soundness of a hybrid verification condition generator that relies on an interval analysis.…”

Section: Hybrid Certificatesmentioning

confidence: 99%

An Abstract Model of Certificate Translation

Barthe

Kunz

2011

ACM Trans. Program. Lang. Syst.

View full text Add to dashboard Cite

A certificate is a mathematical object that can be used to establish that a piece of mobile code satisfies some security policy. In general, certificates cannot be generated automatically. There is thus an interest in developing methods to reuse certificates generated for source code to provide strong guarantees of the compiled code correctness. Certificate translation is a method to transform certificates of program correctness along semantically justified program transformations. These methods have been developed in previous work, but they were strongly dependent on particular programming and verification settings. This article provides a more general development in the setting of abstract interpretation, showing the scalability of certificate translation.

show abstract

Combining a Verification Condition Generator for a Bytecode Language with Static Analyses

Cited by 6 publications

References 12 publications

Preservation of Proof Pbligations for Hybrid Verification Methods

Preservation of Proof Pbligations for Hybrid Verification Methods

Towards a General Framework for Formal Reasoning about Java Bytecode Transformation

An Abstract Model of Certificate Translation

Contact Info

Product

Resources

About