Formal development of an embedded verifier for Java Card byte code

Casset, Ludovic; Burdy, Lilian; Requet, A

doi:10.1109/dsn.2002.1028886

Cited by 17 publications

(11 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Rather, its use lies in the generation of certificates that can then be checked on-card. A similar distinction can been observed in on-card byte code verification where the on-card verifier of Casset et al [4] relies on certificates generated off-card, whereas the verifier described by Leroy [10] imposes slight language restrictions so that the verifier can execute on-card.…”

Section: Related Workmentioning

confidence: 95%

See 1 more Smart Citation

Certified Memory Usage Analysis

Cachera

Jensen

Pichardie

et al. 2005

FM 2005: Formal Methods

View full text Add to dashboard Cite

Abstract. We present a certified algorithm for resource usage analysis, applicable to languages in the style of Java byte code. The algorithm verifies that a program executes in bounded memory. The algorithm is destined to be used in the development process of applets and for enhanced byte code verification on embedded devices. We have therefore aimed at a low-complexity algorithm derived from a loop detection algorithm for control flow graphs. The expression of the algorithm as a constraint-based static analysis of the program over simple lattices provides a link with abstract interpretation that allows to state and prove formally the correctness of the analysis with respect to an operational semantics of the program. The certification is based on an abstract interpretation framework implemented in the Coq proof assistant which has been used to provide a complete formalisation and formal verification of all correctness proofs.

show abstract

Section: Related Workmentioning

confidence: 95%

“…Mechanical verification of Java analysers have so far mainly dealt with the Java byte code verifier [2,9,4]. The first exception is the work reported in [3] on formalising an interprocedural data flow analyser for Java Card, on which part of the formalisation of the present analysis is based.…”

Section: Related Workmentioning

confidence: 99%

Certified Memory Usage Analysis

Cachera

Jensen

Pichardie

et al. 2005

FM 2005: Formal Methods

View full text Add to dashboard Cite

show abstract

“…Other important aspects of formal methods which are not treated in this chapter include the use of formal methods to establish a relation between the models developed for platform verification and the actual implementations of the platform, see e.g. [23], or the use of formal methods to verify cryptographic algorithms or protocols used by smartcards, see e.g. [67].…”

Section: Bytecode Verificationmentioning

confidence: 99%

Formal Methods for Smartcard Security

Barthe

Dufay

2005

Foundations of Security Analysis and Design III

View full text Add to dashboard Cite

Abstract. Smartcards are trusted personal devices designed to store and process confidential data, and to act as secure tokens for providing access to applications and services. Smartcards are widely deployed and their usage spans over several application domains including banking, telecommunications, and identity.Open platform smartcards are new generation trusted personal devices with increased flexibility. Such devices, which benefit of increased connectivity and increased interoperability, can host several applets and allow new applets to be loaded post-issuance. Such an increased flexibility raises concerns about the possibility of logical attacks that could affect a very large number of devices, and requires the development of techniques and tools that can be used to increase the reliability of platforms and applications for trusted personal devices. The objective of this chapter is to describe some applications of formal methods to increase the reliability of smartcards and trusted personal devices.

show abstract

“…JVM implementations include an instruction interpreter (which performs the functions of a microprocessor's ISA) as well as other components. Architectural models have been constructed [SSB01], and other components formally specified and verified, such as the byte-code verifier [Cas02,KN01] and parts of the instruction interpreter [Qia99]. At implementation level, Event-B has been used to construct a specification of some of the JVM instruction set in order verify an existing microcoded interpreter implementation [EG07].…”

Section: Related Workmentioning

confidence: 99%

Using Event-B to construct instruction set architectures

Wright

Eder

2011

Form. Asp. Comput.

View full text Add to dashboard Cite

Abstract. The Instruction Set Architecture (ISA) of a computing machine is the definition of the binary instructions, registers, and memory space visible to an executable binary image. ISAs are typically implemented in hardware as microprocessors, but also in software running on a host processor, i.e. Virtual Machines (VMs). Despite there being many ISAs in existence, all share a set of core properties which have been tailored to their particular applications. An abstract model may capture these generic properties and be subsequently refined to a particular machine, providing a reusable template for development of robust ISAs by the formal construction of all normal and exception conditions for each instruction. This is a task to which the Event-B [MAV05, Sch01] formal notation is well suited. This paper describes a project to use the Rodin tool-set [ABH06] to perform such a process, ultimately producing two variants of the MIDAS (Microprocessor Instruction and Data Abstraction System) ISA [Wri08,Wri09/1] as VMs. The abstract model is incrementally refined to variant models capable of automatic translation to C source code, which this is compiled to create useable VMs. These are capable of running binary executables compiled from high-level languages such as C [KR88], and compilers targeted to each variant allow demonstration programs to be executed on them.

show abstract

Formal development of an embedded verifier for Java Card byte code

Cited by 17 publications

References 9 publications

Certified Memory Usage Analysis

Certified Memory Usage Analysis

Formal Methods for Smartcard Security

Using Event-B to construct instruction set architectures

Contact Info

Product

Resources

About