Formal Verification of a C Compiler Front-End

Blazy, Sandrine; Dargaye, Zaynah; Leroy, Xavier

doi:10.1007/11813040_31

Cited by 92 publications

(63 citation statements)

References 7 publications

(6 reference statements)

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Other work that contributes to this goal produces correct SCJ programs from Circus specifications [5,6], and verifies Java [9,12,15,28,29] and C [4,13,14] compilers. Together, these can ensure a complete chain of verification from SCJ programs to executable code.…”

Section: Discussionmentioning

confidence: 99%

Algebraic Compilation of Safety-Critical Java Bytecode

Baxter

Cavalcanti

2017

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Safety-Critical Java (SCJ) is a version of Java that facilitates the development of certifiable programs, and requires a specialised virtual machine (SCJVM). In spite of the nature of the applications for which SCJ is designed, none of the SCJVMs are verified. In this paper, we contribute a formal specification of a bytecode interpreter for SCJ and an algebraic compilation strategy from Java bytecode to C. For the target C code, we adopt the compilation approach for icecap, the only SCJVM that is open source and up-to-date with the SCJ standard. Our work enables either prototyping of a verified compiler, or full verification of icecap or any other SCJVM.

show abstract

Section: Discussionmentioning

confidence: 99%

Algebraic Compilation of Safety-Critical Java Bytecode

Baxter

Cavalcanti

2017

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…Such guarantees are hard to come by. For languages like C and C++, there are efforts to build certifying compilers that can provide such guarantees, for correct software [6,28]. Unfortunately, even these compilers offer few, or no guarantees in the presence of bugs, such as buffer-overflow vulnerabilities.…”

Section: Summary and Discussionmentioning

confidence: 99%

Low-Level Software Security by Example

Erlingsson

Younan

Piessens

2010

Handbook of Information and Communication Security

View full text Add to dashboard Cite

Abstract. Computers are often subject to external attacks that aim to control software behavior. Typically, such attacks arrive as data over a regular communication channel and, once resident in program memory, trigger pre-existing, low-level software vulnerabilities. By exploiting such flaws, these low-level attacks can subvert the execution of the software and gain control over its behavior. The combined effects of these attacks make them one of the most pressing challenges in computer security. As a result, in recent years, many mechanisms have been proposed for defending against these attacks. This chapter aims to provide insight in low-level software attack and defense techniques by discussing 4 examples of attacks that are representative of the major types of attacks on C and C++ software, and 4 examples of defenses selected because of their effectiveness, wide applicability and low enforcement overhead. Attacks and defenses are described in enough detail to be understood even by readers without a background in software security, and with-out a natural inclination for crafting malicious attacks. Throughout, the attacks and defenses are placed in perspective by showing how they are both facilitated by the gap between the semantics of the high-level language of the software under attack, and the low-level semantics of machine code and the hardware on which the software executes.

show abstract

“…Leroy [2,9] verified a compiler from a subset of C, i.e. Clight, to PowerPC assembly code in the Coq system.…”

Section: Related Work and Conclusionmentioning

confidence: 99%

Validated Compilation through Logic

2011

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. To reason about programs written in a language, one needs to define its formal semantics, derive a reasoning mechanism (e.g. a program logic), and maximize the proof automation. Unfortunately, a compiler may involve multiple languages and phases; it is tedious and error prone to do so for each language and each phase. We present an approach based on the use of higher order logic to ease this burden. All the Intermediate Representations (IRs) are special forms of the logic of a prover such that IR programs can be reasoned about directly in the logic. We use this technique to construct and validate an optimizing compiler. New techniques are used to compile-with-proof all the programs into the logic, e.g. a logic specification is derived automatically from the monad interpretation of a piece of assembly code.

show abstract

Formal Verification of a C Compiler Front-End

Cited by 92 publications

References 7 publications

Algebraic Compilation of Safety-Critical Java Bytecode

Algebraic Compilation of Safety-Critical Java Bytecode

Low-Level Software Security by Example

Validated Compilation through Logic

Contact Info

Product

Resources

About