Results 1 
3 of
3
A Trustworthy Proof Checker
 IN ILIANO CERVESATO, EDITOR, WORKSHOP ON THE FOUNDATIONS OF COMPUTER SECURITY
, 2002
"... ProofCarrying Code (PCC) and other applications in computer security require machinecheckable proofs of properties of machinelanguage programs. The main advantage of the PCC approach is that the amount of code that must be explicitly trusted is very small: it consists of the logic in which predic ..."
Abstract

Cited by 31 (7 self)
 Add to MetaCart
ProofCarrying Code (PCC) and other applications in computer security require machinecheckable proofs of properties of machinelanguage programs. The main advantage of the PCC approach is that the amount of code that must be explicitly trusted is very small: it consists of the logic in which predicates and proofs are expressed, the safety predicate, and the proof checker. We have built a minimal proof checker, and we explain its design principles, and the representation issues of the logic, safety predicate, and safety proofs. We show that the trusted computing base (TCB) in such a system can indeed be very small. In our current system the TCB is less than 2,700 lines of code (an order of magnitude smaller even than other PCC systems) which adds to our confidence of its correctness.
Providing a Formal Linkage between MDG and
, 2002
"... The contribution of this thesis is that we have produced a methodology which can provide a formal linkage between a symbolic state enumeration system and a theorem proving system based on a verified symbolic state enumeration system. The methodology has been partly realized in two simplified version ..."
Abstract
 Add to MetaCart
(Show Context)
The contribution of this thesis is that we have produced a methodology which can provide a formal linkage between a symbolic state enumeration system and a theorem proving system based on a verified symbolic state enumeration system. The methodology has been partly realized in two simplified versions of the MDG system