Results 1 - 10
of
17
Toward a Foundational Typed Assembly Language
, 2002
"... We present the design of a typed assembly language called TALT that supports heterogeneous tuples, disjoint sums, and a general account of addressing modes. TALT also implements the von Neumann model in which programs are stored in memory, and supports relative addressing. Type safety for execution ..."
Abstract
-
Cited by 91 (9 self)
- Add to MetaCart
(Show Context)
We present the design of a typed assembly language called TALT that supports heterogeneous tuples, disjoint sums, and a general account of addressing modes. TALT also implements the von Neumann model in which programs are stored in memory, and supports relative addressing. Type safety for execution and for garbage collection are shown by machine-checkable proofs. TALT is the first formalized typed assembly language to provide any of these features.
A Type Theory for Memory Allocation and Data Layout (Extended Version)
- In Proceedings of the 30th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
, 2002
"... Ordered type theory is an extension of linear type theory in which variables in the context may be neither dropped nor re-ordered. This restriction gives rise to a natural notion of adjacency. We show that a language based on ordered types can use this property to give an exact account of the layout ..."
Abstract
-
Cited by 29 (3 self)
- Add to MetaCart
Ordered type theory is an extension of linear type theory in which variables in the context may be neither dropped nor re-ordered. This restriction gives rise to a natural notion of adjacency. We show that a language based on ordered types can use this property to give an exact account of the layout of data in memory. The fuse constructor from ordered logic describes adjacency of values in memory, and the mobility modal describes pointers into the heap. We choose a particular allocation model based on a common implementation scheme for copying garbage collection and show how this permits us to separate out the allocation and initialization of memory locations in such a way as to account for optimizations such as the coalescing of multiple calls to the allocator.
Heap Bounded Assembly Language
, 2003
"... We present a first-order linearly typed assembly language, HBAL, that allows the safe reuse of heap space for elements of di#erent types. The linear types discipline ensures a single pointer property, but disallows aliasing. Since HBAL does not assume an external memory management system, programs r ..."
Abstract
-
Cited by 28 (11 self)
- Add to MetaCart
(Show Context)
We present a first-order linearly typed assembly language, HBAL, that allows the safe reuse of heap space for elements of di#erent types. The linear types discipline ensures a single pointer property, but disallows aliasing. Since HBAL does not assume an external memory management system, programs run in a bounded amount of heap space.
NDL: a domain-specific language for device drivers
- In Proceedings of Languages, Compilers, and Tools for Embedded Systems (LCTES
, 2004
"... Device drivers are difficult to write and error-prone. They are usually written in C, a fairly low-level language with minimal type safety and little support for device semantics. As a result, they have become a major source of instability in operating system code. This paper presents NDL, a languag ..."
Abstract
-
Cited by 19 (3 self)
- Add to MetaCart
(Show Context)
Device drivers are difficult to write and error-prone. They are usually written in C, a fairly low-level language with minimal type safety and little support for device semantics. As a result, they have become a major source of instability in operating system code. This paper presents NDL, a language for device drivers. NDL provides high-level abstractions of device resources and constructs tailored to describing common device driver operations. We show that NDL allows for the coding of a semantically correct driver with a code size reduction of more than 50 % and a minimal impact on performance.
Sharing in Typed Module Assembly Language
- In Preliminary Proceedings of the Third Workshop on Types in Compilation (TIC 2000). Carnegie Mellon
, 2000
"... There is a growing need to provide low-overhead softwarebased protection mechanisms to protect against malicious or untrusted code. Type-based approaches such as proof-carrying code and typed assembly language provide this protection by relying on untrusted compilers to certify the safety proper ..."
Abstract
-
Cited by 19 (4 self)
- Add to MetaCart
(Show Context)
There is a growing need to provide low-overhead softwarebased protection mechanisms to protect against malicious or untrusted code. Type-based approaches such as proof-carrying code and typed assembly language provide this protection by relying on untrusted compilers to certify the safety properties of machine language programs. Typed Module Assembly Language (TMAL) is an extension of typed assembly language with support for the type-safe manipulation of dynamically linked libraries. A particularly important aspect of TMAL is its support for shared libraries.
Vx86: x86 assembler simulated in C powered by automated theorem proving
- IN 12TH INTERNATIONAL CONFERENCE ON ALGEBRAIC METHODOLOGY AND SOFTWARE TECHNOLOGY (AMAST 2008), LNCS 5140
, 2008
"... Vx86 is the first static analyzer for sequential Intel x86 assembler code using automated deductive verification. It proves the correctness of assembler code against function contracts, which are expressed in terms of pre-, post-, and frame conditions using first-order predicates. Vx86 takes the a ..."
Abstract
-
Cited by 10 (3 self)
- Add to MetaCart
Vx86 is the first static analyzer for sequential Intel x86 assembler code using automated deductive verification. It proves the correctness of assembler code against function contracts, which are expressed in terms of pre-, post-, and frame conditions using first-order predicates. Vx86 takes the annotated assembler code, translates it into C code simulating the processor, and then uses an existing C verifier to either prove the correctness of the assembler program or find errors in it. First experiments on applying Vx86 on the Windows Hypervisor code base are encouraging. Vx86 verified the Windows Hypervisor’s memory safety, arithmetic safety, call safety and interrupt safety.
Enforcing Formal Security Properties
, 2001
"... We de ne the formal semantics of expressive security-property language. The language distinguishes safe from unsafe programs and can be enforced systematically using proof-carrying code. The soundness of an enforcement algorithm is shown with respect to the language semantics. ..."
Abstract
-
Cited by 2 (0 self)
- Add to MetaCart
We de ne the formal semantics of expressive security-property language. The language distinguishes safe from unsafe programs and can be enforced systematically using proof-carrying code. The soundness of an enforcement algorithm is shown with respect to the language semantics.
Tool-Assisted Specification and Verification of Typed Low-Level Languages
"... Bytecode verification is one of the key security functions of several architectures for mobile and embedded code, including Java, Java Card, and.NET. Over the last few years, its formal correctness has been studied extensively by academia and industry, using general purpose theorem provers. The obje ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
Bytecode verification is one of the key security functions of several architectures for mobile and embedded code, including Java, Java Card, and.NET. Over the last few years, its formal correctness has been studied extensively by academia and industry, using general purpose theorem provers. The objective of our work is to facilitate such endeavors by providing a dedicated environment for establishing the correctness of bytecode verification within a proof assistant. The environment, called Jakarta, exploits a methodology that casts the correctness of bytecode verification relatively to a defensive virtual machine that performs checks at run-time, and an offensive one that does not, and can be summarized as stating that the two machines coincide on programs that pass bytecode verification. Such a methodology has been used successfully to prove the correctness of the Java Card bytecode verifier, and may potentially be applied to many other similar problems. One definite advantage of the methodology is that it is amenable to automation. Indeed, Jakarta automates the construction of an offensive virtual machine and a bytecode verifier from a defensive machine, and the proofs of correctness of the bytecode verifier. We illustrate the principles of Jakarta on a simple low-level language extended with subroutines, and discuss its usefulness to proving the correctness of the Java Card platform.
General Terms Languages, Security, Verification
"... We present the design of a typed assembly language called TALT that supports heterogeneous tuples, disjoint sums, and a general account of addressing modes. TALT also implements the von Neumann model in which programs are stored in memory, and supports relative addressing. Type safety for execution ..."
Abstract
- Add to MetaCart
(Show Context)
We present the design of a typed assembly language called TALT that supports heterogeneous tuples, disjoint sums, and a general account of addressing modes. TALT also implements the von Neumann model in which programs are stored in memory, and supports relative addressing. Type safety for execution and for garbage collection are shown by machine-checkable proofs. TALT is the first formalized typed assembly language to provide any of these features.
