Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A certifying compiler for Java
PLDI '00 Proceedings of the ACM SIGPLAN 2000 conference on Programming language design and implementation
An indexed model of recursive types for foundational proof-carrying code
ACM Transactions on Programming Languages and Systems (TOPLAS)
Foundational Proof-Carrying Code
LICS '01 Proceedings of the 16th Annual IEEE Symposium on Logic in Computer Science
Compiling with proofs
Denotational proof languages
Concepts, Techniques, and Models of Computer Programming
Concepts, Techniques, and Models of Computer Programming
Proof linking: a modular verification architecture for mobile code systems
Proof linking: a modular verification architecture for mobile code systems
Code-carrying theory
Termination checking without using an ordering relation
SEA '07 Proceedings of the 11th IASTED International Conference on Software Engineering and Applications
A fold/unfold transformation framework for rewrite theories extended to CCT
Proceedings of the 2010 ACM SIGPLAN workshop on Partial evaluation and program manipulation
Structured reasoning about actor systems
Proceedings of the 2013 workshop on Programming based on actors, agents, and decentralized control
Hi-index | 0.00 |
Code-Carrying Theory (CCT) is an alternative to the Proof-Carrying Code (PCC) approach to secure delivery of code. With PCC, code is accompanied by assertions and a proof of correctness or of other required properties. The code consumer does not accept delivery unless it first succeeds in generating theorems, called verification conditions, from the code and assertions and checking that the supplied proof proves these theorems. With CCT, instead of transmitting code explicitly, only assertions and proofs are transmitted to the consumer. If proof checking succeeds, code is then obtained by applying a simple tool called CodeGen to the resulting theory. This paper explains the design and implementation of CCT and shows how it can be used to achieve secure delivery of code with required correctness or safety properties. All the tools used in the verification steps are implemented in Athena, which is both a traditional programming language and a deduction language.