Code-carrying theory

Authors:
Aytekin Vargun;David R. Musser
Affiliations:
Rensselaer Polytechnic Institute, Troy, NY;Rensselaer Polytechnic Institute, Troy, NY
Venue:
Proceedings of the 2008 ACM symposium on Applied computing
Year:
2008

Citing 10
Cited 2

Proof-carrying code

Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A certifying compiler for Java

PLDI '00 Proceedings of the ACM SIGPLAN 2000 conference on Programming language design and implementation
An indexed model of recursive types for foundational proof-carrying code

ACM Transactions on Programming Languages and Systems (TOPLAS)
Foundational Proof-Carrying Code

LICS '01 Proceedings of the 16th Annual IEEE Symposium on Logic in Computer Science
Compiling with proofs

Compiling with proofs
Denotational proof languages

Denotational proof languages
Concepts, Techniques, and Models of Computer Programming

Concepts, Techniques, and Models of Computer Programming
Proof linking: a modular verification architecture for mobile code systems

Proof linking: a modular verification architecture for mobile code systems
Code-carrying theory

Code-carrying theory
Termination checking without using an ordering relation

SEA '07 Proceedings of the 11th IASTED International Conference on Software Engineering and Applications

A fold/unfold transformation framework for rewrite theories extended to CCT

Proceedings of the 2010 ACM SIGPLAN workshop on Partial evaluation and program manipulation
Structured reasoning about actor systems

Proceedings of the 2013 workshop on Programming based on actors, agents, and decentralized control

Quantified Score

Hi-index	0.00

Visualization

Abstract

Code-Carrying Theory (CCT) is an alternative to the Proof-Carrying Code (PCC) approach to secure delivery of code. With PCC, code is accompanied by assertions and a proof of correctness or of other required properties. The code consumer does not accept delivery unless it first succeeds in generating theorems, called verification conditions, from the code and assertions and checking that the supplied proof proves these theorems. With CCT, instead of transmitting code explicitly, only assertions and proofs are transmitted to the consumer. If proof checking succeeds, code is then obtained by applying a simple tool called CodeGen to the resulting theory. This paper explains the design and implementation of CCT and shows how it can be used to achieve secure delivery of code with required correctness or safety properties. All the tools used in the verification steps are implemented in Athena, which is both a traditional programming language and a deduction language.