Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A semantic model of types and machine instructions for proof-carrying code
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A certifying compiler for Java
PLDI '00 Proceedings of the ACM SIGPLAN 2000 conference on Programming language design and implementation
A Syntactic Approach to Foundational Proof-Carrying Code
LICS '02 Proceedings of the 17th Annual IEEE Symposium on Logic in Computer Science
A Gradual Approach to a More Trustworthy, Yet Scalable, Proof-Carrying Code
CADE-18 Proceedings of the 18th International Conference on Automated Deduction
Foundational Proof-Carrying Code
LICS '01 Proceedings of the 16th Annual IEEE Symposium on Logic in Computer Science
Compiling with proofs
Goal-directed weakening of abstract interpretation results
ACM Transactions on Programming Languages and Systems (TOPLAS)
| Hi-index | 0.00 |
Proof-carrying code (PCC) allows a code producer to associate to a program a machine-checkable proof of its safety. In traditional implementations of PCC the producer negotiates beforehand, and in an unspecified way, with the consumer the permission to prove safety in whatever high-level way it chooses. In practice this has meant that high-level rules for type safety have been hard-wired into the system as part of the trusted code base. This limits the security and flexibility of the PCC system. In this paper, we exhibit an approach to removing the safety proof rules from the trusted base, with a technique by which the producer can convince the consumer that a given set of high-level safety rules enforce a strong global invariant that entails the trusted low-level memory safety policy.