JML (poster session): notations and tools supporting detailed design in Java
OOPSLA '00 Addendum to the 2000 proceedings of the conference on Object-oriented programming, systems, languages, and applications (Addendum)
Machine-Checking the Java Specification: Proving Type-Safety
Formal Syntax and Semantics of Java
Development of an Embedded Verifier for Java Card Byte Code Using Formal Methods
FME '02 Proceedings of the International Symposium of Formal Methods Europe on Formal Methods - Getting IT Right
Formal Development of an Embedded Verifier for Java Card Byte Code
DSN '02 Proceedings of the 2002 International Conference on Dependable Systems and Networks
Proving Pointer Programs in Hoare Logic
MPC '00 Proceedings of the 5th International Conference on Mathematics of Program Construction
A Formal Executable Semantics of the JavaCard Platform
ESOP '01 Proceedings of the 10th European Symposium on Programming Languages and Systems
Extending JML Specifications with Temporal Logic
AMAST '02 Proceedings of the 9th International Conference on Algebraic Methodology and Software Technology
Embedding Formally Proved Code in a Smart Card: Converting B to C
ICFEM '00 Proceedings of the 3rd IEEE International Conference on Formal Engineering Methods
Verification of non-functional programs using interpretations in type theory
Journal of Functional Programming
Industrial Use of Formal Methods for a High-Level Security Evaluation
FM '08 Proceedings of the 15th international symposium on Formal Methods
Formal Verification by Reverse Synthesis
SAFECOMP '08 Proceedings of the 27th international conference on Computer Safety, Reliability, and Security
TPHOLs '09 Proceedings of the 22nd International Conference on Theorem Proving in Higher Order Logics
Certifying native java card API by formal refinement
CARDIS'06 Proceedings of the 7th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
Code optimizations using formally verified properties
Proceedings of the 2013 ACM SIGPLAN international conference on Object oriented programming systems languages & applications
Hi-index | 0.00 |
This paper reports on a method to handle the verification of various security properties of imperative source code embedded on smart cards. The idea is to combine two program verification approaches: the functional verification at the source code level and the verification of high level properties on a formal model built from the program and its specification. The method presented uses the Caduceus tool, built on top of the Why tool. Caduceus enables the verification of an annotated C program and provides a validation process that we used to generate a high level formal model of the C source code. This method is illustrated by an example extracted from the verification of a smart card embedded operating system.