Verification of safety properties in the presence of transactions

Authors:
Reiner Hähnle;Wojciech Mostowski
Affiliations:
Department of Computing Science, Chalmers University of Technology, Göteborg, Sweden;Department of Computing Science, Chalmers University of Technology, Göteborg, Sweden
Venue:
CASSIS'04 Proceedings of the 2004 international conference on Construction and Analysis of Safe, Secure, and Interoperable Smart Devices
Year:
2004

Citing 10
Cited 7

Extended static checking for Java

PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
Java Card Technology for Smart Cards: Architecture and Programmer's Guide

Java Card Technology for Smart Cards: Architecture and Programmer's Guide
Dynamic Logic

Dynamic Logic
Applying "Design by Contract"

Computer
A Language Framework for Expressing Checkable Properties of Dynamic Software

Proceedings of the 7th International SPIN Workshop on SPIN Model Checking and Software Verification
A Dynamic Logic for the Formal Verification of Java Card Programs

JavaCard '00 Revised Papers from the First International Workshop on Java on Smart Cards: Programming and Security
A Sequent Calculus for First-Order Dynamic Logic with Trace Modalities

IJCAR '01 Proceedings of the First International Joint Conference on Automated Reasoning
Extending JML Specifications with Temporal Logic

AMAST '02 Proceedings of the 9th International Conference on Algebraic Methodology and Software Technology
Checking secure interactions of smart card applets: extended version

Journal of Computer Security - Special issue on ESORICS 2000
A program logic for handling JAVACARD's transaction mechanism

FASE'03 Proceedings of the 6th international conference on Fundamental approaches to software engineering

A program logic for resources

Theoretical Computer Science
A Unified Framework for Verification Techniques for Object Invariants

ECOOP '08 Proceedings of the 22nd European conference on Object-Oriented Programming
MOBIUS: mobility, ubiquity, security objectives and progress report

TGC'06 Proceedings of the 2nd international conference on Trustworthy global computing
Automating verification of loops by parallelization

LPAR'06 Proceedings of the 13th international conference on Logic for Programming, Artificial Intelligence, and Reasoning
Formalisation and verification of java card security properties in dynamic logic

FASE'05 Proceedings of the 8th international conference, held as part of the joint European Conference on Theory and Practice of Software conference on Fundamental Approaches to Software Engineering
Formal reasoning about non-atomic java card methods in dynamic logic

FM'06 Proceedings of the 14th international conference on Formal Methods
A bytecode logic for JML and types

APLAS'06 Proceedings of the 4th Asian conference on Programming Languages and Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

The JavaCard transaction mechanism can ensure that a sequence of statements either is executed to completion or is not executed at all. Transactions make verification of JavaCard programs considerably more difficult, because they cannot be formalised in a logic based on pre- and postconditions. The KeY system includes an interactive theorem prover for JavaCard source code that models the full JavaCard standard including transactions. Based on a case study of realistic size we show the practical difficulties encountered during verification of safety properties. We provide an assessment of current JavaCard source code verification, and we make concrete suggestions towards overcoming the difficulties by design for verification. The main conclusion is that largely automatic verification of realistic JavaCard software is possible provided that it is designed with verification in mind from the start.