Efficient software-based fault isolation
SOSP '93 Proceedings of the fourteenth ACM symposium on Operating systems principles
Specifying representations of machine instructions
ACM Transactions on Programming Languages and Systems (TOPLAS)
Derivatives of Regular Expressions
Journal of the ACM (JACM)
Machine Descriptions to Build Tools for Embedded Systems
LCTES '98 Proceedings of the ACM SIGPLAN Workshop on Languages, Compilers, and Tools for Embedded Systems
Machine Instruction Syntax and Semantics in Higher Order Logic
CADE-17 Proceedings of the 17th International Conference on Automated Deduction
Pin: building customized program analysis tools with dynamic instrumentation
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Evaluating SFI for a CISC architecture
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
The semantics of x86-CC multiprocessor machine code
Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The semantics of power and ARM multiprocessor machine code
Proceedings of the 4th workshop on Declarative aspects of multicore programming
Regular-expression derivatives re-examined
Journal of Functional Programming
ESOP '09 Proceedings of the 18th European Symposium on Programming Languages and Systems: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
Formal verification of a realistic compiler
Communications of the ACM - Barbara Liskov: ACM's A.M. Turing Award Winner
Proceedings of the eighteenth international symposium on Software testing and analysis
Centaur Technology Media Unit Verification
CAV '09 Proceedings of the 21st International Conference on Computer Aided Verification
VCC: A Practical System for Verifying Concurrent C
TPHOLs '09 Proceedings of the 22nd International Conference on Theorem Proving in Higher Order Logics
Native Client: a sandbox for portable, untrusted x86 native code
Communications of the ACM - Amir Pnueli: Ahead of His Time
A verified compiler for an impure functional language
Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Automatically generating instruction selectors using declarative machine descriptions
Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
x86-TSO: a rigorous and usable programmer's model for x86 multiprocessors
Communications of the ACM
Lyrebird: assigning meanings to machines
SSV'10 Proceedings of the 5th international conference on Systems software verification
Partial derivative automata formalized in Coq
CIAA'10 Proceedings of the 15th international conference on Implementation and application of automata
Finding and understanding bugs in C compilers
Proceedings of the 32nd ACM SIGPLAN conference on Programming language design and implementation
Lem: a lightweight tool for heavyweight semantics
ITP'11 Proceedings of the Second international conference on Interactive theorem proving
Parsing with derivatives: a functional pearl
Proceedings of the 16th ACM SIGPLAN international conference on Functional programming
ARMor: fully verified software fault isolation
EMSOFT '11 Proceedings of the ninth ACM international conference on Embedded software
A trustworthy monadic formalization of the ARMv7 instruction set architecture
ITP'10 Proceedings of the First international conference on Interactive Theorem Proving
ESOP'12 Proceedings of the 21st European conference on Programming Languages and Systems
Transformer specification language: a system for generating analyzers and its applications
Transformer specification language: a system for generating analyzers and its applications
Establishing browser security guarantees through formal shim verification
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Scalable formal machine models
CPP'12 Proceedings of the Second international conference on Certified Programs and Proofs
High-level separation logic for low-level code
POPL '13 Proceedings of the 40th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Machine-verified network controllers
Proceedings of the 34th ACM SIGPLAN conference on Programming language design and implementation
Coq: the world's best macro assembler?
Proceedings of the 15th Symposium on Principles and Practice of Declarative Programming
A versatile code execution isolation framework with security first
Proceedings of the 2013 ACM workshop on Cloud computing security workshop
The page-fault weird machine: lessons in instruction-less computation
WOOT'13 Proceedings of the 7th USENIX conference on Offensive Technologies
Strato: a retargetable framework for low-level inlined-reference monitors
SEC'13 Proceedings of the 22nd USENIX conference on Security
Hi-index | 0.00 |
Software-based fault isolation (SFI), as used in Google's Native Client (NaCl), relies upon a conceptually simple machine-code analysis to enforce a security policy. But for complicated architectures such as the x86, it is all too easy to get the details of the analysis wrong. We have built a new checker that is smaller, faster, and has a much reduced trusted computing base when compared to Google's original analysis. The key to our approach is automatically generating the bulk of the analysis from a declarative description which we relate to a formal model of a subset of the x86 instruction set architecture. The x86 model, developed in Coq, is of independent interest and should be usable for a wide range of machine-level verification tasks.