The B-book: assigning programs to meanings
The B-book: assigning programs to meanings
A type system for Java bytecode subroutines
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Javalight is type-safe—definitely
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A type system for object initialization in the Java bytecode language
Proceedings of the 13th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Java Virtual Machine Specification
Java Virtual Machine Specification
Byte Code Verification for Java Smart Card Based on Model Checking
ESORICS '98 Proceedings of the 5th European Symposium on Research in Computer Security
Formal Proof of Smart Card Applets Correctness
CARDIS '98 Proceedings of the The International Conference on Smart Card Research and Applications
How to Formally Specify the Java Bytecode Semantivs Using the B Method
Proceedings of the Workshop on Object-Oriented Technology
Decomposing bytecode verification by abstract interpretation
ACM Transactions on Programming Languages and Systems (TOPLAS)
Hi-index | 0.00 |
Java Cards are a new generation of smart cards that use the Java programming language. As smart cards are usually used to supply security to an information system, security requirements are very strong. The byte code interpreter and verifier are crucial components of such cards, and proving their safety can become a competitive advantage. Previous works have been done on methodology for proving the soundness of the byte code interpreter and verifier using the B method. It refines an abstract defensive interpreter into a byte code verifier and a byte code interpreter. However, this work had only been tested on a very small subset of the Java Card instruction set. This paper presents a work aiming at verifying the scalability of this previous work. The original instruction subset of about 10 instructions has been extended to a larger subset of more than one hundred instructions, and the additional cost of the proof has been managed by modifying the specification in order to group opcodes by properties.