A framework for defining logics
Journal of the ACM (JACM)
Safe kernel extensions without run-time checking
OSDI '96 Proceedings of the second USENIX symposium on Operating systems design and implementation
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
From system F to typed assembly language
ACM Transactions on Programming Languages and Systems (TOPLAS)
A certifying compiler for Java
PLDI '00 Proceedings of the ACM SIGPLAN 2000 conference on Programming language design and implementation
Oracle-based checking of untrusted software
POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Efficient Representation and Validation of Proofs
LICS '98 Proceedings of the 13th Annual IEEE Symposium on Logic in Computer Science
Compiling with proofs
An extended proof-carrying code framework for security enforcement
Transactions on computational science XI
Hi-index | 0.01 |
Proof-Carrying Code (PCC) is a general mechanism for verifying that a code fragment can be executed safely on a host system. The key technical detail that makes PCC simple yet very powerful is that the code fragment is required to be accompanied by a detailed and precise explanation of how it satisfies the safety policy. This leaves the code receiver with the simple task of verifying that the explanation is correct and that it matches the code in question. Previous implementations of PCC used safety explanations in the form of explicit formal proofs of code safety, thus gaining leverage from a substantial amount of previous research in the area of proof representation and checking, but at the expense of poor scalability due to large proof sizes. In this paper we describe a series of changes that are necessary to achieve a truly scalable architecture for PCC. These include a new proof representation form along with a better integration of the various components of a PCC checker. We also present experimental results that show this architecture to be effective for checking the type safety of even very large programs expressed as machine code.