Bytecode Verification by Model Checking

Authors:
David Basin;Stefan Friedrich;Marek Gawkowski
Affiliations:
ETH Zürich;Albert-Ludwigs-Universität Freiburg;Universität Kaiserslautern
Venue:
Journal of Automated Reasoning
Year:
2003

Citing 15
Cited 2

Symbolic model checking: an approach to the state explosion problem

Symbolic model checking: an approach to the state explosion problem
An analysis of ML typability

Journal of the ACM (JACM)
The Model Checker SPIN

IEEE Transactions on Software Engineering - Special issue on formal methods in software practice
Data flow analysis is model checking of abstract interpretations

POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A type system for Java bytecode subroutines

ACM Transactions on Programming Languages and Systems (TOPLAS)
A formal framework for the Java bytecode language and verifier

Proceedings of the 14th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
A type system for object initialization in the Java bytecode language

ACM Transactions on Programming Languages and Systems (TOPLAS)
Standard fixpoint iteration for Java bytecode verification

ACM Transactions on Programming Languages and Systems (TOPLAS)
Java Virtual Machine Specification

Java Virtual Machine Specification
Bytecode Model Checking: An Experimental Analysis

Proceedings of the 9th International SPIN Workshop on Model Checking of Software
Verified Bytecode Model Checkers

TPHOLs '02 Proceedings of the 15th International Conference on Theorem Proving in Higher Order Logics
Byte Code Verification for Java Smart Card Based on Model Checking

ESORICS '98 Proceedings of the 5th European Symposium on Research in Computer Security
Verified bytecode verifiers

Theoretical Computer Science - Foundations of software science and computation structures
Verified Bytecode Subroutines

Journal of Automated Reasoning
Isabelle/HOL: a proof assistant for higher-order logic

Isabelle/HOL: a proof assistant for higher-order logic

Java Bytecode Verification: Algorithms and Formalizations

Journal of Automated Reasoning
Formal methods for smartcard security

Foundations of Security Analysis and Design III

Quantified Score

Hi-index	0.00

Visualization

Abstract

Java bytecode verification is traditionally performed by using dataflow analysis. We investigate an alternative based on reducing bytecode verification to model checking. First, we analyze the complexity and scalability of this approach. We show experimentally that, despite an exponential worst-case time complexity, model checking type-correct bytecode using an explicit-state on-the-fly model checker is feasible in practice, and we give a theoretical account why this is the case. Second, we formalize our approach using Isabelle/HOL and prove its correctness. In doing so we build on the formalization of the Java Virtual Machine and dataflow analysis framework of Pusch and Nipkow and extend it to a more general framework for reasoning about model-checking-based analysis. Overall, our work constitutes the first comprehensive investigation of the theory and practice of bytecode verification by model checking.