Importing and executing untrusted foreign code has become an everyday occurrence: Web servers download plug-ins and applets; databases load type-specific extensions; and operating systems load customized policies and performance measurement code. Certification of the safety of the untrusted code is crucial in these domains. I have developed new methods to determine statically whether it is safe for untrusted machine code to be loaded into a trusted host system. My safety-checking technique operates directly on the untrusted machine-code program, requiring only that the initial inputs to the untrusted program be annotated with typestate information and linear constraints. This approach opens up the possibility of being able to certify code p...
Foundational certified code systems seek to prove untrusted programs to be safe relative to safety p...
Abstract. Program certication techniques formally show that pro-grams satisfy certain safety policie...
Language: English Existing skills or strong desire to learn: • formal verification in the Coq proof ...
We check statically whether it is safe for untrusted foreign machine code to be loaded into a truste...
Proof-carrying code is a technique that can be used to execute untrusted code safely. A code consum...
Many computing systems today are written in weakly typed languages such as C and C++. These language...
Abstract. Proof-carrying code (PCC) allows a code producer to asso-ciate to a program a machine-chec...
An approach enabling end-users to verify that a downloaded untrusted code will not leak confidential...
The traditional system safety paradigm of isolating safety-critical functionality is no longer tenab...
This paper describes a mechanism by which an operating -system kernel can determine with certainty t...
Growing software quality requirements have raised the stakes on software safety and security. Buildi...
Abstract. Verification of machine-code programs using program logic has focused on functional correc...
Foundational certified code systems seek to prove untrusted programs to be safe relative to safety p...
ii Protecting running applications is a hard problem. Many applications are written in a low-level l...
<p>Embedded software today is pervasive: they can be found everywhere, from coffee makers and medica...
Foundational certified code systems seek to prove untrusted programs to be safe relative to safety p...
Abstract. Program certication techniques formally show that pro-grams satisfy certain safety policie...
Language: English Existing skills or strong desire to learn: • formal verification in the Coq proof ...
We check statically whether it is safe for untrusted foreign machine code to be loaded into a truste...
Proof-carrying code is a technique that can be used to execute untrusted code safely. A code consum...
Many computing systems today are written in weakly typed languages such as C and C++. These language...
Abstract. Proof-carrying code (PCC) allows a code producer to asso-ciate to a program a machine-chec...
An approach enabling end-users to verify that a downloaded untrusted code will not leak confidential...
The traditional system safety paradigm of isolating safety-critical functionality is no longer tenab...
This paper describes a mechanism by which an operating -system kernel can determine with certainty t...
Growing software quality requirements have raised the stakes on software safety and security. Buildi...
Abstract. Verification of machine-code programs using program logic has focused on functional correc...
Foundational certified code systems seek to prove untrusted programs to be safe relative to safety p...
ii Protecting running applications is a hard problem. Many applications are written in a low-level l...
<p>Embedded software today is pervasive: they can be found everywhere, from coffee makers and medica...
Foundational certified code systems seek to prove untrusted programs to be safe relative to safety p...
Abstract. Program certication techniques formally show that pro-grams satisfy certain safety policie...
Language: English Existing skills or strong desire to learn: • formal verification in the Coq proof ...