Performance critical software is almost always developed in C, as programmers do not trust high-level languages to deliver the same reliable performance. This is bad because low-level code in unsafe languages attracts security vulnerabilities and because development is far less productive, with PL advances mostly lost on programmers operating under tight performance constraints. High-level languages provide memory safety out of the box, but they are deemed too slow and unpredictable for serious system software. Recent years have seen a surge in staging and generative programming: the key idea is to use high-level languages and their abstraction power as glorified macro systems to compose code fragments in first-order, potentially domain-spe...
Proof-Carrying Code (PCC) is a general approach to mobile code safety in which programs are augmente...
We present a methodology and tool for verifying and certifying systems code. The verification is bas...
—Good programming languages provide helpful abstractions for writing secure code, but the security p...
Performance critical software is almost always developed in C, as programmers do not trust high-leve...
Most current approaches to software verification are one-sided -- a safety prover will try to prove ...
Growing software quality requirements have raised the stakes on software safety and security. Buildi...
Writing code is hard; proving it correct is even harder. As the scale of verified software projects ...
Large systems in modern development consist of many concurrent processes. To prove safety properties...
Before software can be formally reasoned about, it must first be represented in some form of logic. ...
We present an approach for automatically generating provably correct abstractions from C source code...
Software is pervasive in our daily lives and we rely on it for many critical tasks. Despite the abun...
International audienceFor all the successes in verifying low-level, efficient, security-critical cod...
Because every aspect of our lives is now inexorably dependent on software, it is crucial that the so...
Severe low-level vulnerabilities abound in today's computer systems,allowing cyber-attackers to remo...
Unlike testing, formal verification can not only prove the presence of errors, but their absence as ...
Proof-Carrying Code (PCC) is a general approach to mobile code safety in which programs are augmente...
We present a methodology and tool for verifying and certifying systems code. The verification is bas...
—Good programming languages provide helpful abstractions for writing secure code, but the security p...
Performance critical software is almost always developed in C, as programmers do not trust high-leve...
Most current approaches to software verification are one-sided -- a safety prover will try to prove ...
Growing software quality requirements have raised the stakes on software safety and security. Buildi...
Writing code is hard; proving it correct is even harder. As the scale of verified software projects ...
Large systems in modern development consist of many concurrent processes. To prove safety properties...
Before software can be formally reasoned about, it must first be represented in some form of logic. ...
We present an approach for automatically generating provably correct abstractions from C source code...
Software is pervasive in our daily lives and we rely on it for many critical tasks. Despite the abun...
International audienceFor all the successes in verifying low-level, efficient, security-critical cod...
Because every aspect of our lives is now inexorably dependent on software, it is crucial that the so...
Severe low-level vulnerabilities abound in today's computer systems,allowing cyber-attackers to remo...
Unlike testing, formal verification can not only prove the presence of errors, but their absence as ...
Proof-Carrying Code (PCC) is a general approach to mobile code safety in which programs are augmente...
We present a methodology and tool for verifying and certifying systems code. The verification is bas...
—Good programming languages provide helpful abstractions for writing secure code, but the security p...