We present the algorithms used in McVeto (Machine-Code VErification TOol), a tool to check whether a stripped machine-code program satisfies a safety property. The verification problem that McVeto addresses is challenging because it cannot assume that it has access to (i) certain structures commonly relied on by source-code verification tools, such as control-flow graphs and call-graphs, and (ii) meta-data, such as information about variables, types, and aliasing. It cannot even rely on out-of-scope local variables and return addresses being protected from the program's actions. What distinguishes McVeto from other work on software model checking is that it shows how verification of machine-code can be performed, while avoidin...
In the long run, programs should be written from the start with verification in mind. Programs writt...
AbstractWe present lessons learned from using mechanical theorem proving for proof support in softwa...
Abstract: Proof-carrying code approaches aim at the safe execution of untrusted code by having the c...
This paper presents MCDASH, a refinement-based model checker for machine code. While model checkers...
We check statically whether it is safe for untrusted foreign machine code to be loaded into a truste...
We present a transformational approach to program verification and software model checking that uses...
An approach enabling end-users to verify that a downloaded untrusted code will not leak confidential...
. We have formally specified a substantial subset of the MC68020, a widely used microprocessor built...
A central issue in program verification is the generation of verification conditions (VCs): proof ob...
We present a transformational approach to program verification and software model checking that us...
Software model checking is the algorithmic analysis of programs to prove prop-erties of their execut...
Large systems in modern development consist of many concurrent processes. To prove safety properties...
We devise a mechanism to verify the safety of machine codes. We design a stack based machine etySECK...
Security-critical applications at the highest Evaluation Assurance Levels (EAL) require formal proof...
Abstract. This paper discusses the obstacles that stand in the way of doing a good job of machine-co...
In the long run, programs should be written from the start with verification in mind. Programs writt...
AbstractWe present lessons learned from using mechanical theorem proving for proof support in softwa...
Abstract: Proof-carrying code approaches aim at the safe execution of untrusted code by having the c...
This paper presents MCDASH, a refinement-based model checker for machine code. While model checkers...
We check statically whether it is safe for untrusted foreign machine code to be loaded into a truste...
We present a transformational approach to program verification and software model checking that uses...
An approach enabling end-users to verify that a downloaded untrusted code will not leak confidential...
. We have formally specified a substantial subset of the MC68020, a widely used microprocessor built...
A central issue in program verification is the generation of verification conditions (VCs): proof ob...
We present a transformational approach to program verification and software model checking that us...
Software model checking is the algorithmic analysis of programs to prove prop-erties of their execut...
Large systems in modern development consist of many concurrent processes. To prove safety properties...
We devise a mechanism to verify the safety of machine codes. We design a stack based machine etySECK...
Security-critical applications at the highest Evaluation Assurance Levels (EAL) require formal proof...
Abstract. This paper discusses the obstacles that stand in the way of doing a good job of machine-co...
In the long run, programs should be written from the start with verification in mind. Programs writt...
AbstractWe present lessons learned from using mechanical theorem proving for proof support in softwa...
Abstract: Proof-carrying code approaches aim at the safe execution of untrusted code by having the c...