NSF CCR 0524545 Modular Development Of Certified Concurrent Code - PowerPoint PPT Presentation

1 / 1
About This Presentation
Title:

NSF CCR 0524545 Modular Development Of Certified Concurrent Code

Description:

How to make proof-carrying code and certifying compilation work on low-level ... the Coq proof assistant and certifying compiler to make proof development easier. ... – PowerPoint PPT presentation

Number of Views:66
Avg rating:3.0/5.0

less

Transcript and Presenter's Notes

Title: NSF CCR 0524545 Modular Development Of Certified Concurrent Code


1
NSF CCR 0524545 Modular Development Of Certified
Concurrent Code
Zhong Shao, Yale University
http//flint.cs.yale.edu
  • How to make proof-carrying code and certifying
    compilation work on low-level concurrent
    software?
  • The FLINT group at Yale is developing new
    verification technologies that push the
    state-of-the-art in building reliable and secure
    concurrent low-level software with formal
    guarantees.

A typical low-level software system consists of a
thread library implementation, a runtime system,
and the application programs. We develop and
apply different reasoning techniques in an open
framework and link all certified components into
a single system.
Real-world Applications our technologies can be
used to build fully certified critical low-level
components (such as OS kernels, systems
libraries, device drivers, and firmware) with
machine-checkable formal sepecifications and
proofs
Approach and Impact
  • Research Impact
  • Ability to certify various safety properties on
    concurrent low-level code w. dynamic thread
    creation and termination.
  • Thread implementation, context switches, and
    synchronization primitives can be certified and
    moved outside the TCB
  • Applying the Coq proof assistant and certifying
    compiler to make proof development easier.
  • New Approaches
  • SAGL ESOP07 combines concurrent separation
    logic with assume-guarantee reasoning to support
    thread modularity, procedure modularity, and
    local reasoning.
  • XCAP POPL06 provides the first modular
    Hoare-style framework that supports general
    first-class code pointers
  • SCAP PLDI06 provides the first modular
    framework for certifying low-level stack-based
    control abstractions

Hoare style program verification and type systems
are two of the mostly commonly used methods for
formal reasoning. Hoare logic can be combined
with the assume-guarantee paradigm to reason
about high-level concurrent programs but it does
support low-level features such as first-class
code pointers and non-atomic machine-level
primitives. Typed assembly languages provides a
more modular and scalable framework but certifies
simply type safety only. We combine the
strengths of the two to build a powerful new
framework for specifying, composing, and
verifying advanced properties on low-level
concurrent
  • Non-preemptive thread model
  • Thread code C1,,Cn
  • Certified following CCAP YuShao, ICFP04
  • Assume-Guarantee reasoning
  • Thread modularity
  • Do not know about thread queue
  • Scheduler CS
  • Certified in SCAP as sequential code
  • Manages thread queue TQ
  • Do not touch H

Certified mini-thread library using Coq and
XCAP (written in 400-lines x86 assembly modeled
after GNU Pth non-preemptive user-level threads.
40K lines of Coq tactics and proofs
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "NSF CCR 0524545 Modular Development Of Certified Concurrent Code" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!