ContentBased Program Assurance - PowerPoint PPT Presentation

1 / 11
About This Presentation
Title:

ContentBased Program Assurance

Description:

Current status: simple proxy and UI; analysis of Java byte code ... Proxy Capabilities. Prevent unintentional web communication. Notify user of download ... – PowerPoint PPT presentation

Number of Views:42
Avg rating:3.0/5.0
Slides: 12
Provided by: johncmi4
Category:

less

Transcript and Presenter's Notes

Title: ContentBased Program Assurance


1
Content-Based Program Assurance
  • Iliano Cervesato Stephen Freund
  • John Mitchell
  • Amit Patel Insik Shin
  • Stanford
  • Part in collaboration with Martin Abadi, Raymie
    Stata (DEC)

2
Source analysis and annotation
  • Analyze program and annotate
  • Prove properties of program by type analysis
  • Transmit across network
  • Check annotated code
  • Confirm safety properties
  • Generate run-time tests

3
Java-based experimental framework
  • Prover
  • Analyze source code
  • Annotate byte code

Java Source
Compiler
  • Verifier
  • Remove annotations
  • Confirm safety policy
  • Interact with user

Network
Browser
Current status simple proxy and UI analysis of
Java byte code verifier
4
Sample Safety Properties
  • Traditional high-level language properties
  • Type-correctness
  • Maintain abstract types
  • Do not access data declared private
  • Initializate objects before use
  • Resource use
  • Files, window size, network connections, ...

5
Project Breakdown
  • Program analysis
  • Cervesato LLF framework
  • LMMS Type system for complexity,
  • Proxy server and source modification
  • Patel, Shin Proxy, user interface, safe library
  • Study of Java verifier
  • Freund, Mitchell type-based analysis of verifer

6
Program Analysis Framework
7
Proxy Capabilities
  • Prevent unintentional web communication
  • Notify user of download
  • Block specified sites
  • Modify delivered code
  • Use safe library
  • Check window size before creation
  • Limit number of active threads
  • Preprocess Java for custom verifier

8
Compile source code
A.class
A.Java
Java Compiler
Java Virtual Machine
Loader
Network
B.class
Verifier
Linker
Bytecode Interpreter
9
Study Java Verifier
  • Developing specification of Java verifier
  • Error identified initialization and jsr
  • Verification conditions form type system
  • Low-level machine code poses new problems
  • Type of register, stack cell may change
  • FIFO property of function calls not guaranteed
  • Extensible Java verifier
  • Verify annotations inserted by custom analysis

10
Formal Framework
  • Select subset of byte codes
  • Local subroutine call and return
    Stata,Abadi
  • Object allocation, initialization, use Freund,
    M
  • Define operational semantics
  • Formal type system
  • Prove soundness

11
Results To Date
  • Abadi, Stata Local subroutine jsr
  • Specification and correctness proof
  • Freund, Mitchell Object initialization
  • Specification and correctness proof
  • Combination
  • Found bug in JavaSoft verifier
  • Repair rules, correctness proof
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "ContentBased Program Assurance" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!