SAT-Based Software Certification

Chaki, Sagar

doi:10.1007/11691372_10

Cited by 3 publications

(7 citation statements)

References 31 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…AIR is also adoptable for the purpose of using certifying model checking [23] for proof carrying code (PCC) [25]. Certifying model checking in combination with abstraction has been used [24,8] to construct invariants and ranking functions for the purpose of certifying source code. By generating source code from binaries, AIR enables us to leverage the above technology for the PCC-style certification of binaries.…”

Section: Discussionmentioning

confidence: 99%

Software model checking without source code

Chaki

Ivers

2010

Innovations Syst Softw Eng

Self Cite

View full text Add to dashboard Cite

We present a framework, called AIR, for verifying safety properties of assembly language programs via software model checking. AIR extends the applicability of predicate abstraction and counterexample guided abstraction refinement to the automated verification of low-level software. By working at the assembly level, AIR allows verification of programs for which source code is unavailable-such as legacy and COTS software-and programs that use features-such as pointers, structures, and object-orientation-that are problematic for source-level software verification tools. In addition, AIR makes no assumptions about the underlying compiler technology. We have implemented a prototype of AIR and present encouraging results on several non-trivial examples.

show abstract

Section: Discussionmentioning

confidence: 99%

Software model checking without source code

Chaki

Ivers

2010

Innovations Syst Softw Eng

Self Cite

View full text Add to dashboard Cite

show abstract

“…We will not go into a detailed proof of Fact 1, since it requires careful formalization of the semantics of C and ϕ. In addition, proofs of theorems that capture the same idea are presented elsewhere [Necula 1996, Chaki 2006. Indeed, if such a certificate (RF , Π) exists, by the soundness of the proof system used to construct Π, we know that VC (RF ) is valid, and hence, by Fact 1, C |= ϕ.…”

Section: Basic Conceptsmentioning

confidence: 99%

“…If VC (RF3 ) is valid, the resolution proof produced by ZChaff serves as Π. The use of SAT enables us to obtain extremely compact proofs in practice [Chaki 2006]. Finally, the certificate (RF , Π) along with the binary is produced as the end result-the certified binary for Spec.…”

Section: The Proceduresmentioning

confidence: 99%

“…Copper emits the ranking function as a set of triples of the form ((l, I), s, r) where: (1) I is an invariant (i.e., the concretization of a predicate valuation V such that (l, V ) is a reachable state of M ), 6 (2) s is a state of the Büchi automaton corresponding to the policy, and (3) r is a rank. The procedure for constructing an appropriate ranking function has been presented elsewhere, so we do not describe it further here [Chaki 2006]. …”

Section: Ranking Functions Generated By Coppermentioning

confidence: 99%

“…In recent years, CMC has been augmented with iterative abstraction-refinement to enable the certification of C source code [Henzinger 2002a, Chaki 2006]. …”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Certified Binaries for Software Components

Chaki¹,

Ivers²,

Lee³

et al. 2007

Self Cite

View full text Add to dashboard Cite

Results of SEI Independent Research and Development Projects

Bass¹,

Niz

Hansson

et al. 2008

View full text Add to dashboard Cite

The public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing date sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this collection of Information, including suggestions for reducing this burden, to Department of Defense, Washington Headquarters Services, Directorate for Information Operations and Reports (0704-0188), 1215 Jefferson Davis Highway, Suits 1204, Arlington, VA 22202-4302. Respondents should be aware that notwithstanding any other provision of law, no person shall be subject to any penalty for failing to comply with a collection of information if it does not display a currently valid OPM control number. PLEASE DO NOT RETURN YOUR FORM TO THE ABOVE ADDRESS.

show abstract

SAT-Based Software Certification

Cited by 3 publications

References 31 publications

Software model checking without source code

Software model checking without source code

Certified Binaries for Software Components

Results of SEI Independent Research and Development Projects

Contact Info

Product

Resources

About