Upload File

certificate translation for specification preserving advices · certificate translation for...

  • Home
  • Documents
  • Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving
44
César Kunz (with Gilles Barthe) Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving Advices FOAL 2008 Gilles Barthe and César Kunz INRIA Sophia Antipolis - Méditerranée

Upload: others

Post on 18-Aug-2020

9 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008

Certificate Translation for Specification Preserving Advices

FOAL 2008

Gilles Barthe and César KunzINRIA Sophia Antipolis ­ Méditerranée

Page 2: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008

MOTIVATION

SPECIFICATION PRESERVING ADVICES

PROVING SPECIFICATION PRESERVING ADVICES

REDUCING PROOF OBLIGATIONS

IMPROVING THE VERIFICATION POWER

CERTIFICATE TRANSLATION

Page 3: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 3

Local reasoning on:­ Baseline Code (to understand main functionality)

Page 4: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 4

Local reasoning on:­ Baseline Code (to understand main functionality)

­ Advice Code (to understand the implemented aspect

Incremental concerns:­ Contract enforcement­ Logging / Profiling­ Evolving Security Requirements

Page 5: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 5

Local reasoning on:­ Baseline Code (to understand main functionality)

­ Advice Code (to understand the implemented aspect

Global analysis of pointcuts to understand interaction of aspects

Incremental concerns:­ Contract enforcement­ Logging / Profiling­ Evolving Security Requirements

Page 6: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 6

Dantas & Walker [POPL06]:● characterize Harmless Advices that allow local reasoning● information flow analysis to check advice non­interference.

Producer vs Consumer Perspective

Obliviousness ­> Local Reasoning?

Syntactic Obliviousness vs. Semantic Obliviousness

Syntactic Obliviousness is not enough

baselinecode

Satisfies contract P

Advice code

baselinecode

Satisfies contract P

●functional properties (logic formulae)●Absence of null pointer access●Type Safety, etc.

PCC setting: contract enforcement

Contract preserv. vs semantic preserv

weaker requirement

Page 7: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 7

MOTIVATION

SPECIFICATION PRESERVING ADVICES

PROVING SPECIFICATION PRESERVING ADVICES

REDUCING PROOF OBLIGATIONS

IMPROVING THE VERIFICATION POWER

CERTIFICATE TRANSLATION

Page 8: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 8

Strong specification

Harmless Spec. preserving

NO NO

Specification Preserving Advices

Page 9: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 9

Harmless Spec. preserving

NO YES

Specification Preserving Advices

Page 10: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 10

Harmless Spec. preserving

YES NO

Specification Preserving Advices

Page 11: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 11

A specification preserving advice may modify variables in the specification.

● Output value may differ 

●               is not invalidated.

●                 is ensured.

Harmless Spec. preserving

NO YES

Specification Preserving Advices

Page 12: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 12

MOTIVATION

SPECIFICATION PRESERVING ADVICES

PROVING SPECIFICATION PRESERVING ADVICES

REDUCING PROOF OBLIGATIONS

IMPROVING THE VERIFICATION POWER

CERTIFICATE TRANSLATION

Page 13: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 13

Proving spec­preservation

f

f

Verification of spec. preservation:wp­based Vcgen over modified advice code.

Baseline Code Verification: wp­based Vcgen

Page 14: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 14

f

f

Proving spec­preservation

Page 15: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 15

MOTIVATION

SPECIFICATION PRESERVING ADVICES

PROVING SPECIFICATION PRESERVING ADVICES

REDUCING PROOF OBLIGATIONS

IMPROVING THE VERIFICATION POWER

CERTIFICATE TRANSLATION

Page 16: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 16

Specification Harmless Advices

Page 17: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 17

Specification Harmless Advices

Page 18: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 18

Specification Harmless Advices

Page 19: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 19

Does notmodify Vand res=x

Does notmodify V

Specification Harmless Advices

Page 20: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 20

Does notmodify Vand res=x

Does notmodify V

Specification Harmless Advices

Page 21: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 21

Does notmodify Vand res=x

Does notmodify V

Does notmodify Vand res=x

Does notmodify V

Specification Harmless Advices

Page 22: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 22

Does notmodify Vand res=x

Does notmodify V

Does notmodify Vand res=x

Does notmodify V

Specification Harmless Advices

Page 23: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 23

MOTIVATION

SPECIFICATION PRESERVING ADVICES

PROVING SPECIFICATION PRESERVING ADVICES

REDUCING PROOF OBLIGATIONS

IMPROVING THE VERIFICATION POWER

CERTIFICATE TRANSLATION

Page 24: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 24

ff

IMPROVING THE VERIFICATION POWER

Page 25: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 25

ff

gg

IMPROVING THE VERIFICATION POWER

Page 26: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 26

DrawbackMultiple advised procedures = multiple verification invariants.

ff

gg

Or you want to verify the advice locally without considering for the moment in which contexts it will be executed!IMPROVING THE VERIFICATION POWER

Page 27: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 27

Drawback

(specification of proceed improves modularity)

Multiple advised procedures = multiple verification invariants.

ff

gg

Or you want to verify the advice locally without considering for the moment in which contexts it will be executed!IMPROVING THE VERIFICATION POWER

Page 28: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 28

Some advices are be spec­preserving when combined but not when analyzed in isolation

... ... ...

Interference is not always a bad thing.

IMPROVING THE VERIFICATION POWER

Page 29: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 29

Baseline proc. ...

IMPROVING THE VERIFICATION POWER

Page 30: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 30

Baseline proc.

Baseline proc. ...

IMPROVING THE VERIFICATION POWER

Page 31: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 31

Baseline proc.

Baseline proc. ...

IMPROVING THE VERIFICATION POWER

Page 32: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 32

Baseline proc.

Baseline proc. ...

IMPROVING THE VERIFICATION POWER

Page 33: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 33

Baseline proc.

.

.

.

...

Baseline proc. ...

IMPROVING THE VERIFICATION POWER

Page 34: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 34

Baseline proc.

.

.

.

...

Baseline proc. ...

IMPROVING THE VERIFICATION POWER

Page 35: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 35

Specification Refinement instead of Specification Preservation

Baseline proc.

.

.

.

...

IMPROVING THE VERIFICATION POWER

Page 36: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 36

MOTIVATION

SPECIFICATION PRESERVING ADVICES

PROVING SPECIFICATION PRESERVING ADVICES

REDUCING PROOF OBLIGATIONS

IMPROVING THE VERIFICATION POWER

CERTIFICATE TRANSLATION

Page 37: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 37

Certificate Translation

Page 38: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 38

.

.

.

.

.

.

Execution

OK

CodeCertificate

CodeCertificate

CodeCertificate

Baseline CodeProducer

Advice CodeProducer

Advice CodeProducer

Producer Side Consumer Side

Consider the situation:●Client verification and execution environment not AOP­oriented●Code generated by multiple producers is weaved before execution

ProofChecker

Weaved CodeCode Weaving

Certificate Translation

Page 39: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 39

.

.

.

CodeCertificate

CodeCertificate

CodeCertificate

.

.

.

Weaved Code

Execution

ProofChecker

OK

Baseline CodeProducer

Advice CodeProducer

Advice CodeProducer

Producer Side Consumer Side

Code Weaving

CertificateTranslation

Certificate

Consider the situation:●Client verification and execution environment not AOP­oriented●Code generated by multiple producers is weaved before execution

Certificate Translation

Page 40: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 40

BaselineSource Code

CompilerLow level

 Code

Certificate Translation

High level/structured Low level/stack based

Page 41: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 41

BaselineSource Code

CertificateTranslationCertificate

CompilerLow level

 Code

Certificate

Certificate Translation

High level/structured Low level/stack based

Page 42: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 42

BaselineSource Code

Advice Source Code

Final Weaved Code

CertificateTranslationCertificate

CompilerLow level

 Code

Certificate

Compiler+

Weaving

Certificate Translation

High level/structured Low level/stack based

Page 43: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 43

BaselineSource Code

Advice Source Code

Final Weaved Code

CertificateTranslationCertificate

CompilerLow level

 Code

Certificate

Cert. Trans.for adv. weaving

Compiler+

Weaving

Certificate        ­preserv.

Certificate

Certificate Translation

High level/structured Low level/stack based

Page 44: Certificate Translation for Specification Preserving Advices · Certificate Translation for Specification Preserving Advices FOAL 2008 Certificate Translation for Specification Preserving

César Kunz (with Gilles Barthe)

Certificate Translation for Specification Preserving Advices

FOAL 2008 44

Conclusions

●A more flexible notion of non­interfering advices

●Stronger non­interference analyses reduce proof obligations

●Certificate translation targetting a typical backend


15 Advices

Chinese Advices

Priceless Advices - Askimam

Ten Advices for Architects

PERTURBATION OF TRANSLATION INVARIANT POSITIViTY ... · PERTURBATION OF TRANSLATION INVARIANT POSITIViTY PRESERVING SEMIGROUPS ON L2(RN) BY IRA W. HERBST AND ALAN D. SLOAN1 Abstract

Advices for teenagers

Expressions used for giving advices

NET.04.2012.085 A BEHAVIOR-PRESERVING TRANSLATION FROM FBD ...dslab.konkuk.ac.kr/Publication/7-12-85.pdf · A BEHAVIOR-PRESERVING TRANSLATION FROM FBD DESIGN TO C IMPLEMENTATION FOR

BPP_Reprint Payment Advices

Priceless Advices - Ml Saad

Beginning Bodybuilding Advices(Www.zwmnna.com)

Life’s Best Advices 'Arabic

Sustainability Advices

SOME ADVICES for YOUNG ENTREPRENEURS SOME ADVICES for YOUNG ENTREPRENEURS I-lin Cheng

Statistical advices for biologists

Metabo - Presentation Analysis Advices

Advices for startups

13 advices fo life

Modality-Preserving Phrase-based Statistical Machine Translation

Type-Preserving CPS Translation of and Types is Not Not

JHU MT class: Semantics-preserving machine translation

The Unexplainable Store Advices

Banks Advices April2012

Best advices in life

Bible Translation Differences - gnpcb.org · Bible translation differences : ... Preserving Theological Precision 6. ... So let me attempt a brief history and analysis of

Advices Like

Advices of Hakeem Luqman

Services for Solicitors · IHT advices Charities Duties and personal liability of Trustees VAT advices Financial reviews Pensions Advices regarding implications of Bankruptcy ‘Your

20 Advices

Electricity Advices and Awareness

Beginning Bodybuilding Advices

Phd Advices

TEN ADVICES OF

Masecotte’s Advices

Robotics Operating System Advices