Compositional Verifiers for Mobile Code Safety Bor-Yuh Evan Chang Adam Chlipala George C. Necula May 12, 2005 OSQ Retreat Santa Cruz, California.

Slides:



Advertisements
Similar presentations
EDUC4417 Senior Computers Dr. Mumbi Kariuki January 28, 2004 Object-Orientation David Cuillerier.
Advertisements

Shape Analysis with Structural Invariant Checkers Bor-Yuh Evan Chang Xavier Rival George C. Necula May 10, 2007 OSQ Retreat.
Analysis of Low-Level Code Using Cooperating Decompilers Bor-Yuh Evan Chang Matthew Harren George C. Necula University of California, Berkeley SAS 2006.
Machine-Level Programming III: Procedures Feb. 8, 2000 Topics IA32 stack Stack-based languages Stack frames Register saving conventions Creating pointers.
Extensible Shape Analysis by Designing with the User in Mind Bor-Yuh Evan Chang Bor-Yuh Evan Chang, Xavier Rival, and George Necula University of California,
University of Washington Procedures and Stacks II The Hardware/Software Interface CSE351 Winter 2013.
Architecture Chapter 2 - Supplement Additional Features In Chapter 2.
Assembly Code Verification Using Model Checking Hao XIAO Singapore University of Technology and Design.
Type-Based Verification of Assembly Language for Compiler Debugging Bor-Yuh Evan ChangAdam Chlipala George C. NeculaRobert R. Schneck University of California,
The Design and Implementation of a Certifying Compiler [Necula, Lee] A Certifying Compiler for Java [Necula, Lee et al] David W. Hill CSCI
Coolaid: Debugging Compilers with Untrusted Code Verification Bor-Yuh Evan Chang with George Necula, Robert Schneck, and Kun Gao May 14, 2003 OSQ Retreat.
Extensible Verification of Untrusted Code Bor-Yuh Evan Chang, Adam Chlipala, Kun Gao, George Necula, and Robert Schneck May 14, 2004 OSQ Retreat Santa.
University of Washington Last Time For loops  for loop → while loop → do-while loop → goto version  for loop → while loop → goto “jump to middle” version.
Context Switch Animation Another one by Anastasia.
Machine-Level Programming III: Procedures Apr. 17, 2006 Topics IA32 stack discipline Register saving conventions Creating pointers to local variables CS213.
Under the Hood of the Open Verifier Bor-Yuh Evan Chang, Adam Chlipala, Kun Gao, George Necula, and Robert Schneck October 21, 2003 OSQ Group Meeting.
1 Function Calls Professor Jennifer Rexford COS 217 Reading: Chapter 4 of “Programming From the Ground Up” (available online from the course Web site)
– 1 – , F’02 ICS05 Instructor: Peter A. Dinda TA: Bin Lin Recitation 4.
1 Homework Reading –PAL, pp , Machine Projects –Finish mp2warmup Questions? –Start mp2 as soon as possible Labs –Continue labs with your.
A Type System for Expressive Security Policies David Walker Cornell University.
Assembly תרגול 8 פונקציות והתקפת buffer.. Procedures (Functions) A procedure call involves passing both data and control from one part of the code to.
September 22, 2014 Pengju (Jimmy) Jin Section E
Extensible Untrusted Code Verification Robert Schneck with George Necula and Bor-Yuh Evan Chang May 14, 2003 OSQ Retreat.
4/6/08Prof. Hilfinger CS164 Lecture 291 Code Generation Lecture 29 (based on slides by R. Bodik)
Stack Activation Records Topics IA32 stack discipline Register saving conventions Creating pointers to local variables February 6, 2003 CSCE 212H Computer.
Extensible Code Verification Kun Gao (Senior EECS) with Professor George Necula, Evan Chang, Robert Schneck, Adam Chlipala An individual receives code.
Programming Languages Generations
Fall 2008CS 334: Computer SecuritySlide #1 Smashing The Stack A detailed look at buffer overflows as described in Smashing the Stack for Fun and Profit.
Carnegie Mellon Introduction to Computer Systems /18-243, spring 2009 Recitation, Jan. 14 th.
Fabián E. Bustamante, Spring 2007 Machine-Level Programming III - Procedures Today IA32 stack discipline Register saving conventions Creating pointers.
1 CPSC 185 Introduction to Computing The course home page
Code Generation Compiler Baojian Hua
Assembly תרגול 5 תכנות באסמבלי. Assembly vs. Higher level languages There are NO variables’ type definitions.  All kinds of data are stored in the same.
Secure Compiler Seminar 4/11 Visions toward a Secure Compiler Toshihiro YOSHINO (D1, Yonezawa Lab.)
Low Level Programming Lecturer: Duncan Smeed The Interface Between High-Level and Low-Level Languages.
Machine-level Programming III: Procedures Topics –IA32 stack discipline –Register saving conventions –Creating pointers to local variables.
SAFE KERNEL EXTENSIONS WITHOUT RUN-TIME CHECKING George C. Necula Peter Lee Carnegie Mellon U.
CS642: Computer Security X86 Review Process Layout, ISA, etc. Drew Davidson
CSCE 314 Programming Languages
1 Assembly Language: Function Calls Jennifer Rexford.
Improvements to the Compiler Lecture 27 Mon, Apr 26, 2004.
Buffer Overflow Attacks 1 Basic Idea Sample Attacks Protection , Computer & Network Security.
Lecture 1 Overview Topics InstructionsReadings: January 9, 2006 CSCE 531 Compiler Construction.
IA32 Stack –Region of memory managed with stack discipline –Grows toward lower addresses –Register %esp indicates lowest stack address address of top element.
CS 177 Computer Security Lecture 9
Reading Condition Codes (Cont.)
Machine-Level Programming 2 Control Flow
Introduction to programming languages, Algorithms & flowcharts
C function call conventions and the stack
Introduction to programming languages, Algorithms & flowcharts
Conditional Branch Example
Exploiting & Defense Day 2 Recap
TALx86: A Realistic Typed Assembly Language
Introduction to programming languages, Algorithms & flowcharts
Computer Architecture adapted by Jason Fritts then by David Ferry
asum.ys A Y86 Programming Example
Machine-Level Programming 4 Procedures
Machine-Level Programming 2 Control Flow
Assembly Language Programming II: C Compiler Calling Sequences
Lecture 30 (based on slides by R. Bodik)
Machine-Level Programming III: Procedures Sept 18, 2001
Machine-Level Representation of Programs III
Machine-Level Programming 2 Control Flow
System Calls David Ferry CSCI 3500 – Operating Systems
C021TV-I3-S1.
C structures and Compilation to IA32
Compiler Construction CS 606 Sohail Aslam Lecture 1.
Return-to-libc Attacks
Presentation transcript:

Compositional Verifiers for Mobile Code Safety Bor-Yuh Evan Chang Adam Chlipala George C. Necula May 12, 2005 OSQ Retreat Santa Cruz, California

2 5/12/2005Compositional Verifiers for Mobile Code Safety OR code type checker Type Safety as an Assurance Mechanism Type checking is a well-accepted safety assurance mechanism Most checkers today: –source-level (e.g. ML, C#, Java) –bytecode-level (e.g. CLI, JVML) –not assembly-level … pushl %ebp movl %esp, %ebp subl $8, %esp movl 12(%ebp), %eax subl $8, %esp movl (%eax), %edx addl $28, %edx pushl $3 pushl %eax movl (%edx), %eax call *%eax … pushl %ebp movl %esp, %ebp subl $8, %esp movl 12(%ebp), %eax subl $8, %esp movl (%eax), %edx addl $28, %edx pushl $3 pushl %eax movl (%edx), %eax call *%eax … Want: a straightforward extension to assembly-level checking

3 5/12/2005Compositional Verifiers for Mobile Code Safety Problem Verifiers for lower-level code are more difficult and tedious to build Observation 1:Observation 1: Many verification tasks are common to large classes of verifiers –stack overflow checks, adherence to the calling convention (almost all) –dynamic dispatch (object-oriented languages) Observation 2:Observation 2: Various intermediate-level languages abstract various details

4 5/12/2005Compositional Verifiers for Mobile Code Safety Basic Idea Stack verifierCall verifierType verifier call func(6) mem[sp] := 6 sp := sp – 4 jump func push 6 jump func

5 5/12/2005Compositional Verifiers for Mobile Code Safety jump func state Verifier Construction Verifiers are typically phrased as abstract interpreters or data- flow analyses Call verifier

6 5/12/2005Compositional Verifiers for Mobile Code Safety state call func(6) state Verifier Construction Call verifierType verifier

7 5/12/2005Compositional Verifiers for Mobile Code Safety state call func(6) jump func state call func(6) state Composing Flow Functions state Call verifierType verifier Decompile state Step call func(6) Decompile state Step

8 5/12/2005Compositional Verifiers for Mobile Code Safety Summary Intermediate languages seem useful for interfacing between abstract interpreters –Re-use of existing higher-level verifiers (e.g. JBV) Decomposed abstract transition into –a decompilation phase –a transition phase to expose the abstraction to higher-level verifiers Local decomposition of abstract transition hopefully makes soundness proofs of a composed verifier compositional

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.