Nicholas Moore Bianca Curutan Pooya Samizadeh McMaster University March 30, 2012.

Slides:

Advertisements

Similar presentations

Comparing Semantic and Syntactic Methods in Mechanized Proof Frameworks C.J. Bell, Robert Dockins, Aquinas Hobor, Andrew W. Appel, David Walker 1.

Advertisements

Exercise 1 Generics and Assignments. Language with Generics and Lots of Type Annotations Simple language with this syntax types:T ::= Int | Bool | T =>

Foundational Certified Code in a Metalogical Framework Karl Crary and Susmit Sarkar Carnegie Mellon University.

Principles of programming languages 1: Introduction (with a simple language) Isao Sasano Department of Information Science and Engineering.

Mobile Code Security Aviel D. Rubin, Daniel E. Geer, Jr. MOBILE CODE SECURITY, IEEE Internet Computing, 1998 Minkyu Lee

An Introduction to Proof-Carrying Code David Walker Princeton University (slides kindly donated by George Necula; modified by David Walker)

The Design and Implementation of a Certifying Compiler [Necula, Lee] A Certifying Compiler for Java [Necula, Lee et al] David W. Hill CSCI

Code-Carrying Proofs Aytekin Vargun Rensselaer Polytechnic Institute.

Ross Tate, Juan Chen, Chris Hawblitzel. Typed Assembly Languages Compilers are great but they make mistakes and can introduce vulnerabilities Typed assembly.

CLF: A Concurrent Logical Framework David Walker Princeton (with I. Cervesato, F. Pfenning, K. Watkins)

Coolaid: Debugging Compilers with Untrusted Code Verification Bor-Yuh Evan Chang with George Necula, Robert Schneck, and Kun Gao May 14, 2003 OSQ Retreat.

Under the Hood of the Open Verifier Bor-Yuh Evan Chang, Adam Chlipala, Kun Gao, George Necula, and Robert Schneck October 21, 2003 OSQ Group Meeting.

Proof-system search ( ` ) Interpretation search ( ² ) Main search strategy DPLL Backtracking Incremental SAT Natural deduction Sequents Resolution Main.

Knowledge Acquisitioning. Definition The transfer and transformation of potential problem solving expertise from some knowledge source to a program.

1 Enforcing Confidentiality in Low-level Programs Andrew Myers Cornell University.

Programmability with Proof-Carrying Code George C. Necula University of California Berkeley Peter Lee Carnegie Mellon University.

Java for High Performance Computing Jordi Garcia Almiñana 14 de Octubre de 1998 de la era post-internet.

Language-Based Security Proof-Carrying Code Greg Morrisett Cornell University Thanks to G.Necula & P.Lee.

8/14/03ALADDIN REU Symposium Implementing TALT William Lovas with Karl Crary.

Recap – Our First Computer WR System Bus 8 ALU Carry output A B S C OUT F 8 8 To registers’ input/output and clock inputs Sequence of control signal combinations.

Establishing the overall structure of a software system

A Type System for Expressive Security Policies David Walker Cornell University.

WEL COME PRAVEEN M JIGAJINNI PGT (Computer Science) MCA, MSc[IT], MTech[IT],MPhil (Comp.Sci), PGDCA, ADCA, Dc. Sc. & Engg.

Extensible Untrusted Code Verification Robert Schneck with George Necula and Bor-Yuh Evan Chang May 14, 2003 OSQ Retreat.

1 © 1999 Citrix Systems Inc Java on Nemesis Tim Harris.

Extensible Code Verification Kun Gao (Senior EECS) with Professor George Necula, Evan Chang, Robert Schneck, Adam Chlipala An individual receives code.

Foundations of Programming Languages – Course Overview Xinyu Feng Acknowledgments: some slides taken or adapted from lecture notes of Stanford CS242

GENERAL CONCEPTS OF OOPS INTRODUCTION With rapidly changing world and highly competitive and versatile nature of industry, the operations are becoming.

An Introduction to Programming and Object-Oriented Design Using Java By Jaime Niño and Fred Hosch Slides by Darwin Baines and Robert Burton.

Secure Execution of Untrusted Code

CSC3315 (Spring 2009)1 CSC 3315 Programming Languages Hamid Harroud School of Science and Engineering, Akhawayn University

14.1 Silberschatz, Galvin and Gagne ©2005 Operating System Concepts Chapter 14: Protection Goals of Protection Principles of Protection Domain of Protection.

Proof Carrying Code Zhiwei Lin. Outline Proof-Carrying Code The Design and Implementation of a Certifying Compiler A Proof – Carrying Code Architecture.

Compiler course 1. Introduction. Outline Scope of the course Disciplines involved in it Abstract view for a compiler Front-end and back-end tasks Modules.

Computer Science Department UoC. Outline Project Teams Key Points description Suggested Task Delegation Files Needed & previous work.

Proof-Carrying Code & Proof-Carrying Authentication Stuart Pickard CSCI 297 June 2, 2005.

Dr. José M. Reyes Álamo 1.  Review: ◦ Statement Labels ◦ Unconditional Jumps ◦ Conditional Jumps.

© Andrew IrelandDependable Systems Group On the Scalability of Proof Carrying Code for Software Certification Andrew Ireland School of Mathematical & Computer.

Mobility, Security, and Proof-Carrying Code Peter Lee Carnegie Mellon University Lecture 2 July 11, 2001 Overview of PCC and Safety Policies Lipari School.

COP4020 Programming Languages Names, Scopes, and Bindings Prof. Xin Yuan.

Writing Systems Software in a Functional Language An Experience Report Iavor Diatchki, Thomas Hallgren, Mark Jones, Rebekah Leslie, Andrew Tolmach.

Introduction to Compilers. Related Area Programming languages Machine architecture Language theory Algorithms Data structures Operating systems Software.

Theory of Programming Languages Introduction. What is a Programming Language? John von Neumann (1940’s) –Stored program concept –CPU actions determined.

Secure Compiler Seminar 4/11 Visions toward a Secure Compiler Toshihiro YOSHINO (D1, Yonezawa Lab.)

OCR GCSE Computing © Hodder Education 2013 Slide 1 OCR GCSE Computing Python programming 1: Introduction.

Lecture 5 1 CSP tools for verification of Sec Prot Overview of the lecture The Casper interface Refinement checking and FDR Model checking Theorem proving.

CSC1200 INTRODUCTION TO PROGRAMMING Dr. Maureen Markel

Concurrency Properties. Correctness In sequential programs, rerunning a program with the same input will always give the same result, so it makes sense.

 Computer Languages Computer Languages  Machine Language Machine Language  Assembly Language Assembly Language  High Level Language High Level Language.

CompSci Today’s topics Machine Architecture The basic machine Basic programming Assembler programming Upcoming Language Translation Reading Great.

Properties as Processes : FORTE slide Properties as Processes: their Specification and Verification Joel Kelso and George Milne School of Computer.

SAFE KERNEL EXTENSIONS WITHOUT RUN-TIME CHECKING George C. Necula Peter Lee Carnegie Mellon U.

CSE 60641: Operating Systems George C. Necula and Peter Lee, Safe Kernel Extensions Without Run-Time Checking, OSDI ‘96 –SIGOPS Hall of fame citation:

FUNCTIONAL PROGRAMING AT WORK - HASKELL AND DOMAIN SPECIFIC LANGUAGES Dr. John Peterson Western State Colorado University.

Carnegie Mellon Vadim Zaliva, Franz Franchetti Carnegie Mellon University Department of Electrical and Computer Engineering Funded by the DARPA I2O HACMS.

Control Structures Computer Organization I 1 October 2009 © McQuain, Feng & Ribbens Conditional Control Structure if ( i < j ) goto A; else.

Automating Cyber- Defense Management By: Zach Archer COSC 316.

서울대한양대 ( 안 산 ) 충남대 1년1년 컴퓨터기초 (C) 컴퓨터프로그래밍 (C, Java) 컴퓨터프로그래밍 (C) 2. 봄 프로그래밍 원리 (Scheme, ML) Structure & Interpretation of Computer Programs 프로그래밍 방법론.

Recap – Our First Computer WR System Bus 8 ALU Carry output A B S C OUT F 8 8 To registers’ read/write and clock inputs Sequence of control signal combinations.

Introduction to computer software. Programming the computer Program, is a sequence of instructions, written to perform a specified task on a computer.

BPF+ Exploiting Global Data-flow Optimization in a Packet Filter Architecture Andrew Begel, Steven McCanne, Susan L. Graham University of California, Berkeley.

Types for Programs and Proofs

Information Science and Engineering

Java programming lecture one

State your reasons or how to keep proofs while optimizing code

Software Programming J. Holvikivi 2014.

Computer Programming Machine and Assembly.

Foundations of Programming Languages – Course Overview

Foundations of Programming Languages – Course Overview

Presentation transcript:

Nicholas Moore Bianca Curutan Pooya Samizadeh McMaster University March 30, 2012

Introduction TAL and PCC TAL-0 TAL-1 Real World Application

 Typed Assembly Language (TAL) extends traditional untyped assembly languages with typing annotations, memory management primitives, and a sound set of typing rules  These typing rules guarantee the memory safety, control flow safety, and type safety of TAL programs

 Principle of Proof-Carrying Code (PCC): Eliminate the need to trust code by requiring a formal, machine-checkable proof that the code has some desired properties 1. What properties should we require of the code? 2. How do code producers construct a formal proof that their code has the desired properties?

 Control-flow Safety: Ensure that a program jumps only to a well-defined subset of possible entry points  A focus on control-flow safety allows us to develop a simple abstract machine and demonstrate the key ideas of adapting a type system to machine code

 Instructions and Operands

 Abstract Machine Syntax

 Syntax additions

 Limitations: ◦ Only supports simple tuple or record-like data structures ◦ Insufficient for compiling real-world high-level languages which provide data abstraction mechanisms ◦ Can only allocate objects whose size is known at compile time

 Examples to make type system more useful: ◦ Annotate primitive memory type components with flags to control whether that component supports read-only, write-only, or read-write access ◦ Add support for subtyping ◦ Consider a read-write component to be a subtype of a read-only or a write-only component

Introduction Touchstone PCC Architecture Advantages Over Related Techniques Technical Difficulties to Overcome

 Proof-Carrying Code (PCC): General framework that allows the host to verify properties about an agent via a formal proof that accompanies the executable code  The host system can quickly verify the validity of the proof and compare the conclusions to its own security policy to determine if the agent has certain safety properties

1. Operates at load time before the agent code is installed in the host system 2. Trusted computing base is small 3. Can operate even on agents expressed in native-code form 4. General – all PCC has to do is verify safety explanations and match them with the code and safety policy

 How to encode the formal proof?  How to check the proof?  How to relate the proof with the program?

Introduction Recall TAL-0 Example (Quotient) Description and Demo

 Task ◦ Build an interpreter for the TAL-0 abstract machine in Haskell (i.e., functional programming language).  Extra ◦ Literate programming using LaTeX

 Instructions and Operands  Abstract Machine Syntax

# reduce register r1 to 0 init|r1 := 10; r2:=11; => loop; loop|? r1 => done; r1 := r1 + -1; r1:=8; => loop; done|

 Jones, Mark. Functional Programming with Overloading and Higher-Order Polymorphism. Diss. University of Nottingham. Nottingham. Print.  Liang, Sheng, Paul Hudak, and Mark Jones. Monad Transformers and Modular Interpreters. Diss. Yale University. New Haven. Print.  Necula, George. "Proof-Carrying Code." Computer Science Division, EECS at UC Berkeley. 22 July Web. 21 Mar  Pierce, Benjamin C. Advanced Topics in Types and Programming Languages. Cambridge, MA: MIT, Print.  "Typed Assembly Language Compiler." Cornell University Department of Computer Science. Web. 21 Mar