Filters








1,287 Hits in 5.9 sec

Correctness of Java card method lookup via logical relations

Ewen Denney, Thomas Jensen
2002 Theoretical Computer Science  
This article presents a formalisation of the bytecode optimisation of Sun's Java Card language from the class ÿle to CAP ÿle format as a set of constraints between the two formats, and deÿnes and proves  ...  The optimisation is given as a logical relation such that the instantiated semantics are observably equal.  ...  We describe a semantic framework for proving the correctness of Java Card tokenisation.  ... 
doi:10.1016/s0304-3975(01)00138-4 fatcat:uu6gldk7dve2raxkmclvwyzhdq

Correctness of Java Card Method Lookup via Logical Relations [chapter]

Ewen Denney, Thomas Jensen
2000 Lecture Notes in Computer Science  
This article presents a formalisation of the bytecode optimisation of Sun's Java Card language from the class ÿle to CAP ÿle format as a set of constraints between the two formats, and deÿnes and proves  ...  The optimisation is given as a logical relation such that the instantiated semantics are observably equal.  ...  We describe a semantic framework for proving the correctness of Java Card tokenisation.  ... 
doi:10.1007/3-540-46425-5_7 fatcat:gtaurugjmvgzpjjc4wdnkdmlb4

Editorial

Roberto Gorrieri
2002 Theoretical Computer Science  
(ÿrst-order logic, temporal logic, epistemic logic), semantics (static analysis, type theory,) formal methods and related approaches (model-checking, theorem-proving, process algebra) and complexity.  ...  Theoretical foundations for the analysis (or the design) of security aspects of these applications are badly needed in order to validate and prove (or guarantee) their correctness.  ...  "Correctness of Java Card Method Lookup via Logical Relations" (E. Denney, T.  ... 
doi:10.1016/s0304-3975(01)00135-9 fatcat:nyegzn4abbg2pgpr6sai7ddl4e

A Formally Verified Calculus for Full Java Card [chapter]

Kurt Stenzel
2004 Lecture Notes in Computer Science  
Java Card Java Card [18] is a variation of Java that is tailored for smart cards. A smart card is a plastic card containing a small processor. Smart cards are used in  ...  We present a calculus for the verification of sequential Java programs. It supports all Java language constructs and has additional support for Java Card.  ...  A typical program (including loading of tickets via internet and offline transfer of tickets) has about 1200 lines of code and about 40 methods.  ... 
doi:10.1007/978-3-540-27815-3_37 fatcat:nxq4unamavgatkbxz4ag5ez3pq

Formal Verification of a Java Compiler in Isabelle [chapter]

Martin Strecker
2002 Lecture Notes in Computer Science  
This paper reports on the formal proof of correctness of a compiler from a substantial subset of Java source language to Java bytecode in the proof environment Isabelle.  ...  This work is based on extensive previous formalizations of Java, which comprise all relevant features of object-orientation.  ...  Johannes Pfeifroth has given a first version of the compiler correctness statement of Section 4.1.  ... 
doi:10.1007/3-540-45620-1_5 fatcat:jmwkwgsrunecnif3evnm5xcbxa

Verifying Object-Oriented Programs with KeY: A Tutorial [chapter]

Wolfgang Ahrendt, Bernhard Beckert, Reiner Hähnle, Philipp Rümmer, Peter H. Schmitt
2007 Lecture Notes in Computer Science  
The resulting multi-modal program logic is called Java Card Dynamic Logic or, for short, Java Card DL [3, Chapt. 3].  ...  The Eclipse and Together KeY plugins allow to select Java classes or methods that are annotated with formal specifications and both plugins offer to prove a number of correctness judgements such as behavioural  ...  Acknowledgements We would like to thank Richard Bubel for many discussions on various topics of the paper, and for his enormous contribution to the constant improvement of the KeY system.  ... 
doi:10.1007/978-3-540-74792-5_4 fatcat:gyp7wdqljbd5fac7uru62fc3qm

Extracting a data flow analyser in constructive logic

David Cachera, Thomas Jensen, David Pichardie, Vlad Rusu
2005 Theoretical Computer Science  
The proof of existence of a solution to the constraints is constructive which means that the extraction mechanism of Coq provides a provably correct data flow analyser in Ocaml from the proof.  ...  Constraints are represented in a way that allows for both efficient constraint resolution and correctness proof of the analysis with respect to an operational semantics.  ...  We have instantiated it to a data flow analysis for Java Card.  ... 
doi:10.1016/j.tcs.2005.06.004 fatcat:4wv4oboplndepdo2ji5kavlmi4

Extracting a Data Flow Analyser in Constructive Logic [chapter]

David Cachera, Thomas Jensen, David Pichardie, Vlad Rusu
2004 Lecture Notes in Computer Science  
The proof of existence of a solution to the constraints is constructive which means that the extraction mechanism of Coq provides a provably correct data flow analyser in Ocaml from the proof.  ...  Constraints are represented in a way that allows for both efficient constraint resolution and correctness proof of the analysis with respect to an operational semantics.  ...  We have instantiated it to a data flow analysis for Java Card.  ... 
doi:10.1007/978-3-540-24725-8_27 fatcat:h5sua7zg75gtlpbtul673xtq3e

Certifying Native Java Card API by Formal Refinement [chapter]

Quang-Huy Nguyen, Boutheina Chetali
2006 Lecture Notes in Computer Science  
This work provides a framework to enforce the security of the native code by formal analysis and can be generalized to verify a complete implementation of the Java Card platform.  ...  We formally prove the correctness of the refinement steps between two adjacent levels.  ...  Java Card Methods Invocation. When a Java Card method is invoked, a new frame is pushed onto the frame stack.  ... 
doi:10.1007/11733447_23 fatcat:xx7n333ukvhi5mfyvnesduzxnq

Certified Memory Usage Analysis [chapter]

David Cachera, Thomas Jensen, David Pichardie, Gerardo Schneider
2005 Lecture Notes in Computer Science  
We present a certified algorithm for resource usage analysis, applicable to languages in the style of Java byte code. The algorithm verifies that a program executes in bounded memory.  ...  The expression of the algorithm as a constraint-based static analysis of the program over simple lattices provides a link with abstract interpretation that allows to state and prove formally the correctness  ...  Recent work on verification of C code in Coq [6] could be of essential use here.  ... 
doi:10.1007/11526841_8 fatcat:pfpfqiqsknfxpcyihgzqmyjhwy

Building blocks for IP telephony

D. Bergmark, S. Keshav
2000 IEEE Communications Magazine  
Acknowledgments The real work on this project was done by a talented group of Cornell students: James Barabas, Jason Howes, Char Shing "Wilson" Ng, Madhav Ranjan, Naveen Sastry, Pratap Singh, James Wann  ...  Where we put together a collection of Java packages which can be used directly to implement telephony applications in Java, they produced a collection of Java Beans which can be selected and combined to  ...  In ITX, application logic is separated from signaling logic. The interface between the application and signaling is an API to initiate activities (e.g.  ... 
doi:10.1109/35.833562 fatcat:2qyurtm5wvabjozsuodgmjjfvu

Modelling with Relational Calculus of Object and Component Systems - rCOS [chapter]

Zhenbang Chen, Abdel Hakim Hannousse, Dang Van Hung, Istvan Knoll, Xiaoshan Li, Zhiming Liu, Yang Liu, Qu Nan, Joseph C. Okika, Anders P. Ravn, Volker Stolz, Lu Yang (+1 others)
2008 Lecture Notes in Computer Science  
This chapter presents a formalization of functional and behavioural requirements, and a refinement of requirements to a design for CoCoME using the Relational Calculus of Object and Component Systems (  ...  We give a model of requirements based on an abstraction of the use cases described in Chapter 3.2.  ...  Java provides the implementations of these types via the Collection interface. Thus these operations in specifications can be directly coded in Java.  ... 
doi:10.1007/978-3-540-85289-6_6 fatcat:i27juyc5efcgxabpezw6rzp4bq

Verified bytecode verification and type-certifying compilation

Gerwin Klein, Martin Strecker
2004 The Journal of Logic and Algebraic Programming  
This article presents a type certifying compiler for a subset of Java and proves the type correctness of the bytecode it generates in the proof assistant Isabelle.  ...  The basis for this work is an extensive formalization of the Java bytecode type system, which is first presented in an abstract, lattice-theoretic setting and then instantiated to Java types.  ...  For example, dynamic method binding is achieved via a method lookup function method that selects the method to be invoked, given the dynamic type dynT of expression e (whereas C is the static type) and  ... 
doi:10.1016/j.jlap.2003.07.004 fatcat:kmrd2s5mvja3dhexfb2eyrr3qu

A Formal Connection between Security Automata and JML Annotations [chapter]

Marieke Huisman, Alejandro Tamalet
2009 Lecture Notes in Computer Science  
The correctness proofs are formalised using the PVS theorem prover. This reveals several subtleties to be considered in the definition of the translation algorithm and in the program requirements.  ...  Their typical use is to monitor the execution of an application, and to interrupt it as soon as the security policy is violated. However, run-time adherence checking is not always convenient.  ...  We thank Erik Poll for his useful comments on an earlier draft of this paper, and Igor Siveroni, who started the work on this topic and came up with the idea to use method-level set-annotations.  ... 
doi:10.1007/978-3-642-00593-0_23 fatcat:fgkewmgcqbgwzljautvwskjude

A Refinement Method for Java Programs [chapter]

Holger Grandy, Kurt Stenzel, Wolfgang Reif
2007 Lecture Notes in Computer Science  
We present a refinement method for Java programs which is motivated by the challenge of verifying security protocol implementations.  ...  The method can be used for stepwise refinement of abstract specifications down to the level of code running in the real application.  ...  We then formulate theorems for each Java method which relate the behavior of the method to the abstract counterpart of its input.  ... 
doi:10.1007/978-3-540-72952-5_14 fatcat:nfsxbnmhdbhkxj663u3bbnw4au
« Previous Showing results 1 — 15 out of 1,287 results