Temporal-Safety Proofs for Systems Code. - Internet Archive Scholar

doi:10.1007/3-540-45657-0_45 fatcat:6sspkp7jtnaatdje3wnm6n36pa

Proof-Carrying Code Proof-carrying code (PCC) [NL97,Nec97,Nec98] is a method of ensuring the safety of untrusted machine code. ... The combination of proof-carrying code for verification of standard processor machine code and model-checking for array configurations is explored. ... In particular, replacing proof-carrying code based on first-order logic with proof-carrying code based on temporal logic [BL02] is expected to provide a greater range of safety properties that can be ...

doi:10.1007/978-3-540-45234-8_104 fatcat:3khaogfgynazhpngwdzuxwjcqm

This paper presents a process for the stepwise refinement of safety code assertions from identified system hazards. The code assertions are intended for use in system safety verification. ... The development of the safety code assertions increases the feasibility of using code verification tools such as SPARK Examiner in the safety verification of large software-intensive systems. ... a proof rule: The proof rule is expressed in the FDL language, which is the required input for the SPARK Proof Checker. ...

doi:10.1007/3-540-49646-7_27 fatcat:hoysbxx72fbvrb6o5zxrad6a3y

Ivy supports proving safety and liveness properties of parameterized and infinite-state systems via three modes: deductive verification using an SMT solver, abstraction and model checking, and manual proofs ... For this purpose, it presents concrete finite counterexamples, automatically audits proofs for decidability of verification conditions, and provides modular hiding of theories. ... Furthermore, since the temporal proof is transformed to a safety verification problem, it is possible to leverage for liveness proofs all the tactics and mechanisms that Ivy contains for safety verification ...

doi:10.1007/978-3-030-53291-8_12 fatcat:qvvvcujlibcexh7m6b44vydcsi

Open Access

The safety-critical aspects of cyber-physical systems motivate the need for rigorous analysis of these systems. ... In this paper we present VERIDRONE, a foundational framework for reasoning about cyber-physical systems at all levels from high-level models to C code that implements the system. ... The importance of safety for cyber-physical systems has motivated a lot of work to improve their reliability. ...

doi:10.1109/soscyps.2016.7580000 dblp:conf/cpsweek/MalechaRAL16 fatcat:px7fwlh6u5g3tcw5tqnbzo4iva

Modularity is exploited by a mechanism for proof reuse that detects and minimizes the verification tasks resulting from changes in the code and the specifications. ... Both linear-time temporal logic and finite automata are supported as formalisms for expressing local and global safety properties, allowing the user to choose a suitable format for the property at hand ... Acknowledgments We are indebted to Wojciech Mostowski, Erik Poll and Roberto Guanciale for their help in finding suitable case studies, to Afshin Amighi and Pedro de Carvalho Gomes for helping with the ...

doi:10.1007/s10270-013-0321-0 fatcat:lmko3khlnvgh3o6el2pcz26h7y

For some categories, broad classes of syntactically identifiable temporal properties, such as safety, liveness, or existence properties, are guaranteed to hold for a system with any aspect of the category ... Moreover, relatively simple verification techniques are shown to hold for some classes of temporal properties over systems augmented with some other categories of aspects. ... Proof: For rules 1 and 2, the reasoning is as for spectative aspects. ...

doi:10.1007/11687061_4 fatcat:r643mpownfggrappzamkc5fnpm

Separation kernels provide temporal/spatial separation and controlled information flow to their hosted applications. ... Formal methods are mandated by the security/safety certification of separation kernels and have been carried out since this concept emerged. ... For the purpose of safety and security certification, it is necessary that automatic approaches generate proofs for the correctness. (4) Full formal verification at C source code level. ...

arXiv:1701.01535v1 fatcat:wivlgaqkmffc5nb2kalmpy77sy

Modularity is exploited by a mechanism for proof reuse that detects and minimizes the verification tasks resulting from changes in the code and the specifications. ... (as in mobile code for open platforms). ... , and to Stefan Schwoon for adapting the input language of Moped to our needs. ...

doi:10.1007/978-3-642-24690-6_25 fatcat:7h3ee6xc6zcz3f44hbwihj5r7u

Certain tools of concurrent program verification that are especially useful for protocols' are presented: history varigbles that record sequences of input and output'values, temporal logic for expressing ... properties that must hold in a future system state (such as eventual receipt of a message), and module specification and composition rules. ... Safety: System The system invariant for the alternating bit protocol is the same as for Stenning's protocol: Y I X . ...

doi:10.1109/tcom.1983.1095720 fatcat:exlathdbfjc2xdmgwtpxbaxooe

Separation kernels are fundamental software of safety and security-critical systems, which provide to their hosted applications spatial and temporal separation as well as controlled information flows among ... The temporal separation becomes critical when being applied in safety-critical systems. ... Reliable protection in both spatial domain and temporal domain is particularly relevant for systems where the co-existence of safety-critical and non safety-critical application subsystems shall be supported ...

arXiv:1508.07066v3 fatcat:o6rltzjp4vf4jeifjddfbtmuv4

Multiple Versions

We describe a methodology for building practical and provably correct distributed systems based on a unique blend of temporal logic of actions-style state-machine refinement and Hoare-logic verification ... Distributed systems are notorious for harboring subtle bugs. ... Safety proofs need only reason about two system states at a time: if each step between two states preserves the system's safety invariants, then we can inductively conclude that all behaviors are safe. ...

doi:10.1145/3068608 fatcat:tnwzkuonwvahterueljh4axakm

The case study concerns the train tracking function for an automatic train protection system (ATP). ... We present our return of experience in using SIMULINK DESIGN VERI-FIER for the verification and validation of a safety-critical function. ... The case study concerns the train tracking function for an automatic train protection system (ATP). ...

doi:10.1007/978-3-642-15654-0_4 dblp:conf/csdm/EtienneFJ10 fatcat:bpufjl7ocndbflng2twcw2yy5u

In this article, the authors give an overview of toolbased verification of hardware and software systems and discuss the relation between verification and logical reasoning. reiner Hähnle is a professor ... Acknowledgment We thank the anonymous reviewers for their careful reading of this article and numerous valuable suggestions for improvement. ... The host system can check that proof before running the code to ensure that the code satisfies the host's security policies and has other desirable properties. ...

doi:10.1109/mis.2014.3 fatcat:dm3azbzibvhx7n7sgkrbdmufsa

system kernel in C code level. ... with the increasing pressure on non-function attributes (security, safety and reliability) requirements of an operation system, high-confidence operation system is becoming more important. ... PCC (Proof -Carrying code) [12] and FPCC (Foundational Proof -Carrying code) [13] based on logical method, through carrying the proof of source codes, provides a mechanism that guarantee the safety ...

doi:10.5815/ijcnis.2010.02.02 fatcat:2xx46lr5grh4tb4hpulujdxh3q

Open Access

Temporal-Safety Proofs for Systems Code [chapter]

Preserved Fulltext

Model Checking Reconfigurable Processor Configurations for Safety Properties [chapter]

Preserved Fulltext

Refinement of Safety-Related Hazards into Verifiable Code Assertions [chapter]

Preserved Fulltext

Ivy: A Multi-modal Verification Tool for Distributed Algorithms [chapter]

Preserved Fulltext

Towards foundational verification of cyber-physical systems

Preserved Fulltext

Procedure-modular specification and verification of temporal safety properties

Preserved Fulltext

Aspect Categories and Classes of Temporal Properties [chapter]

Preserved Fulltext

High-Assurance Separation Kernels: A Survey on Formal Methods [article]

Preserved Fulltext

ProMoVer: Modular Verification of Temporal Safety Properties [chapter]

Preserved Fulltext

Modular Verification of Computer Communication Protocols

Preserved Fulltext

A survey on formal specification and verification of separation kernels [article]

Preserved Fulltext

Other Versions

IronFleet

Preserved Fulltext

Using Simulink Design Verifier for Proving Behavioral Properties on a Complex Safety Critical System in the Ground Transportation Domain [chapter]

Preserved Fulltext

Reasoning and Verification: State of the Art and Current Trends

Preserved Fulltext

Code Formal Verification of Operation System

Preserved Fulltext