Proof-carrying code from certified abstract interpretation and fixpoint compression

Frédéric Besson, Thomas Jensen, David Pichardie
2006 Theoretical Computer Science  
Proof-carrying code (PCC) is a technique for downloading mobile code on a host machine while ensuring that the code adheres to the host's safety policy. We show how certified abstract interpretation can be used to build a PCC architecture where the code producer can produce program certificates automatically. Code consumers use proof checkers derived from certified analysers to check certificates. Proof checkers carry their own correctness proofs and accepting a new proof checker amounts to
more » ... checking the checker in Coq. Certificates take the form of strategies for reconstructing a fixpoint and are kept small due to a technique for fixpoint compression. The PCC architecture has been implemented and evaluated experimentally on a byte code language for which we have designed an interval analysis that allows to generate certificates ascertaining that no array-out-of-bounds accesses will occur.
doi:10.1016/j.tcs.2006.08.012 fatcat:euvgvxbrcve6jkh5wzhuxahiyy