Abstract
We propose a verified executable Scala backend for ASN1SCC, a compiler for ASN.1/ACN. ASN.1 is a language for describing data structures widely employed in ground and space telecommunications. ACN can be used along ASN.1 to describe complex binary formats and legacy protocols. To avoid error-prone and time-consuming manual writing of serializers, we show how to port an ASN.1/ACN code generator to generate Scala code. We then enhance the generator to emit not only the executable code but also strong enough preconditions, postconditions, and lemmas for inductive proofs. This allowed us to verify the resulting generated annotated code using Stainless, a program verifier for Scala. The properties we prove include the absence of runtime errors, such as out-of-bound accesses or divisions by zero. For the base library, we also prove the invertibility of the decoding and encoding functions, showing that decoding yields the encoded value back. Furthermore, our system automatically inserts invertibility proofs for arbitrary records in the generated code, proving over 300’000 verification conditions. We establish key steps towards such proofs for sums and arrays as well.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Barbosa, H., et al.: cvc5: a versatile and industrialstrength SMT solver. In: TACAS (1). Lecture Notes in Computer Science, vol. 13243, pp. 415–442. Springer (2022)
Barrett, C., Conway, C.L., Deters, M., Hadarean, L., Jovanović, D., King, T., Reynolds, A., Tinelli, C.: CVC4. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV 2011. LNCS, vol. 6806, pp. 171–177. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22110-1_14
Blanc, R.W., Kneuss, E., Kuncak, V., Suter, P.: An overview of the Leon verification system: verification by translation to recursive functions. In: Scala Workshop (2013)
Blanc, R.W.: Verification by Reduction to Functional Programs. Ph.D. thesis, EPFL, Lausanne (2017). https://doi.org/10.5075/epfl-thesis-7636, http://infoscience.epfl.ch/record/230242
Bucev, M., Kunčak, V.: Formally verified quite OK image format. In: Formal Methods in Computer-Aided Design (FMCAD) (2022)
Chassot, S., Kunčak, V.: Verifying a realistic mutable hash table - case study (short paper). In: International Joint Conference on Automated Reasoning (IJCAR) (2024)
De Moura, L., Bjørner, N.: Z3: An efficient SMT solver. In: International Conference on Tools and Algorithms for the Construction and Analysis of Systems, pp. 337–340. Springer (2008)
Delaware, B., Suriyakarn, S., Pit-Claudel, C., Ye, Q., Chlipala, A.: Narcissus: correct-by-construction derivation of decoders and encoders from binary formats. Proc. ACM Program. Lang. 3(ICFP) (2019). https://doi.org/10.1145/3341686
Enumeration, M.C.W.: CWE top 25 most dangerous software weaknesses. https://cwe.mitre.org/top25/ (2023). Accessed 4 Sep 2024
ESA-ESTEC, E.S.: Telemetry and telecommand packet utilization. Standard, European Cooperation for Space Standardization (April 2016)
Google: Protocol buffers. https://protobuf.dev/
Group, N.W.: Internet x.509 public key infrastructure certificate and certificate revocation list (crl) profile. https://www.rfc-editor.org/rfc/rfc5280
Guilloud, S., Bucev, M., Milovančević, D., Kunčak, V.: Formula normalizations in verification. In: Computer-Aided Verification (CAV) (2023)
Hamza, J., Felix, S., Kunčak, V., Nussbaumer, I., Schramka, F.: From verified Scala to STIX file system embedded code using Stainless. In: NASA Formal Methods (NFM), pp. 18 (2022). http://infoscience.epfl.ch/record/292424
Hamza, J., Voirol, N., Kunčak, V.: System FR: formalized foundations for the Stainless verifier. Proc. ACM Program. Lang. 3(OOPSLA) (Oct 2019). https://doi.org/10.1145/3360592
Isychev, A., Darulova, E.: Scaling up roundoff analysis of functional data structure programs. In: SAS. Lecture Notes in Computer Science, vol. 14284, pp. 371–402. Springer (2023)
ITU-T Study Group 17: Abstract syntax notation one (ASN.1) recommendations. Standard ITU-T X.680, International Telecommunication Union (ITU), Geneva, CH (2008). https://www.itu.int/ITU-T/studygroups/com17/languages/
Laboratory, N.I.T.: National vulnerability database CVE-2024-37305 detail. https://nvd.nist.gov/vuln/detail/CVE-2024-37305
Mamais, G., Tsiodras, T., Lesens, D., Perrotin, M.: An ASN.1 compiler for embedded/space systems. In: Embedded Real Time Software and Systems (ERTS2012). Toulouse, France (Feb 2012), https://hal.science/hal-02263447
Mondet, S., Alberdi, I., Plagemann, T.: Generating optimised and formally checked packet parsing code. In: IFIP International Information Security Conference, pp. 173–184. Springer (2011)
de Moura, L.M., Bjørner, N.S.: Generalized, efficient array decision procedures. In: FMCAD, pp. 45–52. IEEE (2009)
N7 Space: ASN.1 PUS-C types library. https://n7space.github.io/asn1-pusc-lib/. Accessed 13 Sep 2024
Ni, H., Delignat-Lavaud, A., Fournet, C., Ramananandro, T., Swamy, N.: ASN1*: provably correct, non-malleable parsing for ASN.1 DER. In: Proceedings of the 12th ACM SIGPLAN International Conference on Certified Programs and Proofs, pp. 275–289. ACM, Boston MA USA (Jan 2023). https://doi.org/10.1145/3573105.3575684
Office, E.S.: ESA cyber security resilience achievement. Tech. rep., European Space Agency (10 2023)
Rümmer, P.: A constraint sequent calculus for first-order logic with linear integer arithmetic. In: Cervesato, I., Veith, H., Voronkov, A. (eds.) LPAR 2008. LNCS (LNAI), vol. 5330, pp. 274–289. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-89439-1_20
Slee, M., Agarwal, A., Kwiatkowski, M.: Thrift: scalable cross-language services implementation. Facebook white pap. 5(8), 127 (2007)
Suter, P., Köksal, A.S., Kuncak, V.: Satisfiability modulo recursive programs. In: Static Analysis Symposium (SAS) (2011)
Swamy, N., et al.: Hardening attack surfaces with formally proven binary format parsers. In: Proceedings of the 43rd ACM SIGPLAN International Conference on Programming Language Design and Implementation, pp. 31–45. PLDI 2022, Association for Computing Machinery, New York, NY, USA (2022). https://doi.org/10.1145/3519939.3523708
Tsiodras, T.: TASTE - an ESA-led toolchain that uses model-driven code generation to create correct-by-construction sw for safety-critical targets. In: MeTRiD 2018: First International Workshop on Methods and Tools for Rigorous System Design (2018)
Voirol, N.: Verified Functional Programming. Ph.D. thesis, EPFL, Switzerland (2019)
Voirol, N., Kneuss, E., Kuncak, V.: Counter-example complete verification for higher-order functions. In: Scala Symposium (2015)
Acknowledgements
This research was supported by the European Space Agency Open Space Innovation Platform, 4000140196/22/NL/GLC/ov, New Concepts for Onboard Software Development. We thank Maxime Perrotin for overseeing the project.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2025 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Bucev, M., Chassot, S., Felix, S., Schramka, F., Kunčak, V. (2025). Formally Verifiable Generated ASN.1/ACN Encoders and Decoders: A Case Study. In: Shankaranarayanan, K., Sankaranarayanan, S., Trivedi, A. (eds) Verification, Model Checking, and Abstract Interpretation. VMCAI 2025. Lecture Notes in Computer Science, vol 15530. Springer, Cham. https://doi.org/10.1007/978-3-031-82703-7_9
Download citation
DOI: https://doi.org/10.1007/978-3-031-82703-7_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-82702-0
Online ISBN: 978-3-031-82703-7
eBook Packages: Computer ScienceComputer Science (R0)