Abstract
We present two new results in machine-checked formalizations of programming languages. (1) Probabilistic Noninterference is a central notion in software security analysis. We present the first Isabelle formalization of low-security observational determinism (“LSOD”), together with a proof that LSOD implies probabilistic noninterference. The formalization of LSOD uses a flow-sensitive definition of low-equivalent traces, which drastically improves precision. (2) We present the first full and machine-checked proof that Launchbury’s well-known semantics of the lazy lambda calculus is correct as well as adequate. The proof catches a bug in Launchbury’s original proof, which was open for many years.
Both results continue the work of the “Quis Custodiet” project at KIT, which aims at machine-checked soundness proofs for complex properties of languages, compilers, and program analysis. We thus include a short overview of earlier “Quis Custodiet” results.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Simon Bischof et al. “Low-Deterministic Security For Low-Deterministic Programs”. In: Journal of Computer Security 26 (2018), pp. 335–336. https://doi.org/10.3233/JCS17984
Joachim Breitner. “Formally proving a compiler transformation safe”. In: Proceedings of the 8th ACM SIGPLAN Symposium on Haskell, Haskell 2015, Vancouver BC, Canada, September 3–4, 2015. 2015, pp. 35–46.
Joachim Breitner. “Lazy Evaluation: From natural semantics to a machine-checked compiler transformation”. PhD thesis. Karlsruher Institut für Technologie, Fakultät für Informatik, Apr. 2016.
Joachim Breitner. “The adequacy of Launchbury’s natural semantics for lazy evaluation”. In: J. Funct. Program. 28 (2018), e1. https://doi.org/10.1017/S0956796817000144.
Joachim Breitner. “The Correctness of Launchbury’s Natural Semantics for Lazy Evaluation”. In: Archive of Formal Proofs (Jan. 2013). ISSN: 2150-914x. http://afp.sf.net/entries/Launchbury.shtml.
Joachim Breitner. “The Safety of Call Arity”. In: Archive of Formal Proofs (Feb 2015).
Joachim Breitner et al. “On Improvements Of Low-Deterministic Security”. In: Proc. Principles of Security and Trust (POST) Ed. by Frank Piessens and Luca Viganò. Vol. 9635. Lecture Notes in Computer Science. Springer Berlin Heidelberg, 2016, pp. 68–88.
Pablo Buiras and Alejandro Russo. “Lazy Programs Leak Secrets”. In: NordSec Vol. 8208. Lecture Notes in Computer Science. Springer, 2013, pp. 116–122.
Dennis Giffhorn. “Slicing of Concurrent Programs and its Application to Information Flow Control”. PhD thesis. Karlsruher Institut für Technologie, Fakultät für Informatik, May 2012.
Dennis Giffhorn and Gregor Snelting. “A New Algorithm For Low-Deterministic Security”. In: International Journal of Information Security 14.3 (Apr 2015), pp. 263–287.
Jürgen Graf. “Information Flow Control with System Dependence Graphs — Improving Modularity Scalability and Precision for Object Oriented Languages”. PhD thesis. Karlsruher Institut für Technologie, Fakultät für Informatik, 2016.
Jürgen Graf et al. “Tool Demonstration: JOANA”. In: Proc. Principles of Security and Trust (POST) Ed. by Frank Piessens and Luca Viganò. Vol. 9635. Lecture Notes in Computer Science. Springer Berlin Heidelberg, 2016, pp. 89–93.
Christian Hammer and Gregor Snelting. “Flow-Sensitive, Context-Sensitive, and Object- sensitive Information Flow Control Based on Program Dependence Graphs”. In: Interna- tional Journal of Information Security 8.6 (Dec. 2009), pp. 399–422.
Johannes Hölzl. “Construction and Stochastic Applications of Measure Spaces in Higher Order Logic”. Dissertation. München: Technische Universität München, 2013.
Ralf Küsters et al. “Extending and Applying a Framework for the Cryptographic Verification of Java Programs”. In: Proc. POST 2014 LNCS 8424. Springer, 2014, pp. 220–239.
John Launchbury “A Natural Semantics for Lazy Evaluation”. In: Principles of Programming Languages (POPL) ACM, 1993. DOI: 10.1145/158511.158618.
Andreas Lochbihler “A Machine-Checked, Type-Safe Model of Java Concurrency : Language, Virtual Machine, Memory Model, and Verified Compiler”. PhD thesis. Karlsruher Institut für Technologie, Fakultät für Informatik, July 2012.
Andreas Lochbihler. “Making the Java Memory Model Safe”. In: ACM Transactions on Programming Languages and Systems 35.4 (2014), 12:1–12:65.
Andreas Lochbihler. “Verifying a Compiler for Java Threads”. In: Proc. 19th European Symposium on Programming ESOP 2010 Vol. 6012. Lecture Notes in Computer Science. 2010, pp. 427–447.
Simon Peyton Jones. “Implementing Lazy Functional Languages on Stock Hardware: The Spineless Tagless G-Machine”. In: Journal of Functional Programming 2.2 (1992), pp. 127–202. https://doi.org/10.1017/S0956796800000319.
Andrew M. Pitts. “Nominal logic, a first order theory of names and binding”. In: Theoretical Aspects of Computer Software (TACS) 2001 Vol. 186. Information and Computation 2. Elsevier, 2003, pp. 165–193. https://doi.org/10.1016/S08905401(03)00138X
Andrei Popescu, Johannes Hölzl, and Tobias Nipkow. “Formal Verification of Language- Based Concurrent Noninterference”. In: J. Formalized Reasoning 6.1 (2013), pp. 1–30.
Andrei Popescu, Johannes Hölzl, and Tobias Nipkow “Formalizing Probabilistic Nonin- terference”. In: Proc. Certified Programs and Proofs CPP Vol. 8307. Lecture Notes in Computer Science. 2013, pp. 259–275.
Andrei Popescu, Johannes Hölzl, and Tobias Nipkow. “Noninterfering Schedulers When Possibilistic Noninterference Implies Probabilistic Noninterference”. In: Proc. Algebra and Coalgebra in Computer Science (CALCO) Lecture Notes in Computer Science. 2013, pp. 236–252.
A. Sabelfeld and A. Myers. “Language-Based Information-Flow Security”. In: IEEE Journal on Selected Areas in Communications 21.1 (Jan. 2003), pp. 5–19.
Andrei Sabelfeld and David Sands. “Probabilistic Noninterference for Multi-Threaded Programs”. In: Proceedings of the 13th IEEE Computer Security Foundations Workshop, CSFW ’00, Cambridge England, UK, July 3–5, 2000. 2000, pp. 200–214.
Lidia Sánchez-Gil, Mercedes Hidalgo-Herrero, and Yolanda Ortega-Mallén. “Launchbury’s semantics revisited: On the equivalence of context-heap semantics (Work in progress)”. In: XIV Jornadas sobre Programación y Lenguajes (2014), pp. 203–217.
Lidia Sánchez-Gil, Mercedes Hidalgo-Herrero, and Yolanda Ortega-Mallén. “Relating func- tion spaces to resourced function spaces”. In: Symposium on Applied Computing (SAC) ACM, 2011, pp. 1301–1308. https://doi.org/10.1145/1982185.1982469
Lidia Sánchez-Gil, Mercedes Hidalgo-Herrero, and Yolanda Ortega-Mallén. “The role of indirections in lazy natural semantics”. In: Perspectives of System Informatics (PSI) 2014 Vol. 8974. LNCS. Springer, 2015. https://doi.org/10.1007/9783662468234<currencydollar>backslash<currencydollar>textunderscore24
Gregor Snelting. “Paul Feyerabend and software technology”. In: International Journal on Software Tools for Technology Transfer 2.1 (Nov 1998), pp. 1–5.
Gregor Snelting. “Paul Feyerabend und die Softwaretechnologie”. In: Informatik-Spektrum 21.5 (Oct. 1998), pp. 273–276.
Christian Urban and Cezary Kaliszyk. “General Bindings and Alpha-Equivalence in Nominal Isabelle”. In: Logical Methods in Computer Science 8.2 (2012). DOI: 10.2168/LMCS8(2: 14)2012.
Daniel Wasserrab. “From Formal Semantics to Verified Slicing – A Modular Framework with Applications in Language Based Security”. PhD thesis. Karlsruher Institut für Technologie, Fakultät für Informatik, Oct. 2010. http://digbib.ubka.uni-karlsruhe.de/volltexte/1000020678.
Daniel Wasserrab. “Information Flow Noninterference via Slicing”. In: Archive of Formal Proofs (2010).
Daniel Wasserrab, Denis Lohner, and Gregor Snelting. “On PDG-Based Noninterference and its Modular Proof”. In: Proc. PLAS ’09 ACM. Dublin, Ireland, June 2009. http://pp.info.unikarlsruhe.de/uploads/publikationen/wasserrab09plas.pdf.
Daniel Wasserrab et al. “An Operational Semantics and Type Safety Proof for Multiple Inheritance in C+ +”. In: 21th Annual ACM Conference on Object-Oriented Programming Systems, Languages, and Applications ACM, Oct. 2006, pp. 345–362.
Steve Zdancewic and Andrew C. Myers. “Observational Determinism for Concurrent Pro- gram Security”. In: Proc. CSFW. IEEE, 2003, pp. 29–43.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Bischof, S., Breitner, J., Lohner, D., Snelting, G. (2018). Illi Isabellistes Se Custodes Egregios Praestabant. In: Müller, P., Schaefer, I. (eds) Principled Software Development. Springer, Cham. https://doi.org/10.1007/978-3-319-98047-8_17
Download citation
DOI: https://doi.org/10.1007/978-3-319-98047-8_17
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-98046-1
Online ISBN: 978-3-319-98047-8
eBook Packages: Computer ScienceComputer Science (R0)