Using build-integrated static checking to preserve correctness invariants

Proceedings of the ACM Conference on Computer and Communications Security

Volumn , Issue , 2004, Pages 288-297

  Chen, Hao ^a   Shapiro, Jonathan S ^b  

^a UNIVERSITY OF CALIFORNIA   (United States)

^b JOHNS HOPKINS UNIVERSITY   (United States)

Author keywords

Assurance; EROS; Model checking; MOPS; Security; Static analysis; Verification

Indexed keywords

COMPUTER OPERATING SYSTEMS; COMPUTER SOFTWARE; COST EFFECTIVENESS; ERROR ANALYSIS; INVESTMENTS; MATHEMATICAL MODELS; RISK ASSESSMENT; SPECIFICATIONS;

EROS; MODEL CHECKING; MPOS; SOFTWARE ASSURANCE; STATIC ANALYSIS; VERIFICATION;

SECURITY OF DATA;

EID: 14844297377     PISSN: 15437221     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1030083.1030122     Document Type: Conference Paper

References (30)

1. Thomas A. Henziger, Ranjit Jhala, Rupak Majumdar, George C. Necula, Gregoire Sutre, and Westley Weimer. Temporal-safety proofs for systems code. In Proc. 14th International Conference on Computer-Aided Verification, pages 526-538, 2002.
2. Junfeng Yang, Ted Kremenek, Yichen Xie, and Dawson Engler. MECA: an extensible, expressive system and language for statically checking security properties. In Proc. 10th ACM Conference on Computer and Communications Security, 2003.
3. Dawson Engler and Ken Ashcraft. RacerX: Effective, static detection of race conditions and deadlocks. In Proc. 19th ACM Symposium on Operating Systems Principles, Bolton Landing, NY, October 2003.
4. Xiaolan Zhang, Antony Edwards, and Trent Jaeger. Using CQUAL for static analysis of authorization hook placement. In Proceedings of the Eleventh USENIX Security Symposium, August 2002.
5. Thomas Ball and Sriram K. Rajamani. The SLAM project: Debugging system software via static analysis. In POPL '02: Proceedings of the ACM SIGPLAN-SIGACT Conference on Principles of Programming Languages, 2002.
6. Hao Chen and David Wagner. MOPS: an infrastructure for examining security properties of software. In Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS), Washington, DC, 2002.
7. Hao Chen, Drew Dean, and David Wagner. Model checking one million lines of C code. In Proceedings of the 11th Annual Network and Distributed System Security Symposium, San Diego, CA, 2004.
8. Jonathan S. Shapiro, Jonathan M. Smith, and David J. Farber. EROS: A fast capability system. In Proc. 17th ACM Symposium on Operating Systems Principles, pages 170-185, Kiawah Island Resort, near Charleston, SC, USA, December 1999. ACM.
9. J. S. Shapiro and S. Weber. Verifying the EROS confinement mechanism. In Proc. 2000 IEEE Symposium on Security and Privacy, pages 166-176, Oakland, CA, USA, 2000.
10. Norman Hardy. The KeyKOS architecture. Operating Systems Review, 19(4):8-25, October 1985.
11. David Evans and David Larochelle. Improving security using extensible lightweight static analysis. IEEE Software, 19(1), January 2002.
12. Seth Hallem, Benjamin Chelf, Yichen Xie, and Dawson Engler. A system and language for building system-specific, static analyses. In PLDI '02: Proceedings of the ACM SIGPLAN 2002 Conference on Programming Language Design and Implementation, Berlin, Germany, June 2002.
13. J. S. Shapiro. EROS: A Capability System. PhD thesis, University of Pennsylvania, Philadelphia, PA 19104, 1999.
14. Bryan Ford, Mike Hibler, Jay Lepreau, Roland McGrath, and Patrick Tullmann. Interface and execution models in the fluke kernel. In Proc. 3rd Symposium on Operating System Design and Implementation, pages 101-115, February 1999.
15. Robert E. Strom and Shaula Yemini. Typestate: A programming language concept for enhancing software reliability. IEEE Trans. on Software Engineering, (1):157-171, January 1986.
16. Robert E. Strom and Daniel M. Yellin. Extending typestate checking using conditional liveness analysis. IEEE Trans. on Software Engineering, (5):478-485, May 1993.
17. David R. Cheriton and Kenneth J. Duda. A caching model of operating system kernel functionality. In Proc. USENIX Symposium on Operating Systems Design and Implementation, pages 179-193, 1994.
18. Key Logic, Inc. GNOSIS Design Documentation, 1990.
19. John V. Guttag, James J. Horning, S. J. Garland, K. D. Jones, A. Modet, and J. M. Wing. LARCH: Languages and Tools for Formal Specification. Springer-Verlag, New York, NY, 1993.
20. Emil Sekerinski and Kaisa Sere, editors. Program Development by Refinement. Springer, 1999.
21. Manuvir Das, Sorin Lerner, and Mark Seigle. ESP: Path-sensitive program verification in polynomial time. In PLDI '02: Proceedings of the ACM SIGPLAN 2002 Conference on Programming Language Design and Implementation, Berlin, Germany, June 2002.
22. Madanlal Musuvathi, David Y.W. Park, Andy Chou, Dawson R. Engler, and David L. Dill. CMC: A pragmatic approach to model checking real code. In OSDI '02: Proceedings of the 5th Symposium on Operating Systems Design and Implementation, Boston, MA, December 2002.
23. Larry Koved, Marco Pistoia, and Aaron Kershenbaum. Access rights analysis for Java. In Proceedings of the 17th Annual ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications, 2002.
24. Jeffrey Foster, Manuel Fähndrich, and Alexander Aiken. A theory of type qualifiers. In ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI'99), May 1999.
25. Umesh Shankar, Kunal Talwar, Jeffrey S. Foster, and David Wagner. Detecting format string vulnerabilities with type qualifiers. In Proceedings of the 10th USENIX Security Symposium, 2001.
26. Cormac Flanagan, K. Rustan M. Leino, Mark Lillibridge, Greg Nelson, James B. Saxe, and Raymie Stata. Extended static checking for Java. In Proceedings of the ACM SIGPLAN 2002 Conference on Programming Language Design and Implementation, Berlin, Germany, 2002.
27. Roger R. Schell. Evaluating security properties of computer systems. In Proc. 1983 IEEE Symposium on Security and Privacy, pages 89-95, 1983.
28. Roger R. Schell. Evidence Trails as Proprietary Data, 2002. Personal communication.
29. R. Feiertag and P. Neumann. The foundations of a provably secure operating system (PSOS). In Proc. 1979 National Computer Conference, 1979.
30. P.G. Neumann and R.J. Feiertag. PSOS revisited. In Proceedings of the 19th Annual Computer Security Applications Conference (ACSAC 2003), Classic Papers section, Las Vegas, Nevada, December 2003.