JACK - A tool for validation of security and behaviour of java applications

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 4709 LNCS, Issue , 2007, Pages 152-174

  Barthe, Gilles ^a   Burdy, Lilian ^d   Charles, Julien ^a   Grégoire, Benjamin ^a   Huisman, Marieke ^a   Lanet, Jean Louis ^b   Pavlova, Mariela ^c   Requet, Antoine ^b  

^a INRIA   (France)

^b GEMALTO   (France)

^c UNIVERSITY OF MUNICH   (Germany)

^d NONE

Author keywords

[No Author keywords available]

Indexed keywords

JAVA PROGRAMMING LANGUAGE; SECURITY OF DATA; USER INTERFACES; VERIFICATION;

ANNOTATION GENERATION; INTERACTIVE VERIFICATION; PROOF CARRYING CODE;

COMPUTER AIDED SOFTWARE ENGINEERING;

EID: 38549137266     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-540-74792-5_7     Document Type: Conference Paper

References (40)

1. Abrial, J.-R.: The B Book, Assigning Programs to Meanings. Cambridge University Press, Cambridge (1996)
2. Alagić, S., Royer, M.: Next generation of virtual platforms. Article in odbms.org (October 2005), http://odbms.org/about.contributors.alagic. html
3. Barnett, M., Leino, K.R.M., Schulte, W.: The Spec# programming system: An overview. In: Barthe, G., Burdy, L., Huisman, M., Lanet, J.-L., Muntean, T. (eds.) CASSIS 2004. LNCS, vol. 3362, pp. 151-171. Springer, Heidelberg (2005)
4. Bartetzko, D., Fischer, C., Möller, M., Wehrheim, H.: Jass - Java with Assertions. In: Havelund, K., Rou, G. (eds.) ENTCS, vol. 55(2), Elsevier Publishing, Amsterdam (2001)
5. Barthe, G., Pavlova, M., Schneider, G.: Precise analysis of memory consumption using program logics. In: Software Engineering and Formal Methods, pp. 86-95. IEEE Press, Los Alamitos (2005)
6. Barthe, G., Rezk, T., Saabas, A.: Proof obligations preserving compilation. In: Dimitrakos, T., Martinelli, F., Ryan, P.Y.A., Schneider, S. (eds.) FAST 2005. LNCS, vol. 3866, pp. 112-126. Springer, Heidelberg (2006)
7. Beckert, B., Hähnle, R., Schmitt, P.H. (eds.): Verification of Object-Oriented Software: The KeY Approach. LNCS (LNAI), vol. 4334. Springer, Heidelberg (2007)
8. van den Berg, J., Jacobs, B.: The LOOP compiler for Java and JML. In: Margaria, T., Yi, W. (eds.) ETAPS 2001 and TACAS 2001. LNCS, vol. 2031, pp. 299-312. Springer, Heidelberg (2001)
9. Bieber, P., Cazin, J., Girard, P., Lanet, J.-L., Wiels, V., Zanon, G.: Checking secure interactions of smart card applets, Journal of Computer Security 10(4), 369-398 (2002)
10. Breunesse, C., Cataño, N., Huisman, M., Jacobs, B.: Formal methods for smart cards: an experience report. Science of Computer Programming 55(1-3), 53-80 (2005)
11. Burdy, L., Cheon, Y., Cok, D., Ernst, M., Kiniry, J.R., Leavens, G.T., Leino, K.R.M., Poll, E.: An overview of JML tools and applications. In: Arts, T., Fokkink, W. (eds.) Workshop on Formal Methods for Industrial Critical Systems. Electronic Notes in Theoretical Computer Science, vol. 80, pp. 73-89. Elsevier Science, Inc, Amsterdam (2003) Preprint University of Nijmegen (TR NIII-R0309)
12. Burdy, L., Huisman, M., Pavlova, M.: Preliminary design of BML: A behavioral interface specification language for Java bytecode. In: Fundamental Approaches to Software Engineering (FASE 2007). LNCS, vol. 4422, pp. 215-229. Springer, Heidelberg (2007)
13. Burdy, L., Pavlova, M.: Java bytecode specification and verification. In: Symposium on Applied Computing, pp. 1835-1839. Association of Computing Machinery Press (2006)
14. Burdy, L., Requet, A., Lanet, J.-L.: Java applet correctness: A developer-oriented approach. In: Araki, K., Gnesi, S., Mandrioli, D. (eds.) FME 2003. LNCS, vol. 2805, pp. 422-439. Springer, Heidelberg (2003)
15. Chander, A., Espinosa, D., Islam, N., Lee, P., Necula, G.: JVer: A Java Verifier. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, Springer, Heidelberg (2005)
16. Charles, J.: Adding native specifications to JML. In: Workshop on Formal Techniques for Java Programs (2006)
17. Cok, D., Kiniry, J.R.: ESC/Java2: Uniting ESC/Java and JML. In: Barthe, G., Burdy, L., Huisman, M., Lanet, J.-L., Muntean, T. (eds.) CASSIS 2004. LNCS, vol. 3362, pp. 108-128. Springer, Heidelberg (2005)
18. Colcombet, T., Fradet, P.: Enforcing trace properties by program transformation. In: Principles of Programming Languages, POPL'00, pp. 54-66. ACM Press, New York (2000)
19. Coq development team: The Coq proof assistant reference manual V8.0. Technical Report 255, INRIA, France (mars 2004), http://coq.inria.fr/doc/main. html
20. Courbot, A., Pavlova, M., Grimaud, G., Vandewalle, J.J.: A low-footprint Java-to-native compilation scheme using formal methods. In: Domingo-Ferrer, J., Posegga, J., Schreckling, D. (eds.) CARDIS 2006. LNCS, vol. 3928, pp. 329-344. Springer, Heidelberg (2006)
21. Delahaye, D.: A tactic language for the system Coq. In: Parigot, M., Voronkov, A. (eds.) LPAR 2000. LNCS (LNAI), vol. 1955, pp. 85-95. Springer, Heidelberg (2000)
22. Detlefs, D., Nelson, G., Saxe, J.B.: Simplify: a theorem prover for program checking. Journal of the Association of Computing Machinery 52(3), 365-473 (2005)
23. Dijkstra, E.W.: Guarded commands, nondeterminacy and formal derivation of programs. Communications of the ACM 18(8), 453-457 (1975)
24. Erlingsson, U.: The Inlined Reference Monitor Approach to Security Policy Enforcement. PhD thesis, Department of Computer Science, Cornell University. Available as Technical Report 2003-1916 (2003)
25. Ernst, M.D., Cockrell, J., Griswold, W.G., Notkin, D.: Dynamically discovering likely program invariants to support program evolution. IEEE Transactions on Software Engineering 27(2), 1-25 (2001)
26. Flanagan, C., Leino, K.R.M.: Houdini, an annotation assistant for ESC/Java. In: Oliveira, J.N., Zave, P. (eds.) FME 2001. LNCS, vol. 2021, pp. 500-517. Springer, Heidelberg (2001)
27. Flanagan, C., Saxe, J.B.: Avoiding exponential explosion: Generating compact verification conditions. In: Principles of Programming Languages, pp. 193-205. New York, USA. Association of Computing Machinery Press (2001)
28. Jacobs, B.: Weakest precondition reasoning for Java programs with JML annotations. Journal of Logic and Algebraic Programming 58, 61-88 (2004)
29. Leavens, G.T., Baker, A.L., Ruby, C.: Preliminary design of JML: A behavioral interface specification language for Java. ACM SIGSOFT Software Engineering Notes 31, 1-38 (2006)
30. Leavens, G.T., Leino, K.R.M., Müller, P.: Specification and verification challenges for sequential object-oriented programs. Formal Aspects of Computing (to appear, 2007)
31. Leavens, G.T., Poll, E., Clifton, C., Cheon, Y., Ruby, C., Cok, D., Kiniry, J.: JML Reference Manual. In: Progress. Department of Computer Science, Iowa State University (July 2005), Available from http://www.jmlspecs.org
32. Lindholm, T., Yellin, F.: The Java™ Virtual Machine Specification, 2nd edn. Sun Microsystems, Inc. (1999), http://java.sun.com/docs/books/vmspec/
33. Marché, C., Paulin-Mohring, C., Urbain, X.: The Krakatoa tool for certification of Java/JavaCard programs annotated with JML annotations. Journal of Logic and Algebraic Programming 58, 89-106 (2004)
34. Meyer, J., Poetzsch-Heffter, A.: An architecture of interactive program provers. In: Graf, S., Schwartzbach, M. (eds.) ETAPS 2000 and TACAS 2000. LNCS, vol. 1785, pp. 63-77. Springer, Heidelberg (2000)
35. Necula, G.C.: Proof-carrying code. In: Principles of Programming Languages, pp. 106-119, New York, USA, Association of Computing Machinery Press (1997)
36. Pavlova, M.: Specification and verification of Java bytecode. PhD thesis, Université de Nice Sophia-Antipolis (2007)
37. Pavlova, M., Barthe, G., Burdy, L., Huisman, M., Lanet, J.-L.: Enforcing high-level security properties for applets. In: Paradinas, P., Quisquater, J.-J. (eds.) CARDIS 2004, Kluwer Academic Publishing, Dordrecht (2004)
38. Schneider, F.B.: Enforceable security policies. Technical Report TR99-1759, Cornell University (October 1999)
39. The Coq Development Team: The Coq Proof Assistant Reference Manual - Version V8.1 (July 2006), http://coq.inria.fr
40. Winterstein, D., Aspinall, D., Lüth, C.: Proof General/Eclipse: A generic interface for interactive proof. In: International Workshop on User Interfaces for Theorem Provers 2005 (UITP'05) (2005)