Islaris: verification of machine code against authoritative ISA semantics
Recent years have seen great advances towards verifying large-scale systems code.
However, these verifications are usually based on hand-written assembly or machine-code …
However, these verifications are usually based on hand-written assembly or machine-code …
Matching μ-logic
X Chen, G Roşu - 2019 34th Annual ACM/IEEE Symposium on …, 2019 - ieeexplore.ieee.org
Matching logic is a logic for specifying and reasoning about structure by means of patterns
and pattern matching. This paper makes two contributions. First, it proposes a sound and …
and pattern matching. This paper makes two contributions. First, it proposes a sound and …
{SpecROP}: Speculative exploitation of {ROP} chains
Speculative execution attacks, such as Spectre, reuse code from the victim's binary to
access and leak secret information during speculative execution. Every variant of the attack …
access and leak secret information during speculative execution. Every variant of the attack …
Scalable validation of binary lifters
Validating the correctness of binary lifters is pivotal to gain trust in binary analysis, especially
when used in scenarios where correctness is important. Existing approaches focus on …
when used in scenarios where correctness is important. Existing approaches focus on …
Towards a trustworthy semantics-based language framework via proof generation
We pursue the vision of an ideal language framework, where programming language
designers only need to define the formal syntax and semantics of their languages, and all …
designers only need to define the formal syntax and semantics of their languages, and all …
KBX: Verified Model Synchronization via Formal Bidirectional Transformation
Complex safety-critical systems require multiple models for a comprehensive description,
resulting in error-prone development and laborious verification. Bidirectional transformation …
resulting in error-prone development and laborious verification. Bidirectional transformation …
[PDF][PDF] Synthct: Towards portable constant-time code
S Dinesh, G Garrett-Grossman, CW Fletcher - NDSS, 2022 - par.nsf.gov
Recent attacks have demonstrated that modern microarchitectures are fraught with
microarchitectural side channels. Constant-time (CT) programming is a software …
microarchitectural side channels. Constant-time (CT) programming is a software …
A general approach to define binders using matching logic
X Chen, G Roşu - Proceedings of the ACM on Programming Languages, 2020 - dl.acm.org
We propose a novel definition of binders using matching logic, where the binding behavior
of object-level binders is directly inherited from the built-in exists binder of matching logic …
of object-level binders is directly inherited from the built-in exists binder of matching logic …
Program analysis via efficient symbolic abstraction
This paper concerns the scalability challenges of symbolic abstraction: given a formula ϕ in
a logic L and an abstract domain A, find a most precise element in the abstract domain that …
a logic L and an abstract domain A, find a most precise element in the abstract domain that …
Generating Proof Certificates for a Language-Agnostic Deductive Program Verifier
Previous work on rewriting and reachability logic establishes a vision for a language-
agnostic program verifier, which takes three inputs: a program, its formal specification, and …
agnostic program verifier, which takes three inputs: a program, its formal specification, and …