research-article

Open access

Verified low-level programming embedded in F*

Authors:

Jonathan Protzenko,

Jean-Karim Zinzindohoué,

Tahina Ramananandro,

Santiago Zanella-Béguelin,

Antoine Delignat-Lavaud,

Cătălin Hriţcu,

Karthikeyan Bhargavan,

Cédric Fournet,

Nikhil SwamyAuthors Info & Claims

Proceedings of the ACM on Programming Languages, Volume 1, Issue ICFP

Article No.: 17, Pages 1 - 29

https://doi.org/10.1145/3110261

Published: 29 August 2017 Publication History

Abstract

We present Low*, a language for low-level programming and verification, and its application to high-assurance optimized cryptographic libraries. Low* is a shallow embedding of a small, sequential, well-behaved subset of C in F*, a dependently- typed variant of ML aimed at program verification. Departing from ML, Low* does not involve any garbage collection or implicit heap allocation; instead, it has a structured memory model à la CompCert, and it provides the control required for writing efficient low-level security-critical code.

By virtue of typing, any Low* program is memory safe. In addition, the programmer can make full use of the verification power of F* to write high-level specifications and verify the functional correctness of Low* code using a combination of SMT automation and sophisticated manual proofs. At extraction time, specifications and proofs are erased, and the remaining code enjoys a predictable translation to C. We prove that this translation preserves semantics and side-channel resistance.

We provide a new compiler back-end from Low* to C and, to evaluate our approach, we implement and verify various cryptographic algorithms, constructions, and tools for a total of about 28,000 lines of code. We show that our Low* code delivers performance competitive with existing (unverified) C cryptographic libraries, suggesting our approach may be applicable to larger-scale low-level software.

Supplementary Material

Auxiliary Archive (icfp17-main96-s.zip)

This archive contains the copy of the repository for our Everest project, as evaluated as part of the ICFP 2017 artifact evaluation process. This artifact is also available as a ready-to-run Docker image, projecteverest/everest-icfp2017aec, available from the Docker Hub. Please read README.md for more details.

Download
20.31 KB

References

[1]

2008–2017. The Sodium crypto library (libsodium). (2008–2017). https://www.gitbook.com/book/jedisct1/libsodium/details

[2]

2010–2017. The Rust Programming Language. (2010–2017). https://www.rust- lang.org

[3]

2016. CVE-2016-7054: ChaCha20/Poly1305 heap-buffer-overflow. (Nov. 2016). http://cve.mitre.org/cgi- bin/cvename.cgi? name=CVE- 2016- 7054

[4]

2017. Common Weakness Enumeration (CWE-190: Integer Overflow or Wraparound). (2017). https://cwe.mitre.org/data/ definitions/190.html

[5]

2017. Common Weakness Enumeration (CWE-415: Double Free). (2017). http://cwe.mitre.org/data/definitions/415.html

[6]

2017. Common Weakness Enumeration (CWE-416: Use After Free). (2017). http://cwe.mitre.org/data/definitions/416.html

[7]

J. Afek and A. Sharabani. 2007. Dangling Pointer – Smashing The Pointer For Fun And Profit. BlackHat USA. (July 2007).

[8]

Danel Ahman, Cătălin Hriţcu, Kenji Maillard, Guido Martínez, Gordon Plotkin, Jonathan Protzenko, Aseem Rastogi, and Nikhil Swamy. 2017. Dijkstra Monads for Free. In 44th ACM SIGPLAN Symposium on Principles of Programming Languages (POPL). ACM, 515–529.

Digital Library

[9]

Nadhem J. AlFardan and Kenneth G. Paterson. 2013. Lucky Thirteen: Breaking the TLS and DTLS Record Protocols. In 2013 IEEE Symposium on Security and Privacy. 526–540.

Digital Library

[10]

José Bacelar Almeida, Manuel Barbosa, Gilles Barthe, and François Dupressoir. 2016a. Verifiable Side-Channel Security of Cryptographic Implementations: Constant-Time MEE-CBC. In Fast Software Encryption - 23rd International Conference, FSE 2016. 163–184.

[11]

José Bacelar Almeida, Manuel Barbosa, Gilles Barthe, François Dupressoir, and Michael Emmi. 2016b. Verifying ConstantTime Implementations. In 25th USENIX Security Symposium, USENIX Security 16. 53–70.

[12]

Sidney Amani, Alex Hixon, Zilin Chen, Christine Rizkallah, Peter Chubb, Liam O’Connor, Joel Beeren, Yutaka Nagashima, Japheth Lim, Thomas Sewell, and others. 2016. COGENT: Verifying High-Assurance File System Implementations. In Proceedings of the Twenty-First International Conference on Architectural Support for Programming Languages and Operating Systems. ACM, 175–188.

Digital Library

[13]

Nada Amin and Tiark Rompf. 2017. LMS-Verify: Abstraction without Regret for Verified Systems Programming. To appear in 44th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL’17). (2017). https: //www.cs.purdue.edu/homes/rompf/papers/amin- draft2016b.pdf

[14]

Andrew W. Appel. 2015. Verification of a Cryptographic Primitive: SHA-256. ACM Trans. Program. Lang. Syst. 37, 2 (2015), 7.

Digital Library

[15]

Gilles Barthe, Gustavo Betarte, Juan Diego Campo, Carlos Daniel Luna, and David Pichardie. 2014. System-level Noninterference for Constant-time Cryptography. In 2014 ACM SIGSAC Conference on Computer and Communications Security, CCS 2014. 1267–1279.

[16]

David Benjamin. 2016. poly1305-x86.pl produces incorrect output. https://mta.openssl.org/pipermail/openssl- dev/ 2016- March/006161 . (2016).

[17]

Emery D. Berger, Benjamin G. Zorn, and Kathryn S. McKinley. 2002. Reconsidering Custom Memory Allocation. In Proceedings of the 17th ACM SIGPLAN Conference on Object-oriented Programming, Systems, Languages, and Applications, OOPSLA 2002. ACM, 1–12.

Digital Library

[18]

Lennart Beringer, Adam Petcher, Q Ye Katherine, and Andrew W Appel. 2015. Verified correctness and security of OpenSSL HMAC. In 24th USENIX Security Symposium (USENIX Security 15). 207–221.

[19]

Daniel J Bernstein. 2005. The Poly1305-AES message-authentication code. In International Workshop on Fast Software Encryption. Springer, 32–49.

Digital Library

[20]

Daniel J Bernstein. 2006. Curve25519: new Diffie-Hellman speed records. In International Workshop on Public Key Cryptography. Springer, 207–228.

Digital Library

[21]

Daniel J Bernstein. 2008. The Salsa20 family of stream ciphers. In New stream cipher designs. Springer, 84–97.

Digital Library

[22]

Daniel J Bernstein, Tanja Lange, and Peter Schwabe. 2012. The security impact of a new cryptographic library. In International Conference on Cryptology and Information Security in Latin America, LATINCRYPT 2012. Springer, 159–176.

Digital Library

[23]

Daniel J Bernstein, Bernard Van Gastel, Wesley Janssen, Tanja Lange, Peter Schwabe, and Sjaak Smetsers. 2014. TweetNaCl: A crypto library in 100 tweets. In International Conference on Cryptology and Information Security in Latin America, LATINCRYPT 2014. 64–83.

[24]

Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Cédric Fournet, Alfredo Pironti, and Pierre-Yves Strub. 2014. Triple Handshakes and Cookie Cutters: Breaking and Fixing Authentication over TLS. In 2014 IEEE Symposium on Security and Privacy. 98–113.

Digital Library

[25]

Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Cédric Fournet, Markulf Kohlweiss, Jianyang Pan, Jonathan Protzenko, Aseem Rastogi, Nikhil Swamy, Santiago Zanella Béguelin, and Jean Karim Zinzindohoue. 2017. Implementing and Proving the TLS 1.3 Record Layer. IEEE Security & Privacy (2017).

[26]

Karthikeyan Bhargavan, Cédric Fournet, Markulf Kohlweiss, Alfredo Pironti, and P Strub. 2013. Implementing TLS with verified cryptographic security. In IEEE Symposium on Security and Privacy. 445–459.

Digital Library

[27]

Karthikeyan Bhargavan, Cédric Fournet, Markulf Kohlweiss, Alfredo Pironti, Pierre-Yves Strub, and Santiago ZanellaBéguelin. 2014. Proving the TLS handshake secure (as it is). In Advances in Cryptology–CRYPTO 2014. Springer, 235–255.

[28]

Karthikeyan Bhargavan and Gaëtan Leurent. 2016. On the Practical (In-)Security of 64-bit Block Ciphers: Collision Attacks on HT TP over TLS and OpenVPN. Cryptology ePrint Archive, Report 2016/798. (2016). http://eprint.iacr.org/2016/798 .

[29]

Sandrine Blazy and Xavier Leroy. 2009. Mechanized semantics for the Clight subset of the C language. Journal of Automated Reasoning 43, 3 (2009), 263–288.

[30]

Hanno Böck. 2016. Wrong results with Poly1305 functions. https://mta.openssl.org/pipermail/openssl- dev/2016- March/ 006413 . (2016).

[31]

Hanno Böck, Aaron Zauner, Sean Devlin, Juraj Somorovsky, and Philipp Jovanovic. 2016. Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS. Cryptology ePrint Archive, Report 2016/475. (2016). http://eprint.iacr.org/ 2016/475 .

[32]

Barry Bond, Chris Hawblitzel, Manos Kapritsos, K. Rustan M. Leino, Jacob R. Lorch, Bryan Parno, Ashay Rane, Srinath Setty, and Laure Thompson. 2017. Vale: Verifying High-Performance Cryptographic Assembly Code. In Proceedings of the USENIX Security Symposium.

Digital Library

[33]

Hao Chen, Xiongnan (Newman) Wu, Zhong Shao, Joshua Lockerman, and Ronghui Gu. 2016. Toward compositional verification of interruptible OS kernels and device drivers. In 37th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2016. 431–447.

Digital Library

[34]

Yu-Fang Chen, Chang-Hong Hsu, Hsin-Hung Lin, Peter Schwabe, Ming-Hsien Tsai, Bow-Yaw Wang, Bo-Yin Yang, and Shang-Yi Yang. 2014. Verifying curve25519 software. In ACM SIGSAC Conference on Computer and Communications Security (CCS). 299–309.

Digital Library

[35]

Adam Chlipala. 2013. The Bedrock structured programming system: Combining generative metaprogramming and Hoare logic in an extensible program verifier. In ACM SIGPLAN Notices, Vol. 48. ACM, 391–402.

Digital Library

[36]

Ernie Cohen, Markus Dahlweid, Mark Hillebrand, Dirk Leinenbach, Michał Moskal, Thomas Santen, Wolfram Schulte, and Stephan Tobies. 2009. VCC: A practical system for verifying concurrent C. In International Conference on Theorem Proving in Higher Order Logics. Springer, 23–42.

Digital Library

[37]

Jeremy Condit, Matthew Harren, Zachary Anderson, David Gay, and George C Necula. 2007. Dependent types for low-level programming. In European Symposium on Programming. Springer, 520–535.

[38]

Leonardo Mendonça de Moura and Nikolaj Bjørner. 2008. Z3: An Efficient SMT Solver. In 14th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, TACAS (Lecture Notes in Computer Science), Vol. 4963. Springer, 337–340.

[39]

I. Dobrovitski. 2003. Exploit for CVS double free() for Linux pserver. (Feb. 2003). http://archives.neohapsis.com/archives/ fulldisclosure/2003- q1/0545.html

[40]

Robert W. Dockins. 2012. Operational Refinement for Compiler Correctness. Ph.D. Dissertation. Princeton University.

[41]

Joey Dodds. 2016. Part one: Verifying s2n HMAC with SAW. Galois Blog. (Sept. 2016). https://galois.com/blog/2016/09/ specifying- hmac- in- cryptol/

[42]

Thai Duong and Juliano Rizzo. 2011. Here Come The ⊕ Ninjas. Available at http://nerdoholic.org/uploads/dergln/beast_ part2/ssl_jun21.pdf . (May 2011).

[43]

Anthony Green. 2014. The libffi home page. (2014). http://sourceware.org/libffi

[44]

David Greenaway, June Andronick, and Gerwin Klein. 2012. Bridging the Gap: Automatic Verified Abstraction of C. In 3rd International Conference on Interactive Theorem Proving, ITP 2012 (Lecture Notes in Computer Science), Vol. 7406. Springer, 99–115.

[45]

David Greenaway, Japheth Lim, June Andronick, and Gerwin Klein. 2014. Don’t sweat the small stuff: formal verification of C code without the pain. In ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2014. ACM, 429–439.

Digital Library

[46]

Heartbleed. 2014. The Heartbleed Bug. http://heartbleed.com/ . (2014).

[47]

Bart Jacobs, Jan Smans, and Frank Piessens. 2014. The VeriFast Program Verifier: A Tutorial. iMinds-DistriNet, Department of Computer Science, KU Leuven - University of Leuven, Belgium. (2014). https://people.cs.kuleuven.be/~bart.jacobs/ verifast/tutorial.pdf

[48]

Trevor Jim, J Gregory Morrisett, Dan Grossman, Michael W Hicks, James Cheney, and Yanling Wang. 2002. Cyclone: A Safe Dialect of C. In USENIX Annual Technical Conference, General Track. 275–288.

[49]

David Kaloper-Meršinjak, Hannes Mehnert, Anil Madhavapeddy, and Peter Sewell. 2015. Not-quite-so-broken TLS: Lessons in re-engineering a security protocol specification and implementation. In 24th USENIX Security Symposium (USENIX Security 15). 223–238.

[50]

Florent Kirchner, Nikolai Kosmatov, Virgile Prevosto, Julien Signoles, and Boris Yakobowski. 2015. Frama-C: A software analysis perspective. Formal Asp. Comput. 27, 3 (2015), 573–609.

Digital Library

[51]

G. Klein, K. Elphinstone, G. Heiser, J. Andronick, D. Cock, P. Derrin, D. Elkaduwe, K. Engelhardt, R. Kolanski, M. Norrish, T. Sewell, H. Tuch, and S. Winwood. 2009. seL4: Formal Verification of an OS Kernel. In Proceedings of the Symposium on Operating Systems Principles. ACM, 207–220.

Digital Library

[52]

Paul C. Kocher. 1996. Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In Advances in Cryptology – CRYPTO 1996. Springer, 104–113.

[53]

Xavier Leroy. 2004–2016. The CompCert C verified compiler. http://compcert.inria.fr/ . (2004–2016).

[54]

Xavier Leroy. 2009. Formal verification of a realistic compiler. Commun. ACM 52, 7 (2009), 107–115.

Digital Library

[55]

Xavier Leroy, Andrew W. Appel, Sandrine Blazy, and Gordon Stewart. 2012. The CompCert Memory Model, Version 2. Research report RR-7987. INRIA. http://hal.inria.fr/hal- 00703441

[56]

Pierre Letouzey. 2002. A new extraction for Coq. In Types for proofs and programs. Springer, 200–219.

[57]

Pierre Letouzey. 2008. Extraction in Coq: An Overview. In 4th Conference on Computability in Europe (Lecture Notes in Computer Science), Vol. 5028. Springer, 359–369.

Digital Library

[58]

Nicholas D Matsakis and Felix S Klock II. 2014. The Rust language. In ACM SIGAda Ada Letters, Vol. 34. ACM, 103–104.

Digital Library

[59]

John McCarthy. 1962. Towards a Mathematical Science of Computation. In IFIP Congress. 21–28.

[60]

Microsoft Research and INRIA. 2016. Everest: VERifiEd Secure Transport. https://project- everest.github.io/ . (2016).

[61]

Bodo Möller, Thai Duong, and Krzysztof Kotowicz. 2014. This POODLE Bites: Exploiting The SSL 3.0 Fallback. Available at https://www.openssl.org/~bodo/ssl- poodle.pdf . (2014).

[62]

David Molnar, Matt Piotrowski, David Schultz, and David Wagner. 2006. The Program Counter Security Model: Automatic Detection and Removal of Control-flow Side Channel Attacks. In 8th International Conference on Information Security and Cryptology, ICISC 2005. Springer, 156–168.

Digital Library

[63]

Yoav Nir and Adam Langley. 2015. ChaCha20 and Poly1305 for IETF Protocols. IETF RFC 7539. (2015).

[64]

OpenSSL library. 1998–2017. OpenSSL: Cryptography and SSL/TLS Toolkit. (1998–2017). https://www.openssl.org/

[65]

Jonathan D. Pincus and Brandon Baker. 2004. Beyond Stack Smashing: Recent Advances in Exploiting Buffer Overruns. IEEE Security & Privacy 2, 4 (2004), 20–27.

Digital Library

[66]

Jonathan Protzenko. 2017. The KreMLin compiler. (2017). https://www.github.com/FStarLang/kremlin

[67]

Julian Rizzo and Thai Duong. 2012. The CRIME Attack. (September 2012).

[68]

Norbert Schirmer. 2006. Verification of sequential imperative programs in Isabelle-HOL. Ph.D. Dissertation. Technical University Munich.

[69]

Ben Smyth and Alfredo Pironti. 2014. Truncating TLS Connections to Violate Beliefs in Web Applications. Technical Report hal-01102013. Inria. https://hal.inria.fr/hal- 01102013

[70]

Juraj Somorovsky. 2016. Systematic fuzzing and testing of TLS libraries. In 23rd ACM Conference on Computer and Communications Security, CCS 2016.

Digital Library

[71]

Marc Stevens, Pierre Karpman, and Thomas Peyrin. 2016. Freestart Collision for Full SHA-1. In Advances in Cryptology – EUROCRYPT 2016. Springer, 459–483.

Digital Library

[72]

Nikhil Swamy, Cătălin Hriţcu, Chantal Keller, Aseem Rastogi, Antoine Delignat-Lavaud, Simon Forest, Karthikeyan Bhargavan, Cédric Fournet, Pierre-Yves Strub, Markulf Kohlweiss, Jean-Karim Zinzindohoué, and Santiago Zanella-Béguelin. 2016. Dependent Types and Multi-Monadic Effects in F*. In 43rd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL). ACM, 256–270. https://www.fstar- lang.org/papers/mumon/

Digital Library

[73]

Robert Święcki. 2016. ChaCha20/Poly1305 heap-buffer-overflow. CVE-2016-7054. (2016).

[74]

Laszlo Szekeres, Mathias Payer, Tao Wei, and Dawn Song. 2013. SoK: Eternal War in Memory. In IEEE Symposium on Security and Privacy. IEEE Computer Society, 48–62.

Digital Library

[75]

David Tarditi. 2016. Extending C with bounds safety. Checked C Technical Report, Version 0.6. (Nov. 2016). https: //github.com/Microsoft/checkedc

[76]

Mads Tofte and Jean-Pierre Talpin. 1997. Region-Based Memory Management. Inf. Comput. 132, 2 (Feb. 1997), 109–176.

Digital Library

[77]

A. Tomb. 2016. Automated Verification of Real-World Cryptographic Implementations. IEEE Security Privacy 14, 6 (2016), 26–33.

Digital Library

[78]

David Wagner and Bruce Schneier. 1996. Analysis of the SSL 3.0 Protocol. In 2nd USENIX Workshop on Electronic Commerce, WOEC 1996. 29–40.

[79]

Simon Winwood, Gerwin Klein, Thomas Sewell, June Andronick, David Cock, and Michael Norrish. 2009. Mind the Gap. In 22nd International Conference on Theorem Proving in Higher Order Logics, TPHOLs 2009 (Lecture Notes in Computer Science), Vol. 5674. Springer, 500–515.

Digital Library

[80]

Jianzhou Zhao, Santosh Nagarakatte, Milo M. K. Martin, and Steve Zdancewic. 2012. Formalizing the LLVM intermediate representation for verified program transformations. In ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL). 427–440.

Digital Library

[81]

Jianzhou Zhao, Santosh Nagarakatte, Milo M. K. Martin, and Steve Zdancewic. 2013. Formal verification of SSA-based optimizations for LLVM. In ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI). 175–186.

Digital Library

[82]

Jean Karim Zinzindohoué, Evmorfia-Iro Bartzia, and Karthikeyan Bhargavan. 2016. A Verified Extensible Library of Elliptic Curves. In IEEE Computer Security Foundations Symposium (CSF).

[83]

Jean-Karim Zinzindohoué, Karthikeyan Bhargavan, Jonathan Protzenko, and Benjamin Beurdouche. 2017. HACL*: A Verified Modern Cryptographic Library. Cryptology ePrint Archive, Report 2017/536. (2017). http://eprint.iacr.org/2017/536 .

[84]

Jean-Karim Zinzindohoué, Karthikeyan Bhargavan, and Benjamin Beurdouche. 2017. HACL*: A Verified Modern Cryptographic Library. (2017). https://www.github.com/mitls/hacl- star

Cited By

Xu QSanan DHou ZLuan XWatt CLiu Y(2025)Generically Automating Separation Logic by Functors, Homomorphisms, and ModulesProceedings of the ACM on Programming Languages10.1145/37049039:POPL(1992-2024)Online publication date: 9-Jan-2025
https://dl.acm.org/doi/10.1145/3704903
Zhou ZAnjali Chen WGong SHawblitzel CCui WGavrilovska ATerry D(2024)VERISMOProceedings of the 18th USENIX Conference on Operating Systems Design and Implementation10.5555/3691938.3691970(599-614)Online publication date: 10-Jul-2024
https://dl.acm.org/doi/10.5555/3691938.3691970
Athalye ACorrigan-Gibbs HKaashoek FTassarotti JZeldovich NWitchel EArpaci-Dusseau ARossbach CKeeton K(2024)Modular Verification of Secure and Leakage-Free Systems: From Application Specification to Circuit-Level ImplementationProceedings of the ACM SIGOPS 30th Symposium on Operating Systems Principles10.1145/3694715.3695956(655-672)Online publication date: 4-Nov-2024
https://dl.acm.org/doi/10.1145/3694715.3695956
Show More Cited By

Index Terms

Verified low-level programming embedded in F*
1. Software and its engineering
  1. Software notations and tools
  2. Software organization and properties
    1. Software functional properties
      1. Correctness
      2. Formal methods
        Software verification
2. Theory of computation
  1. Logic
    1. Hoare logic
    2. Type theory

Recommendations

Verified peephole optimizations for CompCert
PLDI '16

Transformations over assembly code are common in many compilers. These transformations are also some of the most bug-dense compiler components. Such bugs could be elim- inated by formally verifying the compiler, but state-of-the- art formally verified ...
Verified peephole optimizations for CompCert
PLDI '16: Proceedings of the 37th ACM SIGPLAN Conference on Programming Language Design and Implementation

Transformations over assembly code are common in many compilers. These transformations are also some of the most bug-dense compiler components. Such bugs could be elim- inated by formally verifying the compiler, but state-of-the- art formally verified ...
Programming Languages The First 25 Years

The programming language field is certainly one of the most important subfields of computer science. It is rich in concepts, theories, and practical developments. The present paper attempts to trace the 25 year development of programming languages by ...

Comments

Information & Contributors

Information

Published In

cover image Proceedings of the ACM on Programming Languages

Proceedings of the ACM on Programming Languages Volume 1, Issue ICFP

September 2017

1173 pages

EISSN:2475-1421

DOI:10.1145/3136534

Issue’s Table of Contents

Copyright © 2017 Owner/Author.

This work is licensed under a Creative Commons Attribution International 4.0 License.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 29 August 2017

Published in PACMPL Volume 1, Issue ICFP

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Badges

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

84
Total Citations
View Citations
1,423
Total Downloads

Downloads (Last 12 months)278
Downloads (Last 6 weeks)30

Reflects downloads up to 25 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Xu QSanan DHou ZLuan XWatt CLiu Y(2025)Generically Automating Separation Logic by Functors, Homomorphisms, and ModulesProceedings of the ACM on Programming Languages10.1145/37049039:POPL(1992-2024)Online publication date: 9-Jan-2025
https://dl.acm.org/doi/10.1145/3704903
Zhou ZAnjali Chen WGong SHawblitzel CCui WGavrilovska ATerry D(2024)VERISMOProceedings of the 18th USENIX Conference on Operating Systems Design and Implementation10.5555/3691938.3691970(599-614)Online publication date: 10-Jul-2024
https://dl.acm.org/doi/10.5555/3691938.3691970
Athalye ACorrigan-Gibbs HKaashoek FTassarotti JZeldovich NWitchel EArpaci-Dusseau ARossbach CKeeton K(2024)Modular Verification of Secure and Leakage-Free Systems: From Application Specification to Circuit-Level ImplementationProceedings of the ACM SIGOPS 30th Symposium on Operating Systems Principles10.1145/3694715.3695956(655-672)Online publication date: 4-Nov-2024
https://dl.acm.org/doi/10.1145/3694715.3695956
Reitz AFromherz AProtzenko J(2024)StarMalloc: Verifying a Modern, Hardened Memory AllocatorProceedings of the ACM on Programming Languages10.1145/36897738:OOPSLA2(1757-1786)Online publication date: 8-Oct-2024
https://dl.acm.org/doi/10.1145/3689773
Webbers Rvon Gleissenthall KJhala R(2024)Refinement Type RefutationsProceedings of the ACM on Programming Languages10.1145/36897458:OOPSLA2(962-987)Online publication date: 8-Oct-2024
https://dl.acm.org/doi/10.1145/3689745
Ruan HNoller YTizpaz-Niari SChattopadhyay SRoychoudhury A(2024)Timing Side-Channel Mitigation via Automated Program RepairACM Transactions on Software Engineering and Methodology10.1145/367816933:8(1-27)Online publication date: 16-Jul-2024
https://dl.acm.org/doi/10.1145/3678169
Disselkoen CEline AHe SHeadley KHicks MHietala KKastner JMamat AMcCutchen MRungta NShah BTorlak EWells Ad'Amorim M(2024)How We Built Cedar: A Verification-Guided ApproachCompanion Proceedings of the 32nd ACM International Conference on the Foundations of Software Engineering10.1145/3663529.3663854(351-357)Online publication date: 10-Jul-2024
https://dl.acm.org/doi/10.1145/3663529.3663854
Erbsen APhilipoom JJamner DLin AGruetter SPit-Claudel CChlipala A(2024)Foundational Integration Verification of a Cryptographic ServerProceedings of the ACM on Programming Languages10.1145/36564468:PLDI(1704-1729)Online publication date: 20-Jun-2024
https://dl.acm.org/doi/10.1145/3656446
Forster YSozeau MTabareau N(2024)Verified Extraction from Coq to OCamlProceedings of the ACM on Programming Languages10.1145/36563798:PLDI(52-75)Online publication date: 20-Jun-2024
https://dl.acm.org/doi/10.1145/3656379
Andrici CCiobâcă ȘHriţcu CMartínez GRivas ETanter ÉWinterhalter T(2024)Securing Verified IO Programs Against Unverified Code in F*Proceedings of the ACM on Programming Languages10.1145/36329168:POPL(2226-2259)Online publication date: 5-Jan-2024
https://dl.acm.org/doi/10.1145/3632916
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Figures

Tables

Media

View Issue’s Table of Contents