A DSL for cross-domain security
Pages 53 - 62
Abstract
Guardol is a domain-specific language focused on the creation of high-assurance network guards and the specification of guard properties. The Guardol system generates Ada code from Guardol programs and also provides specification and automated verification support. Guard programs and specifications are translated to higher order logic, then deductively transformed to a form suitable for a SMT-style decision procedure for recursive functions over tree-structured data. The result is that difficult properties of Guardol programs can be proved fully automatically.
References
[1]
C. Barrett, C. L. Conway, M. Deters, L. Hadarean, D. Jovanović, T. King, A. Reynolds, and C. Tinelli. CVC4. In Proceedings of the 23rd international conference on Computer aided verification, CAV'11, pages 171--177, 2011.
[2]
C. Barrett, A. Stump, and C. Tinelli. The SMT-LIB standard: Version 2.0. In A. Gupta and D. Kroening, editors, Proceedings of the 8th International Workshop on Satisfiability Modulo Theories (Edinburgh, England), 2010.
[3]
S. Böhme, A. Fox, T. Sewell, and T. Weber. Reconstruction of Z3's bit-vector proofs in HOL4 and Isabelle/HOL. In Proceedings of Certified Programs and Proofs, volume 7086 of LNCS. Springer, 2011.
[4]
R. Bruttomesso, E. Pek, N. Sharygina, and A. Tsitovich. The OpenSMT solver. In Proceedings of TACAS, volume 6015 of LNCS, 2010.
[5]
L. De Moura and N. Bjorner. Z3: An Efficient SMT Solver. In Proceedings of the Theory and practice of software, 14th international conference on Tools and algorithms for the construction and analysis of systems, TACAS'08/ETAPS'08, pages 337--340, 2008.
[6]
M. Eysholdt and H. Behrens. Xtext: implement your language faster than the quick and dirty way. In Proceedings of the ACM international conference companion on Object oriented programming systems languages and applications companion, SPLASH'10, pages 307--309. ACM, 2010.
[7]
J.-C. Filliatre. Deductive Program Verification. Thàse d'habilitation, Universite Paris 11, Dec. 2011.
[8]
H. Ganzinger, G. Hagen, R. Nieuwenhuis, A. Oliveras, and C. Tinelli. DPLL(T): Fast decision procedures. In Proceedings of CAV, volume 3114 of LNCS, pages 175--188. Springer, 2004.
[9]
J. Goguen and J. Meseguer. Security policies and security models. In Proc of IEEE Symposium on Security and Privacy, pages 11--20. IEEE Computer Society Press, 1982.
[10]
D. Greve. Assuming termination. In Proceedings of ACL2 Workshop, ACL2'09, pages 114--122. ACM, 2009.
[11]
P. Hooimeijer, B. Livshits, D. Molnar, P. Saxena, and M. Veanes. Fast and precise sanitizer analysis with BEK. In Proceedings of the 20th USENIX conference on Security, pages 1--16, Berkeley, CA, USA, 2011. USENIX Association.
[12]
R. C. Inc. Turnstile High Assurance Guard Homepage. http://www.rockwellcollins.com/.
[13]
A. Kiezun, V. Ganesh, P. Guo, P. Hooimeijer, and M. Ernst. HAMPI: A solver for string constraints. In Proceedings of ISSTA, 2009.
[14]
A. Krauss. Automating recursive definitions and termination proofs in higher order logic. PhD thesis, TU Munich, 2009.
[15]
K. R. Leino. Automating induction with an SMT solver. In Proceedings of VMCAI, volume 7148 of LNCS. Springer, 2012.
[16]
K. R. Leino and P. Ruemmer. A polymorphic intermediate verification language: Design and logical encoding. In Proceedings of TACAS, volume 6015 of LNCS, 2010.
[17]
E. Meijer, M. Fokkinga, and R. Paterson. Functional programming with bananas, lenses, envelopes, and barbed wire. In Proceedings of FPCA, volume 523 of LNCS, 1991.
[18]
S. Miller, M. Whalen, and D. Cofer. Software model checking takes off. CACM, 53:58--64, February 2010.
[19]
R. Milner, M. Tofte, R. Harper, and D. MacQueen. The Definition of Standard ML (Revised). The MIT Press, 1997.
[20]
M. Myreen. Formal verification of machine-code programs. PhD thesis, University of Cambridge, 2009.
[21]
S. Peyton Jones et al. The Haskell 98 language and libraries: The revised report. Journal of Functional Programming, 13(1):0--255, Jan 2003.
[22]
N. Schirmer. Verification of sequential imperative programs in Isabelle/HOL. PhD thesis, TU Munich, 2006.
[23]
P. Sestoft. ML pattern match compilation and partial evaluation. In Dagstuhl Seminar on Partial Evaluation, volume 1110 of LNCS, pages 446--464, 1996.
[24]
K. Slind and M. Norrish. A brief overview of HOL4. In Proceedings of TPHOLs, volume 5170 of LNCS, pages 28--32, 2008.
[25]
P. Suter, M. Dotta, and V. Kuncak. Decision procedures for algebraic data types with abstractions. In Proceedings of POPL, pages 199--210. ACM, 2010.
[26]
P. Suter, A. Köksal, and V. Kuncak. Satisfiability modulo recursive programs. In E. Yahav, editor, Proceedings of Static Analysis, volume 6887 of LNCS, pages 298--315. Springer, 2011.
[27]
M. Whalen, D. Greve, and L. Wagner. Model checking information flow. In D. Hardin, editor, Design and Verification of Microprocessor Systems for High-Assurance Applications. Springer, 2010.
Index Terms
- A DSL for cross-domain security
Recommendations
A DSL for cross-domain security
HILT '12Guardol is a domain-specific language focused on the creation of high-assurance network guards and the specification of guard properties. The Guardol system generates Ada code from Guardol programs and also provides specification and automated ...
Domain specific: a binary decision?
DSM '10: Proceedings of the 10th Workshop on Domain-Specific ModelingIt is often considered a binary decision whether something is domain specific or not. Consequently, there are domain specific languages (DSL) and general purpose languages (GPL), there are domain specific and non-domain specific modeling tools, there ...
Assertion Based Verification using Yosys: A Case Study from Nuclear Domain
ISEC '23: Proceedings of the 16th Innovations in Software Engineering ConferenceAssertion Based Verification is a design methodology that integrates Formal Methods as part of the design process. As each module is designed, the designer expresses the functional, structural and interface requirements of the module as logical formulas ...
Comments
Information & Contributors
Information
Published In
December 2012
118 pages
ISBN:9781450315050
DOI:10.1145/2402676
- Conference Chair:
- Ben Brosgol,
- Program Chairs:
- Jeff Boleng,
- Tucker Taft
Copyright © 2012 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 02 December 2012
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
HILT'12
Sponsor:
Acceptance Rates
HILT '12 Paper Acceptance Rate 6 of 11 submissions, 55%;
Overall Acceptance Rate 27 of 48 submissions, 56%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 111Total Downloads
- Downloads (Last 12 months)2
- Downloads (Last 6 weeks)0
Reflects downloads up to 08 Feb 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in