search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Certified Binaries for Software Components

Technical Report
By
In this report, the authors present an approach to certify binary code against expressive policies to achieve the benefits of PCC and CMC.
Publisher

Software Engineering Institute

CMU/SEI Report Number
CMU/SEI-2007-TR-001
DOI (Digital Object Identifier)
10.1184/R1/6572207.v1
Subjects

Abstract

Proof-carrying code (PCC) and certifying model checking (CMC) are two established paradigms for obtaining objective confidence in the runtime behavior of a program. PCC enables the certification of low-level binary code against relatively simple (e.g., memory-safety) policies. In contrast, CMC provides a way to certify a richer class of temporal logic policies, but is typically restricted to high-level (e.g., source) code. In this report, an approach is presented to certify binary code against expressive policies, and thereby achieve the benefits of both PCC and CMC. This approach generates certified binaries from software specifications in an automated manner. The specification language uses a subset of UML statecharts to specify component behavior and is compiled to the Pin component technology. The overall approach thus demonstrates that formal certification technology is compatible with, and can indeed exploit, model-driven approaches to software development. Moreover, this approach allows the developer to trust the code that is produced without having to trust the tools that produced it. In this report details of this approach are presented and experimental results on a collection of benchmarks are described.

SHARE
Download PDF
Cite This Technical Report

Chaki, S., Ivers, J., Lee, P., Wallnau, K., & Zeilberger, N. (2007, September 1). Certified Binaries for Software Components. (Technical Report CMU/SEI-2007-TR-001). Retrieved April 18, 2024, from https://doi.org/10.1184/R1/6572207.v1.

@techreport{chaki_2007,
author={Chaki, Sagar and Ivers, James and Lee, Peter and Wallnau, Kurt and Zeilberger, Noam},
title={Certified Binaries for Software Components},
month={Sep},
year={2007},
number={CMU/SEI-2007-TR-001},
howpublished={Carnegie Mellon University, Software Engineering Institute's Digital Library},
url={https://doi.org/10.1184/R1/6572207.v1},
note={Accessed: 2024-Apr-18}
}

Chaki, Sagar, James Ivers, Peter Lee, Kurt Wallnau, and Noam Zeilberger. "Certified Binaries for Software Components." (CMU/SEI-2007-TR-001). Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, September 1, 2007. https://doi.org/10.1184/R1/6572207.v1.

S. Chaki, J. Ivers, P. Lee, K. Wallnau, and N. Zeilberger, "Certified Binaries for Software Components," Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, Technical Report CMU/SEI-2007-TR-001, 1-Sep-2007 [Online]. Available: https://doi.org/10.1184/R1/6572207.v1. [Accessed: 18-Apr-2024].

Chaki, Sagar, James Ivers, Peter Lee, Kurt Wallnau, and Noam Zeilberger. "Certified Binaries for Software Components." (Technical Report CMU/SEI-2007-TR-001). Carnegie Mellon University, Software Engineering Institute's Digital Library, Software Engineering Institute, 1 Sep. 2007. https://doi.org/10.1184/R1/6572207.v1. Accessed 18 Apr. 2024.

Chaki, Sagar; Ivers, James; Lee, Peter; Wallnau, Kurt; & Zeilberger, Noam. Certified Binaries for Software Components. CMU/SEI-2007-TR-001. Software Engineering Institute. 2007. https://doi.org/10.1184/R1/6572207.v1

Ask a question about this Technical Report