Title :
Verification State-Space Reduction through Restricted Parsing Environments
Author :
Torrey, Jacob I. ; Bridgman, Mark P.
Author_Institution :
Assured Inf. Security, Greenwood Village, CO, USA
Abstract :
We discuss the potential for significant reduction in size and complexity of verification tasks for input-handling software when such software is constructed according to Lang Sec principles, i.e., Is designed as a recognizer for a particular language of valid inputs and is compiled for a suitably limited computational model no stronger than needed for the recognition task. We introduce Crema, a programming language and restricted execution environment of sub-Turing power, and conduct a case study to estimate and compare the respective sizes of verification tasks for the qmail SMTP parsing code fragments when executed natively vs in Crema -- using LLVM and KLEE. We also study the application of the same principles to the verification of reference monitors.
Keywords :
formal verification; grammars; high level languages; program compilers; state-space methods; Crema; KLEE; LLVM; LangSec principles; input-handling software; programming language; qmail SMTP parsing code fragments; restricted execution environment; restricted parsing environments; sub-Turing power; verification state-space reduction; verification tasks; Computational modeling; Computer languages; Grammar; Reactive power; Security; Software; Turing machines; LLVM; LangSec; Walther recursion; language-theoretic security; parsing; programming languages; qmail; verification;
Conference_Titel :
Security and Privacy Workshops (SPW), 2015 IEEE
Conference_Location :
San Jose, CA
DOI :
10.1109/SPW.2015.30
