Skip to main content
SpringerLink
Log in

Abstraction-Carrying Code: a Model for Mobile Code Safety

  • Published:
New Generation Computing Aims and scope Submit manuscript

Abstract

Proof-Carrying Code (PCC) is a general approach to mobile code safety in which programs are augmented with a certificate (or proof). The intended benefit is that the program consumer can locally validate the certificate w.r.t. the “untrusted” program by means of a certificate checker—a process which should be much simpler, efficient, and automatic than generating the original proof. The practical uptake of PCC greatly depends on the existence of a variety of enabling technologies which allow both proving programs correct and replacing a costly verification process by an efficient checking procedure on the consumer side. In this work we propose Abstraction-Carrying Code (ACC), a novel approach which uses abstract interpretation as enabling technology. We argue that the large body of applications of abstract interpretation to program verification is amenable to the overall PCC scheme. In particular, we rely on an expressive class of safety policies which can be defined over different abstract domains. We use an abstraction (or abstract model) of the program computed by standard static analyzers as a certificate. The validity of the abstraction on the consumer side is checked in a single pass by a very efficient and specialized abstract-interpreter. We believe that ACC brings the expressiveness, flexibility and automation which is inherent in abstract interpretation techniques to the area of mobile code safety.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Albert, E., Arenas, P., Puebla, G. and Hermenegildo, M., “Reduced Certificates for Abstraction-Carrying Code,” in 22nd International Conference on Logic Programming (ICLP 2006), LNCS 4079, Springer-Verlag, pp. 163-178, August 2006.

  2. Albert, E., Gómez-Zamalloa, M., Hubert, L. and Puebla, G., “Verification of Java Bytecode using Analysis and Transformation of Logic Programs,” in Ninth Int. Symp. on Practical Aspects of Declarative Languages, LNCS 4354, Springer-Verlag, pp 124-139, January 2007.

  3. Appel, A. and Felty, A. “Lightweight Lemmas in lambda-Prolog,” in Proc. of ICLP’99, MIT Press, pp. 411-425, 1999.

  4. Aspinall, D., Gilmore, S., Hofmann, M, Sannella, D. and Stark, I., “Mobile Resource Guarantees for Smart Devices,” in CASSIS’04 (Barthe, G., Burdy, L., Huisman, M. Lanet, J.-L. and Muntean, T. eds.), LNCS 3362, Springer, pp. 1-27, 2005.

  5. Barras, B., Boutin, S., Cornes, C., Courant, J., Filliatre, J., Gimenez, E., Herbelin, H., Huet, G., Munoz, C., Murthy, C., Parent, C., Paulin-Mohring, C., Saibi, A. and Werner, B, “The Coq proof assistant reference manual : Version 6.1,” Technical Report RT-0203, 1997, citeseer.ist.psu.edu/barras97coq.html.

  6. Bernard, A. and Lee, P. “Temporal logic for proof-carrying code,” in Proc. of CADE’02, LINCS, Springer, pp. 31-46, 2002.

  7. Besson, F., Jensen, T. and Pichardie, D., “A pcc architecture based on certified abstract interpretation,” in Proc. of First Int. Workshop on Emerging Applications of Abstract Interpretation (EAAI’06), Electronic Notes in Theoretical Computer Science (ENTCS), 2006.

  8. Bruynooghe, M, “A Practical Framework for the Abstract Interpretation of Logic Programs,” Journal of Logic Programming, 10, pp. 91-124, 1991.

    Article  MathSciNet  Google Scholar 

  9. Bueno, F., Cabeza, D., Carro, M. Hermenegildo, M., López-Garciá, P. and Puebla, G., “The Ciao Prolog System. Reference Manual (v1.8),” The Ciao System Documentation Series-TR CLIP4/2002.1, School of Computer Science, Technical University of Madrid (UPM), May 2002. System and on-line version of the manual available at http://www.ciaohome.org.

  10. Bueno, F., García de la Banda, M. and Hermenegildo, M., “Effectiveness of Global Analysis in Strict Independence-Based Automatic Program Parallelization,” in Int. Symp. on Logic Programming, MIT Press, pp. 320-336, November 1994.

  11. Cachera, D., Jensen, T., Pichardie, D. and Rusu, V., “Extracting a Data Flow Analyser in Constructive Logic,” in Proc. of ESOP 2004, LNCS 2986, pp. 385-400, 2004.

  12. Charatonik, W., “Directional Type Checking for Logic Programs: Beyond Discriminative Types,” in Proc. of ESOP 2000, LINCS 1782, pp. 72-87, 2000.

  13. Le Charlier, B., Degimbe, O., Michael, L. and Van Hentenryck, P., “Optimization Techniques for General Purpose Fixpoint Algorithms: Practical Efficiency for the Abstract Interpretation of Prolog,” in Workshop on Static Analysis, Springer-Verlag, pp. 15-26, September 1993.

  14. Le Charlier, B. and Van Hentenryck, P, “Experimental Evaluation of a Generic Abstract Interpretation Algorithm for Prolog,” ACM Transactions on Programming Languages and Systems, 16(1), pp. 35-101, 1994.

  15. Comini, M., Gori, R., Levi, G. and Volpe, P., “Abstract Interpretation based Verification of Logic Programs,” Electr. Notes Theor. Comput. Sci., 30(1), 2000.

  16. Cousot, P. and Cousot, R., “Abstract Interpretation: a Unified Lattice Model for Static Analysis of Programs by Construction or Approximation of Fixpoints,” in Proc. of POPL’77, pp. 238-252, 1977.

  17. Dart, P.W. and Zobel, J., “A Regular Type Language for Logic Programs,” in Types in Logic Programming, MIT Press, pp. 157-187, 1992.

  18. Debray, S.K., “Static Inference of Modes and Data Dependencies in Logic Programs,” ACM Transactions on Programming Languages and Systems, 11(3), pp.:418-450, 1989.

    Article  Google Scholar 

  19. Debray, S.K.(ed.), “Abstract Interpretation”, Journal of Logic Programming, Special Issue: Vol. 13(1-2), North-Holland, July 1992.

  20. Früwirth, T., Shapiro, E., Vardi, M.Y. and Yardeni, E., “Logic programs as types for logic programs,” in Proc. LICS’91, pp, 300-309, 1991.

  21. Hermenegildo, M., Puebla, G., Bueno, F. and López-García, P., “Program Development Using Abstract Interpretation (and The Ciao System Preprocessor),” in Proc. of SAS’03, LINCS 2694, Springer, pp. 127-152, 2003.

  22. Hermenegildo, M., Puebla, G., Marriott, K. and Stuckey, P., “Incremental Analysis of Constraint Logic Programs,” ACM Transactions on Programming Languages and Systems, 22(2), pp. 187-223, March 2000.

  23. Hermenegildo, M., Warren, R. and Debray, S.K., “Global Flow Analysis as a Practical Compilation Tool,” Journal of Logic Programming, 13(4), pp. 349-367, August 1992.

    Google Scholar 

  24. Jaffar, J. and Maher, M.J., “Constraint Logic Programming: A Survey,” Journal of Logic Programming, 19/20, pp. 503-581, 1994.

  25. Kelly, A., Marriott, K., Søndergaard, H. and Stuckey, P.J., “A practical object-oriented analysis engine for CLP,” Software: Practice and Experience, 28(2), pp. 188-224, 1998.

    Article  Google Scholar 

  26. Xavier Leroy, “Java bytecode verification: algorithms and formalizations,” Journal of Automated Reasoning, 30(3-4), pp. 235-269, 2003.

    Article  MATH  MathSciNet  Google Scholar 

  27. Lindholm, T. and Yellin, F., The Java Virtual Machine Specification, Addison-Wesley, 1997.

  28. Marriott, K., Søndergaard, H. and Jones, N.D., “Denotational Abstract Interpretation of Logic Programs,” ACM Transactions on Programming Languages and Systems, 16(3), pp. 607-648, 1994.

    Article  Google Scholar 

  29. Méndez-Lojo, M., Navas, J. and Hermenegildo, M., “An Efficient, Parametric Fixpoint Algorithm for Analysis of Java Bytecode,” in ETAPS Workshop on Bytecode Semantics, Verification, Analysis and Transformation (BYTECODE’07), Electronic Notes in Theoretical Computer Science. Elsevier - North Holland, March 2007. To appear.

  30. Morrisett, G., Walker, D., Crary, K. and Glew, N., “From system F to typed assembly language,” ACM Transactions on Programming Languages and Systems, 21(3), pp. 527-568, 1999.

    Article  Google Scholar 

  31. Muthukumar, K. and Hermenegildo, M., “Deriving A Fixpoint Computation Algorithm for Top-down Abstract Interpretation of Logic Programs,” Technical Report ACT-DC-153-90, Microelectronics and Computer Technology Corporation (MCC), Austin, TX 78759, April 1990.

  32. Muthukumar, K. and Hermenegildo, M., “Combined Determination of Sharing and Freeness of Program Variables Through Abstract Interpretation,” in Int. Conf. on Logic Programming, MIT Press, pp. 49-63, June 1991.

  33. Muthukumar, K. and Hermenegildo, M., “Compile-time Derivation of Variable Dependency Using Abstract Interpretation,” Journal of Logic Programming, 13(2/3), pp.315-347, July 1992.

    Google Scholar 

  34. Necula, G., “Proof-Carrying Code,” in Proc. of POPL’97, ACM Press, pp. 106-119, 1997.

  35. Necula, G. and Lee, P., “The Design and Implementation of a Certifying Compiler,” in Proc. of PLDI’98, ACM Press, 1998.

  36. Necula, G.C. and Rahul, S.P., “Oracle-based checking of untrusted software,” in Proc. of POPL’01, ACM Press, pp. 142-154, 2001.

  37. Puebla, G., Bueno, F. and Hermenegildo, M., “An Assertion Language for Constraint Logic Programs,” in Analysis and Visualization Tools for Constraint Programming, LINCS 1870, Springer, pp. 23-61, 2000.

  38. Puebla, G., Correas, J., Hermenegildo, M., Bueno, F., García de la Banda, M., Marriott, K. and Stuckey, P.J., “A Generic Framework for Context-Sensitive Analysis of Modular Programs,” in Program Development in Computational Logic, A Decade of Research Advances in Logic-Based Program Development (Bruynooghe, M. and Lau, K. eds.), LNCS 3049, Springer-Verlag, Heidelberg, Germany, pp. 234-261, August 2004.

  39. Puebla, G. and Hermenegildo, M., “Optimized Algorithms for the Incremental Analysis of Logic Programs,” in SAS’96, LINCS 1145, Springer, pp. 270-284, 1996.

  40. Rose, K., Rose, E., “Lightweight bytecode verification,” in OOPSLA Workshop on Formal Underpinnings of Java, 1998.

  41. Santos-Costa, V., Warren, D.H.D. and Yang, R., “The Andorra-I Preprocessor: Supporting Full Prolog on the Basic Andorra Model,” in Int. Conf. on Logic Programming, MIT Press, pp. 443-456, June 1991.

  42. Sekar, R., Venkatakrishnan, V.N., Basu, S., Bhatkar, S. and DuVarney, D., “Model-carrying code: A practical approach for safe execution of untrusted applications,” in Proc. of SOSP’03, ACM, pp. 15-28, 2003.

  43. Van Roy, P. and Despain, A.M., “High-Performance Logic Programming with the Aquarius Prolog Compiler,” IEEE Computer Magazine, pp. 54-68, January 1992.

  44. Vaucheret, C. and Bueno, F., “More Precise yet Efficient Type Inference for Logic Programs,” in Int. Static Analysis Symp., LNCS 2477, Springer-Verlag, pp. 102-116, September 2002.

  45. Wildmoser, M. and Nipkow, T., “Certifying Machine Code Safety: Shallow Versus Deep Embedding,” in 17th Int. Conf. on Theorem Proving in Higher Order Logics, LNCS 3233, Springer, 2004.

  46. Xia, S. and Hook, J., “Experience with Abstraction Carrying Code,” in Electronic Notes on Theo. Comp. Sci., 89, Elsevier, 2003.

Download references

Author information

Authors and Affiliations

  1. DSIC, Complutense University of Madrid, Avda. Complutense s/n, E-28040, Madrid, Spain

    Elvira Albert

  2. Technical University of Madrid (UPM), E-28660, Boadilla del Monte, Madrid, Spain

    Germán Puebla

  3. Technical University of Madrid, Spain and CS/EECE Depts., University of New Mexico, Albuquerque, New Mexico, USA

    Manuel Hermenegildo

Authors
  1. Elvira Albert
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Germán Puebla
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Manuel Hermenegildo
    View author publications

    You can also search for this author in PubMed Google Scholar

About this article

Cite this article

Albert, E., Puebla, G. & Hermenegildo, M. Abstraction-Carrying Code: a Model for Mobile Code Safety. New Gener. Comput. 26, 171–204 (2008). https://doi.org/10.1007/s00354-008-0039-7

Download citation

  • Received:

  • Revised:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00354-008-0039-7

Keywords

Search

Navigation