English
Related papers

Related papers: Verified Low-Level Programming Embedded in F*

200 papers

For all the successes in verifying low-level, efficient, security-critical code, little has been said or studied about the structure, architecture and engineering of such large-scale proof developments. We present the design, implementation…

Programming Languages · Computer Science 2023-07-10 Son Ho , Aymeric Fromherz , Jonathan Protzenko

Ensuring the correct functionality of systems software, given its safety-critical and low-level nature, is a primary focus in formal verification research and applications. Despite advances in verification tooling, conventional programmers…

Programming Languages · Computer Science 2025-04-04 Yiyuan Cao , Jiayi Zhuang , Houjin Chen , Jinkai Fan , Wenbo Xu , Zhiyi Wang , Di Wang , Qinxiang Cao , Yingfei Xiong , Haiyan Zhao , Zhenjiang Hu

We present Labeled Input Output in F* (LIO*), a verified framework that enforces information flow control (IFC) policies developed in F* and automatically extracted to C. Inspired by LIO, we encapsulated IFC policies into effects, but using…

Cryptography and Security · Computer Science 2020-04-29 Jean-Joseph Marty , Lucas Franceschino , Jean-Pierre Talpin , Niki Vazou

Shallow embeddings that use monads to represent effects are popular in proof-oriented languages because they are convenient for formal verification. Once shallowly embedded programs are verified, they are often extracted to mainstream…

Programming Languages · Computer Science 2026-03-31 Cezar-Constantin Andrici , Abigail Pribisova , Danel Ahman , Catalin Hritcu , Exequiel Rivas , Théo Winterhalter

Security protocols are essential building blocks of modern IT systems. Subtle flaws in their design or implementation may compromise the security of entire systems. It is, thus, important to prove the absence of such flaws through formal…

Cryptography and Security · Computer Science 2023-09-12 Linard Arquint , Malte Schwerhoff , Vaibhav Mehta , Peter Müller

Proof-oriented programs mix computational content with proofs of program correctness. However, the human effort involved in programming and proving is still substantial, despite the use of Satisfiability Modulo Theories (SMT) solvers to…

Programming Languages · Computer Science 2024-09-06 Saikat Chakraborty , Gabriel Ebner , Siddharth Bhat , Sarah Fakhoury , Sakina Fatima , Shuvendu Lahiri , Nikhil Swamy

In the last three decades, memory safety issues in system programming languages such as C or C++ have been one of the significant sources of security vulnerabilities. However, there exist only a few attempts with limited success to cope…

Software Engineering · Computer Science 2021-07-05 Felipe R. Monteiro , Mikhail R. Gadelha , Lucas C. Cordeiro

We introduce Meta-F*, a tactics and metaprogramming framework for the F* program verifier. The main novelty of Meta-F* is allowing the use of tactics and metaprogramming to discharge assertions not solvable by SMT, or to just simplify them…

Memory safety violations in low-level code, written in languages like C, continues to remain one of the major sources of software vulnerabilities. One method of removing such violations by construction is to port C code to a safe C dialect.…

Software Engineering · Computer Science 2024-04-02 Nausheen Mohammed , Akash Lal , Aseem Rastogi , Subhajit Roy , Rahul Sharma

We introduce SecRef*, a secure compilation framework protecting stateful programs verified in F* against linked unverified code, with which the program dynamically shares ML-style mutable references. To ease program verification in this…

We introduce SCIO*, a formally secure compilation framework for statically verified partial programs performing input-output (IO). The source language is an F* subset in which a verified program interacts with its IO-performing context via…

Code that is highly optimized poses a problem for program-level verification: programmers can employ various clever tricks that are non-trivial to reason about. For cryptography on low-power devices, it is nonetheless crucial that…

Cryptography and Security · Computer Science 2021-03-30 Marc Schoolderman , Jonathan Moerman , Sjaak Smetsers , Marko van Eekelen

Secure Multi-Party Computation (MPC) is an important enabling technology for data privacy in modern distributed applications. Currently, proof methods for low-level MPC protocols are primarily manual and thus tedious and error-prone, and…

Cryptography and Security · Computer Science 2024-07-24 Christian Skalka , Joseph P. Near

The application layer of Bluetooth Low Energy (BLE) is a growing source of security vulnerabilities, as developers often neglect to implement critical protections such as encryption, authentication, and freshness. While formal verification…

Cryptography and Security · Computer Science 2025-09-12 Biwei Yan , Yue Zhang , Minghui Xu , Runyu Pan , Jinku Li , Xiuzhen Cheng

Formal verification of large C programs is impeded by state-space explosion: Bounded Model Checking (BMC) tools must encode the entire state space up to the predetermined bound by unrolling all nested constructs. We present ConVer, a…

Software Engineering · Computer Science 2026-05-27 Muhammad A. A. Pirzada , Weiqi Wang , Yiannis Charalambous , Konstantin Korovin , Lucas C. Cordeiro

We introduce ${\rm C{\small LEVER}}$, a high-quality, curated benchmark of 161 problems for end-to-end verified code generation in Lean. Each problem consists of (1) the task of generating a specification that matches a held-out…

Abstract interpreters are complex pieces of software: even if the abstract interpretation theory and companion algorithms are well understood, their implementations are subject to bugs, that might question the soundness of their…

Programming Languages · Computer Science 2021-10-19 Lucas Franceschino , David Pichardie , Jean-Pierre Talpin

Writing correct programs for weak memory models such as the C11 memory model is challenging because of the weak consistency guarantees these models provide. The first program logics for the verification of such programs have recently been…

Programming Languages · Computer Science 2018-02-20 Alexander J. Summers , Peter Müller

Modern software relies on a multitude of automated testing and quality assurance tools to prevent errors, bugs and potential vulnerabilities. This study sets out to provide a head-to-head, quantitative and qualitative evaluation of six…

Software Engineering · Computer Science 2025-08-07 Damian Gnieciak , Tomasz Szandala

Code obfuscation is a popular approach to turn program comprehension and analysis harder, with the aim of mitigating threats related to malicious reverse engineering and code tampering. However, programming languages that compile to high…

Software Engineering · Computer Science 2019-01-16 Davide Pizzolotto , Mariano Ceccato
‹ Prev 1 2 3 10 Next ›