English
Related papers

Related papers: VST-Flow: Fine-grained low-level reasoning about r…

200 papers

Current approaches for formal verification of algorithms face important limitations. For specification, they cannot express algorithms naturally and concisely, especially for algorithms with states and flexible control flow. For…

Programming Languages · Computer Science 2025-05-01 Chengxi Yang , Shushu Wu , Qinxiang Cao

Remote attestation is a crucial security service particularly relevant to increasingly popular IoT (and other embedded) devices. It allows a trusted party (verifier) to learn the state of a remote, and potentially malware-infected, device…

Cryptography and Security · Computer Science 2016-08-18 Tigist Abera , N. Asokan , Lucas Davi , Jan-Erik Ekberg , Thomas Nyman , Andrew Paverd , Ahmad-Reza Sadeghi , Gene Tsudik

How to apply automated verification technology such as model checking and static program analysis to millions of lines of embedded C/C++ code? How to package this technology in a way that it can be used by software developers and engineers,…

Software Engineering · Computer Science 2013-01-03 Ralf Huuck

VeriFast is a prototype tool based on separation logic for modular verification of C and Java programs. We are in the process of adding support for C++. In this report, we describe the features of C++ for which we added support so far, as…

Logic in Computer Science · Computer Science 2022-12-29 Niels Mommen , Bart Jacobs

Noninterference is a popular semantic security condition because it offers strong end-to-end guarantees, it is inherently compositional, and it can be enforced using a simple security type system. Unfortunately, it is too restrictive for…

Cryptography and Security · Computer Science 2021-01-14 Ethan Cecchetti , Andrew C. Myers , Owen Arden

While Chain-of-Thought (CoT) prompting enhances the reasoning capabilities of large language models, the faithfulness of the generated rationales remains an open problem for model interpretability. We propose a novel theoretical lens for…

Artificial Intelligence · Computer Science 2025-10-02 Elija Perrier

Control-flow attestation unifies the worlds of control-flow integrity and platform attestation by measuring and reporting a target's run-time behaviour to a verifier. Trust assurances in the target are provided by testing whether its…

Cryptography and Security · Computer Science 2024-12-05 Zhanyu Sha , Carlton Shepherd , Amir Rafi , Konstantinos Markantonakis

We present the design, implementation, and foundation of a verifier for higher-order functional programs with generics and recursive data types. Our system supports proving safety and termination using preconditions, postconditions and…

Logic in Computer Science · Computer Science 2020-03-25 Jad Hamza , Nicolas Voirol , Viktor Kunčak

As modern hardware designs grow in complexity and size, ensuring security across the confidentiality, integrity, and availability (CIA) triad becomes increasingly challenging. Information flow tracking (IFT) is a widely-used approach to…

Cryptography and Security · Computer Science 2025-04-10 Nowfel Mashnoor , Mohammad Akyash , Hadi Kamali , Kimia Azar

Information flow control (IFC) provides confidentiality by enforcing noninterference, which ensures that high-secrecy values cannot affect low-secrecy values. Prior work introduces fine-grained IFC approaches that modify the programming…

Programming Languages · Computer Science 2024-03-20 Ada Lamba , Max Taylor , Vincent Beardsley , Jacob Bambeck , Michael D. Bond , Zhiqiang Lin

This paper investigates a flow- and path-sensitive static information flow analysis. Compared with security type systems with fixed labels, it has been shown that flow-sensitive type systems accept more secure programs. We show that an…

Programming Languages · Computer Science 2017-06-22 Peixuan Li , Danfeng Zhang

Remote run-time attestation methods, including Control Flow Attestation (CFA) and Data Flow Attestation (DFA), have been proposed to generate precise evidence of execution's control flow path (in CFA) and optionally execution data inputs…

Cryptography and Security · Computer Science 2025-07-08 Adam Caulfield , Norrathep Rattanavipanon , Ivan De Oliveira Nunes

In this paper we describe a method for verifying secure information flow of programs, where apart from direct and indirect flows a secret information can be leaked through covert timing channels. That is, no two computations of a program…

Programming Languages · Computer Science 2013-07-18 Aleksandar S. Dimovski

We introduce knowledge flow analysis, a simple and flexible formalism for checking cryptographic protocols. Knowledge flows provide a uniform language for expressing the actions of principals, assump- tions about intruders, and the…

Cryptography and Security · Computer Science 2007-05-23 Marten van Dijk , Emina Torlak , Blaise Gassend , Srinivas Devadas

This paper presents a proof system for reasoning about execution time bounds for a core imperative programming language. Proof systems are defined for three different scenarios: approximations of the worst-case execution time, exact time…

Programming Languages · Computer Science 2022-10-28 Ana Carolina Silva , Manuel Barbosa , Mario Florido

With experimental quantum computing technologies now in their infancy, the search for efficient means of testing the correctness of these quantum computations is becoming more pressing. An approach to the verification of quantum computation…

Quantum Physics · Physics 2018-04-18 Alexandru Gheorghiu , Matty J. Hoban , Elham Kashefi

We develop a theoretical framework for defining and identifying flows of information in computational systems. Here, a computational system is assumed to be a directed graph, with "clocked" nodes that send transmissions to each other along…

Information Theory · Computer Science 2023-07-21 Praveen Venkatesh , Sanghamitra Dutta , Pulkit Grover

The wide adoption of IoT gadgets and Cyber-Physical Systems (CPS) makes embedded devices increasingly important. While some of these devices perform mission-critical tasks, they are usually implemented using Micro-Controller Units (MCUs)…

Cryptography and Security · Computer Science 2023-03-08 Antonio Joia Neto , Ivan de Oliveira Nunes

In security-critical software applications, confidential information must be prevented from leaking to unauthorized sinks. Static analysis techniques are widespread to enforce a secure information flow by checking a program after…

Cryptography and Security · Computer Science 2022-08-05 Tobias Runge , Alexander Kittelmann , Marco Servetto , Alex Potanin , Ina Schaefer

Formal verification provides strong guarantees of correctness of software, which are especially important in safety or security critical systems. Hoare logic is a widely used formalism for rigorous verification of software against…

Programming Languages · Computer Science 2021-03-11 Jayaraj Poroor