English
Related papers

Related papers: Translation Validation for Security Properties

200 papers

Software system certification presents itself with many challenges, including the necessity to certify the system at the level of functional requirements, code and binary levels, the need to chase down run-time errors, and the need for…

Software Engineering · Computer Science 2007-05-23 Eric Feron , Mardavij Roozbehani

Developing secure distributed systems is difficult, and even harder when advanced cryptography must be used to achieve security goals. Following prior work, we advocate using secure program partitioning to synthesize cryptographic…

Cryptography and Security · Computer Science 2024-01-10 Coşku Acay , Joshua Gancher , Rolph Recto , Andrew C. Myers

Classes on compiler technology are commonly found in Computer Science curricula, covering aspects of parsing, semantic analysis, intermediate transformations and target code generation. This paper reports on introducing certified…

Programming Languages · Computer Science 2019-06-28 Per Lindgren , Marcus Lindner , Nils Fitinghoff

Traditionally, practitioners use formal methods pre-dominately for one half of the quality-assurance process: verification (do we build the software right?). The other half -- validation (do we build the right software?) -- has been given…

Software Engineering · Computer Science 2021-02-12 Atif Mashkoor , Michael Leuschel , Alexander Egyed

Undefined behavior in C often causes devastating security vulnerabilities. One practical mitigation is compartmentalization, which allows developers to structure large programs into mutually distrustful compartments with clearly specified…

Attackers can access sensitive information of programs by exploiting the side-effects of speculatively-executed instructions using Spectre attacks. To mitigate theses attacks, popular compilers deployed a wide range of countermeasures. The…

Programming Languages · Computer Science 2021-09-13 Marco Patrignani , Marco Guarnieri

We propose a security verification framework for cryptographic protocols using machine learning. In recent years, as cryptographic protocols have become more complex, research on automatic verification techniques has been focused on. The…

Cryptography and Security · Computer Science 2023-04-27 Kentaro Ohno , Misato Nakabayashi

During the past few years, we have witnessed various efforts to provide confidentiality and integrity for applications running in untrusted environments such as public clouds. In most of these approaches, hardware extensions such as Intel…

Cryptography and Security · Computer Science 2025-11-25 Robert Krahn , Nikson Kanti Paul , Franz Gregor , Do Le Quoc , Andrey Brito , André Martin , Christof Fetzer

Proving only over source code that programs do not leak sensitive data leaves a gap between reasoning and reality that can only be filled by accounting for the behaviour of the compiler. Furthermore, software does not always have the luxury…

Programming Languages · Computer Science 2023-06-22 Robert Sison , Toby Murray

Validating network paths taken by packets is critical for a secure Internet architecture. Any feasible solution must both enforce packet forwarding along endhost-specified paths and verify whether packets have taken those paths. However,…

Networking and Internet Architecture · Computer Science 2018-04-26 Kai Bu , Yutian Yang , Avery Laird , Jiaqing Luo , Yingjiu Li , Kui Ren

Dependently typed languages such as Coq are used to specify and verify the full functional correctness of source programs. Type-preserving compilation can be used to preserve these specifications and proofs of correctness through…

Programming Languages · Computer Science 2018-08-14 William J. Bowman , Amal Ahmed

We propose to validate experimentally a theory of software certification that proceeds from assessment of confidence in fault-freeness (due to standards) to conservative prediction of failure-free operation.

Software Engineering · Computer Science 2014-04-29 John Rushby , Bev Littlewood , Lorenzo Strigini

Early stages of system development involve outlining desired features such as functionality, availability, or usability. Specifications are derived from these features that concretize vague ideas presented in natural languages. The…

Software Engineering · Computer Science 2014-10-09 Rongjie Yan , Chih-Hong Cheng , Guangquan Zhang , Yesheng Chai

Secure compilation studies compilers that generate target-level components that are as secure as their source-level counterparts. Full abstraction is the most widely-proven property when defining a secure compiler. A compiler is modular if…

Programming Languages · Computer Science 2016-04-19 Marco Patrignani , Dominique Devriese , Frank Piessens

Many security and software testing applications require checking whether certain properties of a program hold for any possible usage scenario. For instance, a tool for identifying software vulnerabilities may need to rule out the existence…

Software Engineering · Computer Science 2018-05-03 Roberto Baldoni , Emilio Coppa , Daniele Cono D'Elia , Camil Demetrescu , Irene Finocchi

Recent frontier large language models (LLMs) have shown strong performance in identifying security vulnerabilities in large, mature open-source systems. As LLM-generated code becomes increasingly common, a natural goal is to prevent such…

Software Engineering · Computer Science 2026-05-13 Zhaorui Li , Chengyu Song

Many tools and libraries are readily available to build and operate distributed Web applications. While the setup of operational environments is comparatively easy, practice shows that their continuous secure operation is more difficult to…

Cryptography and Security · Computer Science 2012-07-13 Matteo Maria Casalino , Michele Mangili , Henrik Plate , Serena Elisa Ponta

Firewalls are security devices that perform network traffic filtering. They are ubiquitous in the industry and are a common method used to enforce organizational security policy. Security policy is specified on a high level of abstraction,…

Cryptography and Security · Computer Science 2022-12-08 Ivan Kovačević , Bruno Štengl , Stjepan Groš

We propose PRISM to enable users of machine translation systems to preserve the privacy of data on their own initiative. There is a growing demand to apply machine translation systems to data that require privacy protection. While several…

Cryptography and Security · Computer Science 2023-12-08 Ryoma Sato

Validation is one of the software engineering disciplines that help build quality into software. The major objective of software validation process is to determine that the software performs its intended functions correctly and provide…

Software Engineering · Computer Science 2011-03-22 Mahmoud Khraiwesh