References
- G. C. Necula, "Proof-carrying code," in Proceedings of the 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, Paris, France, 1997, pp. 106-119.
- G. C. Necula and P. Lee, "Safe, untrusted agents using proof-carrying code," in Mobile Agents and Security. Heidelberg: Springer, 1998, pp. 61-91.
- A. W. Appel, "Foundational proof-carrying code," in Proceedings of the 16th Annual IEEE Symposium on Logic in Computer Science, Boston, MA, 2001, pp. 247-256.
- A. W. Appel and D. McAllester, "An indexed model of recursive types for foundational proof-carrying code," ACM Transactions on Programming Languages and Systems, vol. 23, no. 5, pp. 657-683, 2001. https://doi.org/10.1145/504709.504712
- J. Vanegue, "The weird machines in proof-carrying code," in Proceedings of the IEEE Security and Privacy Workshops, San Jose, CA, 2014, pp. 209-213.
- X. Leroy, "Formal verification of a realistic compiler," Communications of the ACM, vol. 52, no. 7, pp. 107-115, 2009. https://doi.org/10.1145/1538788.1538814
- G. Morrisett, D. Walker, K. Crary, and N. Glew, "From system F to typed assembly language," ACM Transactions on Programming Languages and Systems, vol. 21, no. 3, pp. 527-568, 1999. https://doi.org/10.1145/319301.319345
- K. Crary, N. Glew, D. Grossman, R. Samuels, F. Smith, D. Walker, S. Weirich, and S. Zdancewic, "Talx86: a realistic typed assembly language," in Proceedings of ACM SIGPLAN Workshop on Compiler Support for System Software, Atlanta, GA, 1999, pp. 25-35.
- G. Morrisett, "Typed assembly language," in Advanced Topics in Types and Programming Languages. Cambridge, MA: MIT Press, 2005, pp. 141-176.
- F. Perry, L. Mackey, G. A. Reis, J. Ligatti, D. I. August, and D. Walker, "Fault-tolerant typed assembly language," ACM SIGPLAN Notices, vol. 42, pp. 42-53, 2007. https://doi.org/10.1145/1273442.1250741
- C. Lattner and V. Adve, "LLVM: a compilation framework for lifelong program analysis & transformation," in Proceedings of the International Symposium on Code Generation and Optimization: Feedback-Directed and Runtime Optimization, Palo Alto, CA, 2004, p. 75.
- M. Patrignani, P. Agten, R. Strackx, B. Jacobs, D. Clarke, and F. Piessens, "Secure compilation to protected module architectures," ACM Transactions on Programming Languages and Systems, vol. 37, no. 2, article no. 6, 2015.
- H. Xi and R. Harper, "A dependently typed assembly language," ACM SIGPLAN Notices, vol. 36, no. 10, pp. 169-180, 2001. https://doi.org/10.1145/507669.507657
- U. Norell, "Towards a practical programming language based on dependent type theory," Ph.D. dissertation, Chalmers University of Technology, Goteborg, Sweden, 2007.
- L. Augustsson, "Cayenne: a language with dependent types," in Proceedings of the 3rd ACM SIGPLAN International Conference on Functional Programming, Baltimore, MD, 1998, pp. 239-250.
- B. Barras, S. Boutin, C. Cornes, J. Courant, J. C. Filliatre, E. Gimenez, et al., "The Coq proof assistant reference manual: Version 6.1," INRIA, Report No. RT-0203, 1997.
- A. Chlipala, Certified Programming with Dependent Types: A Pragmatic Introduction to the Coq Proof Assistant. Cambridge, MA: MIT Press, 2013.
- C. McBride, "Epigram: practical programming with dependent types," in Advanced Functional Programming. Heidelberg: Springer, 2004, pp. 130-170.
- E. Brady, "Idris, a general-purpose dependently typed programming language: design and implementation," Journal of Functional Programming, vol. 23, no. 5, pp. 552-593, 2013. https://doi.org/10.1017/S095679681300018X
- A. Jeffrey, "Dependently typed web client applications," in Practical Aspects of Declarative Languages. Heidelberg: Springer, 2013, pp. 228-243.
- G. Huet and H. Herbelin, "30 years of research and development around Coq," ACM SIGPLAN Notices, vol. 49, no. 1, pp. 249-249, 2014. https://doi.org/10.1145/2666356.2594328
- A. Athalye, "CoqIOA: a formalization of I/O automata in the Coq proof assistant," Ph.D. dissertation, Massachusetts Institute of Technology, Cambridge, MA, 2017.
- S. Chatzikyriakidis and Z. Luo, "Natural language reasoning using proof assistant technology: rich typing and beyond," in Proceedings of the EACL 2014 Workshop on Type Theory and Natural Language Semantics, Gothenburg, Sweden, 2014, pp. 37-45.
- J. C. Reynolds, "Separation logic: a logic for shared mutable data structures," in Proceedings of 17th Annual IEEE Symposium on Logic in Computer Science, Copenhagen, Denmark, 2002, pp. 55-74.
- D. Distefano, P. O'Hearn, and H. Yang, "A local shape analysis based on separation logic," in Tools and Algorithms for the Construction and Analysis of Systems. Heidelberg: Springer, 2006, pp. 287-302.
- J. Berdine, C. Calcagno, and P. O'Hearn, "Symbolic execution with separation logic," in Proceedings of Asian Symposium on Programming Languages and Systems. Heidelberg: Springer, 2005, pp. 52-68.
- J. Berdine, C. Calcagno, and P. O'Hearn, "Smallfoot: modular automatic assertion checking with separation logic," in Formal Methods for Components and Objects. Heidelberg: Springer, 2005, pp. 115-137.
- X. Qiu, P. Garg, A. Stefanescu, and P. Madhusudan, "Natural proofs for structure, data, and separation," ACM SIGPLAN Notices, vol. 48, no. 6, pp. 231-242, 2013. https://doi.org/10.1145/2499370.2462169
- E. Pek, X. Qiu, and P. Madhusudan, "Natural proofs for data structure manipulation in C using separation logic," ACM SIGPLAN Notices, vol. 49, no. 6, pp. 440-451, 2014. https://doi.org/10.1145/2666356.2594325
- E. Cohen, M. Dahlweid, M. Hillebrand, D. Leinenbach, M. Moskal, T. Santen, W. Schulte, and S. Tobies, "VCC: a practical system for verifying concurrent C," in Theorem Proving in Higher Order Logics. Heidelberg: Springer, 2009, pp. 23-42.
- A. Silberschatz, P. B. Galvin, and G. Gagne, Operating System Concepts Essentials. Hoboken, NJ: John Wiley & Sons, 2014.
- R. Wahbe, S. Lucco, T. E. Anderson, and S. L. Graham, "Efficient software based fault isolation," ACM SIGOPS Operating Systems Review, vol. 27, no. 5, pp. 203-216, 1994. https://doi.org/10.1145/173668.168635
- J. A. Kroll, G. Stewart, and A. W. Appel, "Portable software fault isolation," in Proceedings of the IEEE 27th Computer Security Foundations Symposium, Vienna, Austria, 2014, pp. 18-32.
- A. Sabelfeld and A. C. Myers, "Language-based information-flow security," IEEE Journal on Selected Areas in Communications, vol. 21, no. 1, pp. 5-19, 2003. https://doi.org/10.1109/JSAC.2002.806121
- D. Costanzo, Z. Shao, and R. Gu, "End-to-end verification of information-flow security for C and assembly programs," ACM SIGPLAN Notices, vol. 51, no. 6, pp. 648-664, 2016. https://doi.org/10.1145/2980983.2908100
- G. Doychev, B. Kopf, L. Mauborgne, and J. Reineke, "Cacheaudit: a tool for the static analysis of cache side channels," ACM Transactions on Information and System Security, vol. 18, no. 1, article no. 4, 2015.
- M. Sutton, A. Greene, and P. Amini, Fuzzing: Brute Force Vulnerability Discovery. Upper Saddle River, NJ: Pearson Education, 2007.
- A. Takanen, J. D. Demott, and C. Miller, Fuzzing for Software Security Testing and Quality Assurance. Norwood, MA: Artech House, 2008.
- J. W. Duran and S. Ntafos, "A report on random testing," in Proceedings of the 5th International Conference on Software Engineering, San Diego, CA, 1981, pp. 179-183.
- P. Godefroid, A. Kiezun, and M. Y. Levin, "Grammar-based whitebox fuzzing," ACM SIGPLAN Notices, vol. 43, no. 6, pp. 206-215, 2008. https://doi.org/10.1145/1379022.1375607
- N. Stephens, J. Grosen, C. Salls, A. Dutcher, R. Wang, J. Corbetta, Y. Shoshitaishvili, C. Kruegel, and G. Vigna, "Driller: augmenting fuzzing through selective symbolic execution," in Proceedings of the 23rd Annual Network and Distributed System Security Symposium, San Diego, CA, 2016, pp. 1-16.
- I. Goldberg, D. Wagner, R. Thomas, and E. A. Brewer, "A secure environment for untrusted helper applications: confining the wily hacker," in Proceedings of the 6th Conference on USENIX Security Symposium Focusing on Applications of Cryptography, San Jose, CA, 1996.
- S. Van Acker and A. Sabelfeld, "JavaScript sandboxing: isolating and restricting client-side JavaScript," in Foundations of Security Analysis and Design VIII. Cham: Springer, 2015, pp. 32-86.
- J. G. Politz, S. Eliopoulos, A. Guha, and S. Krishnamurthi, "ADsafety: type-based verification of JavaScript sandboxing," in Proceedings of the 20th USENIX Security Symposium, San Francisco, CA, 2011,
- P. Agten, S. Van Acker, Y. Brondsema, P. H. Phung, L. Desmet, and F. Piessens, "JSand: complete clientside sandboxing of third-party JavaScript without browser modifications," in Proceedings of the 28th Annual Computer Security Applications Conference, Orlando, FL, 2012, pp. 1-10.
- P. H. Phung and L. Desmet, "A two-tier sandbox architecture for untrusted JavaScript," in Proceedings of the Workshop on JavaScript Tools, Beijing, China, 2012, pp. 1-10.
- W. Enck, P. Gilbert, S. Han, V. Tendulkar, B. G. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth, "TaintDroid: an information-flow tracking system for real time privacy monitoring on smartphones," ACM Transactions on Computer Systems, vol. 32, no. 2, article no. 5, 2014.
- D. Hedin, A. Birgisson, L. Bello, and A. Sabelfeld, "JSFlow: tracking information ow in JavaScript and its APIs," in Proceedings of the 29th Annual ACM Symposium on Applied Computing, Gyeongju, Korea, 2014, pp. 1663-1671.
- K. Claessen and J. Hughes, "QuickCheck: a lightweight tool for random testing of Haskell programs," ACM SIGPLAN notices, vol. 46, no. 4, pp. 53-64, 2011. https://doi.org/10.1145/1988042.1988046
- C. Pacheco and M. D. Ernst, "Randoop: feedback-directed random testing for Java," in Companion to the 22nd ACM SIGPLAN Conference on Object-Oriented Programming Systems and Applications, Montreal, Canada, 2007, pp. 815-816.
- P. Godefroid, N. Klarlund, and K. Sen, "DART: directed automated random testing," ACM SIGPLAN Notices, vol. 40, no. 6, pp. 213-223, 2005. https://doi.org/10.1145/1064978.1065036
- X. Leroy, "Formal certification of a compiler back-end or: programming a compiler with a proof assistant," ACM SIGPLAN Notices, vol. 41, no. 1, pp. 42-54, 2006. https://doi.org/10.1145/1111320.1111042
- J. Zhao, S. Nagarakatte, M. M. K. Martin, and S. Zdancewic, "Formalizing the LLVM intermediate representation for verified program transformations," ACM SIGPLAN Notices, vol. 47, no. 1, pp. 427-440, 2012. https://doi.org/10.1145/2103621.2103709
- L. Gu, A. Vaynberg, B. Ford, Z. Shao, and D. Costanzo, "CertiKOS: a certified kernel for secure cloud computing," in Proceedings of the 2nd Asia-Pacific Workshop on Systems, Shanghai, China, 2011.
- R. Gu, J. Koenig, T. Ramananandro, Z. Shao, X. N. Wu, S. C. Weng, H. Zhang, and Y. Guo, "Deep specifications and certified abstraction layers," ACM SIGPLAN Notices, vol. 50, no. 1, pp. 595-608, 2015. https://doi.org/10.1145/2775051.2676975
- G. Klein, K. Elphinstone, G. Heiser, J. Andronick, D. Cock, P. Derrin, et al., "seL4: formal verification of an OS kernel," in Proceedings of the ACM SIGOPS 22nd Symposium on Operating Systems Principles, Big Sky, MT, 2009, pp. 207-220.
- G. Klein, J. Andronick, G. Keller, D. Matichuk, T. Murray, and L. O'Connor, "Provably trustworthy systems," Philosophical Transactions of the Royal Society A, vol. 375, no. 2104, 2017.
- R. E. Korf, "Depth-first iterative-deepening: an optimal admissible tree search," Artificial Intelligence, vol. 27, no. 1, pp. 97-109, 1985. https://doi.org/10.1016/0004-3702(85)90084-0
- S. J. Garland and J. V. Guttag, "An overview of LP, the Larch Prover," in Rewriting Techniques and Applications. Heidelberg: Springer, 1989, pp. 137-151.
- A. Anand, A. Appel, G. Morrisett, Z. Paraskevopoulou, R. Pollack, O. S. Belanger, M. Sozeau, and M. Weaver, "CertiCoq: a verified compiler for Coq," in Proceedings of the 3rd International Workshop on Coq for Programming Languages, Paris, France, 2017.
- T. Nipkow, L. C. Paulson, and M. Wenzel, Isabelle/HOL: A Proof Assistant for Higher-Order Logic. Heidelberg: Springer, 2002.
- M. Wenzel, "Isabelle as document-oriented proof assistant," in Intelligent Computer Mathematics. Heidelberg: Springer, 2011, pp. 244-259.
- P. B. Jackson, The Nuprl Proof Development System (Version 4.2) Reference Manual and User's Guide. Ithaca, NY: Cornell University, 1994.
- S. Owre, S. Rajan, J. M. Rushby, N. Shankar, and M. Srivas, "PVS: combining specification, proof checking, and model checking," in Computer Aided Verification. Heidelberg: Springer, pp. 411-414, 1996.
- F. Pfenning and C. Schurmann, "System description: Twelf: a meta-logical framework for deductive systems," in Automated Deduction (CADE-16). Heidelberg: Springer, 1999, pp. 202-206.
- C. Schurmann, "The Twelf proof assistant," in Theorem Proving in Higher Order Logics. Heidelberg: Springer, 2009, pp. 79-83.
- P. Sewell, "REMS: rigorous engineering of mainstream systems," [Online]. Available: https://www.cl.cam.ac.uk/-pes20/rems/.
- J. Madey, "Book Review: the Z notation: a reference manual: JM Spivey. Prentice Hall International, Hemel Hempstead, United Kingdom, 1989," Science of Computer Programming, vol. 15, no. 2/3, pp. 253-255, 1990. https://doi.org/10.1016/0167-6423(90)90091-Q
- D. Jackson, Software Abstractions: Logic, Language, and Analysis. Cambridge, MA: MIT Press, 2012.
- P. H. Feiler and D. P. Gluch, Model-based Engineering with AADL: an Introduction to the SAE Architecture Analysis & Design Language. Upper Saddle River, NJ: Addison-Wesley, 2012.