A DSL for cross-domain security

Guardol is a domain-specific language focused on the creation of high-assurance network guards and the specification of guard properties. The Guardol system generates Ada code from Guardol programs and also provides specification and automated verification support. Guard programs and specifications are translated to higher order logic, then deductively transformed to a form suitable for a SMT-style decision procedure for recursive functions over tree-structured data. The result is that difficult properties of Guardol programs can be proved fully automatically.

[1]  Roberto Bruttomesso,et al.  The OpenSMT Solver , 2010, TACAS.

[2]  Viktor Kuncak,et al.  Satisfiability Modulo Recursive Programs , 2011, SAS.

[3]  Clark W. Barrett,et al.  The SMT-LIB Standard Version 2.0 , 2010 .

[4]  K. Rustan M. Leino,et al.  A Polymorphic Intermediate Verification Language: Design and Logical Encoding , 2010, TACAS.

[5]  Benjamin Livshits,et al.  Fast and Precise Sanitizer Analysis with BEK , 2011, USENIX Security Symposium.

[6]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[7]  Heiko Behrens,et al.  Xtext: implement your language faster than the quick and dirty way , 2010, SPLASH/OOPSLA Companion.

[8]  Peter Sestoft,et al.  MK Pattern Match Compilation and Partial Evaluation , 1996, Dagstuhl Seminar on Partial Evaluation.

[9]  David Greve Assuming termination , 2009, ACL2 '09.

[10]  Darren D. Cofer,et al.  Software model checking takes off , 2010, Commun. ACM.

[11]  Michael W. Whalen,et al.  Model Checking Information Flow , 2010, Design and Verification of Microprocessor Systems for High-Assurance Applications.

[12]  Michael D. Ernst,et al.  HAMPI: a solver for string constraints , 2009, ISSTA.

[13]  Magnus O. Myreen Formal verification of machine-code programs , 2011 .

[14]  Viktor Kuncak,et al.  Decision procedures for algebraic data types with abstractions , 2010, POPL '10.

[15]  Peyton Jones,et al.  Haskell 98 language and libraries : the revised report , 2003 .

[16]  K. Rustan M. Leino,et al.  Automating Induction with an SMT Solver , 2012, VMCAI.

[17]  Nikolaj Bjørner,et al.  Z3: An Efficient SMT Solver , 2008, TACAS.

[18]  David B. MacQueen,et al.  The Definition of Standard ML (Revised) , 1997 .

[19]  Alexander Krauss,et al.  Automating recursive definitions and termination proofs in higher-order logic , 2009 .

[20]  Sascha Böhme,et al.  Reconstruction of Z3's Bit-Vector Proofs in HOL4 and Isabelle/HOL , 2011, CPP.

[21]  Robin Milner,et al.  Definition of standard ML , 1990 .

[22]  Norbert Schirmer,et al.  Verification of sequential imperative programs in Isabelle-HOL , 2006 .

[23]  Michael Norrish,et al.  A Brief Overview of HOL4 , 2008, TPHOLs.

[24]  Cesare Tinelli,et al.  DPLL( T): Fast Decision Procedures , 2004, CAV.

[25]  Maarten M. Fokkinga,et al.  Functional Programming with Bananas, Lenses, Envelopes and Barbed Wire , 1991, FPCA.