STALlion: a simple typed assembly language for static analysis

Typed assembly languages have the goal of providing security guarantees, for example, for the limited use of resources in a host machine or the detection of autoupdate code. This work presents a simple typed assembly language which allows us to perform various kinds of static analysis tasks with the purpose of detecting flaws in the code security. The security policy we use guarantees type and memory safety. Moreover, wa can ensure that non-initialized variables are not read, and that there is no out-of-bound array accesses. The language we present, called STALlion, was designed in order to interpret a particular kind of imperative programs, more specifically abstract syntax tree.

[1]  George C. Necula,et al.  Proof-Carrying Code with Untrusted Proof Rules , 2002, ISSS.

[2]  Fred B. Schneider,et al.  Enforceable security policies , 2000, TSEC.

[3]  George C. Necula,et al.  A Gradual Approach to a More Trustworthy, Yet Scalable, Proof-Carrying Code , 2002, CADE.

[4]  Peter Lee,et al.  Temporal Logic for Proof-Carrying Code , 2002, CADE.

[5]  Gabriel Baum,et al.  A framework for execution of secure mobile code based on static analysis , 2004, XXIV International Conference of the Chilean Computer Science Society.

[6]  Gabriel Alfredo Baum,et al.  CCMini: a prototype of certifying compiler based on annotated abstract syntax trees , 2005 .

[7]  Frank Pfenning,et al.  A Formalization of the Proof-Carrying Code Architecture in a Linear Logical Framework , 1999 .

[8]  George C. Necula,et al.  A certifying compiler for Java , 2000, PLDI '00.

[9]  Robert Harper,et al.  A dependently typed assembly language , 2001, ICFP '01.

[10]  George C. Necula,et al.  Compiling with proofs , 1998 .

[11]  Andrew W. Appel,et al.  A semantic model of types and machine instructions for proof-carrying code , 2000, POPL '00.

[12]  Gabriel Alfredo Baum,et al.  A new approach for the prediction of end-to-end performance of multimedia streams , 2004 .

[13]  George C. Necula,et al.  The design and implementation of a certifying compiler , 1998, PLDI.

[14]  David Aspinall,et al.  Heap-Bounded Assembly Language , 2004, Journal of Automated Reasoning.

[15]  Andrew W. Appel,et al.  Foundational proof-carrying code , 2001, Proceedings 16th Annual IEEE Symposium on Logic in Computer Science.

[16]  David Walker,et al.  Stack-based typed assembly language , 1998, Journal of Functional Programming.

[17]  George C. Necula,et al.  A sound framework for untrusted verification-condition generators , 2003, 18th Annual IEEE Symposium of Logic in Computer Science, 2003. Proceedings..

[18]  Ricardo Medel,et al.  Implementing a typed assembly language and its machine model , 2002 .