1 / 41

Automated tactics for separation logic VeriML Reconstruct Z3 Proof Safe incremental type checker

Automated tactics for separation logic VeriML Reconstruct Z3 Proof Safe incremental type checker Certifying code transformation Proof carrying hardware IP. Automated tactics for separation logic. Version 1 Certified verifier for a fragment of separation logic in Coq

berne
Télécharger la présentation

Automated tactics for separation logic VeriML Reconstruct Z3 Proof Safe incremental type checker

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Automated tactics for separation logic • VeriML • Reconstruct Z3 Proof • Safe incremental type checker • Certifying code transformation • Proof carrying hardware IP

  2. Automated tactics for separation logic • Version 1 • Certified verifier for a fragment of separation logic in Coq • Without predicates ( list, tree … ) • Prover written in SML handle these predicates and output proof trace • Tactic to reconstruct proof from these proof trace in Coq • Version 2 • Hard coded list and tree into the certified verifier • Use a forked version Coq which supports native arrays to speed up the verifier • Version 3 ( Ongoing ) • More generic way to support user defined predicates

  3. Reconstruct Z3 Proof • Reconstruct proof in VeriML using output from Z3

  4. Start from SAT Solvers • Decide propositional satisfiablity of sets of clauses: • Proof Witness from SAT solver: • If satisfiable: assignment of all the variables • If unsatisfiable: proof by resolution of the empty clause • Resolution rule:

  5. Example • Satisfiable: • Unsatisfiable:

  6. SAT Modulo Theories(SMT solver) • Atoms can be formulas from other theories • Congruence Closure(EUF) • Linear Arithmetic(LIA) • …. • Proof witness • If satisfiable: assignment of all the variables • If unsatisfiable: proof by resolution of the empty clause while some leaves are now lemmas from theories

  7. Example • Satisfiable : • Unsatisfiable:

  8. Interaction between SAT and SMT • With boolean abstraction: • First try: A:true, B:true, C:true, D:true, E:false • Unsat by a multi-theory solver, thus we add a theory: • Repeat until sat or no more model can be found

  9. Reconstruct proof • If sat: apply the assignment and check the result is true • If unsat: check the resolution tree • Checking resolution step (SAT solver) • Checking theory lemmas (SMT solver) • Combination of theories

  10. What we need • resolution checker • checker for each theory • checker for the resolution tree which calls these two kinds of checkers at each step

  11. Example

  12. Example

  13. Example

  14. Example

  15. Example

  16. Encoding in VeriML • Only consider CNF clause • Variable • Assignment: Nat-> Bool • Literal : • Clause: List Literal • State: List ( clauseID * Clause ) • get : S -> clauseID -> C set: S -> clauseID -> C -> S • Proof trace: ?? • A realistic Checker: State -> Trace -> Bool

  17. Interpretation • Given assignment • Var: v • Literal: • Clause: • Valid state • Soundness of checker:

  18. Start from SAT solver • Resolution Chain: List Nat • Resolve : Clause->Clause->Clause • resolution between clause C1 and C2. • Resolution checker: Resolution Chain-> Clause • for resolution chain [n1,n2,…n] and state S, • R(..(R( S[n1], S[n2]),…),S[n]) • Proof trace: List (clauseID*Resolution Chain) • Reconstruct the proof: • List.fold (fun (id,rc) => set s (resolution_checkerrc) id) trace • After this, we have the empty clause in state which indicates the state is not valid

  19. Example Initial State: [ [2,4], [2,5,6], [3,6], [7] ] Resolutions: [ (5,[1,3,0]) , (6,[2,3] ) , (7,[5,6]) ] Resolve two clause: [2,4] [2,5,6]  [2,6] ( a modified merge sort )

  20. Naïve framework for SMT solver • Certificate from different theories • Inductive cert: • | sat_solversat_cert • | euf_solvereuf_cert • | lia_solverlia_cert • …. • Trace might be like: List (clauseID*cert) • Checkers for each theory • And finally the checker for SMT solver • checker s trace = • List.fold (fun (id,cert) => set s (cert_checker cert) id

  21. Problem Witness SMT Resolution CNF EUF LIA VeriML Checker

  22. Z3 Proof • Example • 34 Axiom • 19 core rules : mostly are propositional reasoning • 5 equality rules : refl, symm, trans, … • 7 quantifier rules : quant-inst, quant-intro, … • 3 theory rules : rewrite, inconsistent, …

  23. Reconstruction • Overall approach: • one proof method for every Z3 inference rule • depth-first traversal of Z3 proof

  24. Conclusion • A prototype to reconstruct zChaff(SAT solver) proof • Very slow in performance • Ongoing with Z3 reconstruction

  25. Safe Incremental Type Checker • Type checking is more and more an interaction between the programmer and the type-checker • The richer the type system is, the more expensive type checking gets • Example • Type inference ( unification) • Dependent types • Very large term ( proof term ) • Complex language ( C++ )

  26. Goal • Reuse already-computed results • Recheck only the modified part and where it affects • Example

  27. Benefit • fast type checking modified code • this could also be used to tactic language, and refinement? • typed version control as we always have well-typed program and its type derivations • “undo” for free

  28. If we simply use memorization • We can only do syntactic comparison • We can’t do • weakening: let x = 1 and let y = 2 in x  let x = 1 and let y = 2 in x • -equivalence • other possible user extensible conversions • it’s outside typing rule

  29. Difficulties • A language to describe delta between different versions • Slice the code into each typing step • A language to store typing derivations • Higher order terms with meta variables • Build it up • Repository : store type derivations • Delta: describe difference between two versions of code • Incremental checker: check : repo -> delta -> repo • try to reduce the complexity to

  30. A language to store typing derivations • VeriML support contextual terms in computation language, thus possible to present typing derivations • How to make it generic? • A language to describe delta between different versions • Got stuck here

  31. Scratch

  32. Given signature: • t1 = g a • t2 = g (g a)

  33. Certifying Code Transformation • How to certify code transformation? • Verified Compiler • Translation Validation • VeriML approach

  34. Verified Compiler

  35. Translation Validation

  36. Approach with VeriML

  37. Naïve Example

  38. Scratch • ImplementationLogical language • Heap implementation • Language definition and semantics • Computation language • Symbolic execution(VCGen) • Tacitc to proof Hoare Triple • Practical Code transformation examples

  39. Conclusion • The thing we need to proof isn't less than translation validation • we can do it in a single lanuguage which easier to write proof with and we get more proof • The whole picture is still vague

  40. Proof Carrying Hardware • Current work • A formalization of Intel 8051 microcontroller in Coq • RC5 hash algorithm • Proof certain ports won’t “leak” secret

More Related