Browse > Article
http://dx.doi.org/10.17662/ksdim.2011.7.2.029

A Design of Verification Framework for Java Bytecode  

Kim, Je Min (인하대학교 컴퓨터정보공학과)
Park, Joon Seok (인하대학교 컴퓨터정보공학부)
Yoo, Weon Hee (인하대학교 컴퓨터정보공학부)
Publication Information
Journal of Korea Society of Digital Industry and Information Management / v.7, no.2, 2011 , pp. 29-37 More about this Journal
Abstract
Java bytecode verification is a critical process to guarantee the safety of transmitted Java applet on the web or contemporary embedded devices. We propose a design of framework which enables to analyze and verify java bytecode. The designed framework translates from a java bytecode into the intermediate representation which can specify a properties of program without using an operand stack. Using the framework is able to produce automatically error specifications that could be occurred in a program and express specifications annotated in intermediate representation by a user. Furthermore we design a verification condition generator which converts from an intermediate representation to a verification condition, a verification engine which verifies verification conditions from verification condition generator, and a result reporter which displays results of verification.
Keywords
Verification; Java Bytecode; Proof Carrying Code;
Citations & Related Records
연도 인용수 순위
  • Reference
1 DeLine, R. and Leino, K. R. M., "BoogiePL: A typed procedural language for checking object-oriented programs," Technical Report MSR-TR-2005-70, Microsoft Research, 2005.
2 Aydemir, B., Bohannon, A., and Weirich, S., "Nominal Reasoning Techniques in Coq," Electronic Notes in Theoretical Computer Science, Vol. 174, No. 5, 2007, pp. 69-77.   DOI   ScienceOn
3 Graf, S. and Saidi, H., "Construction of Abstract State Graphs with PVS," Proceedings of the 9th International Conference on Computer Aided Verification, June 22-25, 1997, pp. 72-83.
4 Nipkow, T., Paulson, L. C., and Wenzel, M., "Isabelle/HOL," LNCS, Vol. 2283. Springer, Heidelberg, 2002.
5 Dijkstra, E. W., "Guarded commands, nondeterminacy and formal derivation of programs," Communications of the ACM, Vol. 18, No. 8, Aug. 1975, pp. 453-457.   DOI   ScienceOn
6 Barnett, M. and Leino, K. R. M., "Weakest-precondition of unstructured programs," Proceedings of the 6th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering, Lisbon, Portugal, September 05-06, 2005.
7 Barrett, C. and Tinelli, C., "CVC3," Proceedings of the 19th international conference on Computer aided verification, Berlin, Germany, July 03-07, 2007.
8 Dutertre, B. and De Moura, L., "The yices smt solver," Technical report, SRI International, 2006.
9 노시춘.성중안, "정보보호 기능구조 아키텍쳐 설계방법", 디지털산업정보학회, 제3권, 제4호, 2007, pp. 65-73.
10 김제민.김기태.유원희, "Mini x86 어셈블리어에서 보안 정보 흐름 분석", 디지털산업정보학회, 제5권, 제3호, 2009, pp. 87-98.
11 James, P. R. and Chalin, P., "ESC4: a modern caching ESC for Java," In Proceedings of the 8th international workshop on Specification and verification of component-based systems (SAVCBS '09), ACM, New York, NY, USA, 2009, pp. 19-26.
12 Spato, F., "Julia: A Generic Static Analyser for the Java Bytecode," In Proc. of the 7th Workshop on Formal Techniques for Java-like Programs, FTfJP'2005, Glasgow, Scotland, July 2005.
13 Necula, G. C., "Proof-carrying code," In Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages (POPL '97). ACM, New York, NY, USA, pp. 106-119.
14 Gary T. Leavens. 2007. Tutorial on JML, the java modeling language. In Proceedings of the twenty-second IEEE/ACM international conference on Automated software engineering (ASE '07). ACM, New York, NY, USA, pp. 573-573.
15 Barthe, G., et al., "JACK: a tool for validation of security and behaviour of Java applications," In Proceedings of the 5th international conference on Formal methods for components and objects (FMCO'06), Springer-Verlag, Berlin, Heidelberg, 2007, pp. 152-174.
16 Barnett, M., et al., "The Spec# Programming System: Challenges and Directions," In Verified Software: Theories, Tools, Experiments, Lecture Notes In Computer Science, Vol. 4171. Springer-Verlag, Berlin, Heidelberg, 2005, pp. 144-152.
17 DeLine, R. and Leino, K. R. M., "BoogiePL: A typed procedural language for checking object-oriented programs," Technical Report MSR-TR-2005-70, Microsoft Research, 2005.
18 De Moura, L. and Bjorner, N., "Z3: an efficient SMT solver," Proceedings of the Theory and practice of software, 14th international conference on Tools and algorithms for the construction and analysis of systems, March 29-April 06, 2008.
19 Ahrendt, W., et al., "KeY: a formal method for object-oriented systems," In Proceedings of the 9th IFIP WG 6. 1 international conference on Formal methods for open object-based distributed systems (FMOODS'07), Springer-Verlag, Berlin, Heidelberg, 2007, pp. 32-43.