

Verifiable functional purity in java

14 years 5 months ago
Verifiable functional purity in java
Proving that particular methods within a code base are functionally pure--deterministic and side-effect free--would aid verification of security properties including function invertibility, reproducibility of computation, and safety of untrusted code execution. Until now it has not been possible to automatically prove a method is functionally pure within a high-level imperative language in wide use, such as Java. We discuss a technique to prove that methods are functionally pure by writing programs in a subset of Java called Joe-E; a static verifier ensures that programs fall within the subset. In Joe-E, pure methods can be trivially recognized from their method signature. To demonstrate the practicality of our approach, we refactor an AES library, an experimental voting machine implementation, and an HTML parser to use our techniques. We prove that their top-level methods are verifiably pure and show how this provides high-level security guarantees about these routines. Our approach ...
Matthew Finifter, Adrian Mettler, Naveen Sastry, D
Added 12 Oct 2010
Updated 12 Oct 2010
Type Conference
Year 2008
Where CCS
Authors Matthew Finifter, Adrian Mettler, Naveen Sastry, David Wagner
Comments (0)