Refereed games are interactive proof systems with two competing provers: one that tries to convince the verifier to accept and another that tries to convince the verifier to rej...
Abstract. A verified compiler is an integral part of every security infrastructure. Previous work has come up with formal semantics for sequential and concurrent variants of Java a...
We describe a sound method for automatically proving Hoare triples for loop-free code in Separation Logic, for certain preconditions and postconditions (symbolic heaps). The method...
Josh Berdine, Cristiano Calcagno, Peter W. O'Hearn
We present the Mobile Resource Guarantees framework: a system for ensuring that downloaded programs are free from run-time violations of resource bounds. Certificates are attached...
David Aspinall, Stephen Gilmore, Martin Hofmann, D...
Abstract. The hiding of internal invariants creates a mismatch between procedure specifications in an interface and proof obligations on the implementations of those procedures. T...