Igloo: soundly linking compositional refinement and separation logic for distributed system verification

Lighthouse projects like CompCert, seL4, IronFleet, and DeepSpec have demonstrated that full system verification is feasible by establishing a refinement between an abstract system specification and an executable implementation. Existing approaches however impose severe restrictions on the abstract...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:Proceedings of ACM on programming languages Ročník 4; číslo OOPSLA; s. 1 - 31
Hlavní autoři: Sprenger, Christoph, Klenze, Tobias, Eilers, Marco, Wolf, Felix A., Müller, Peter, Clochard, Martin, Basin, David
Médium: Journal Article
Jazyk:angličtina
Vydáno: New York, NY, USA ACM 13.11.2020
Témata:
Computer systems organization
Computing methodologies
Dependable and fault-tolerant systems and networks
Distributed algorithms
Distributed computing methodologies
Formal methods and theory of security
Higher order logic
Logic
Logic and verification
Security and privacy
Separation logic
Theory of computation
higher-order logic
security protocols
leader election
fault-tolerance
tool interoperability
separation logic
compositional refinement
distributed systems
end-to-end verification
ISSN:2475-1421, 2475-1421
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:Lighthouse projects like CompCert, seL4, IronFleet, and DeepSpec have demonstrated that full system verification is feasible by establishing a refinement between an abstract system specification and an executable implementation. Existing approaches however impose severe restrictions on the abstract system specifications due to their limited expressiveness or versatility, or on the executable code due to their use of suboptimal code extraction or inexpressive program logics. We propose a novel methodology that combines the compositional refinement of event-based models of distributed systems with the verification of full-fledged program code using expressive separation logics, which support features of realistic programming languages like heap data structures and concurrency. Our main technical contribution is a formal framework that soundly relates event-based system models to program specifications in separation logics. This enables protocol development tools to soundly interoperate with program verifiers to establish a refinement between the model and the code. We formalized our framework, Igloo, in Isabelle/HOL. We report on three case studies, a leader election protocol, a replication protocol, and a security protocol, for which we refine formal requirements into program specifications that we implement in Java and Python and prove correct using the VeriFast and Nagini tools.
ISSN:2475-1421
2475-1421
DOI:10.1145/3428220