Nadeem Abdul Hamid

A Syntactic Approach to Foundational Proof-Carrying Code

Proof-carrying code (PCC) is a general framework for verifying the safety properties of machine-language programs. PCC proofs are usually written in a logic extended with language-specific typing rules; they certify safety but only if there is no bug in the typing rules. In foundational proof-carrying code (FPCC), on the other hand, proofs are constructed and verified by using strictly the foundations of mathematical logic, with no type-specific axioms. FPCC is more flexible and secure because it is not tied to any particular type system and it has a smaller trusted base. Foundational proofs, however, are much harder to construct. Previous efforts on FPCC all required building sophisticated semantic models for types. Furthermore, none of them can be easily extended to support mutable fields and recursive types. In this article, we present a syntactic approach to FPCC that avoids all of these difficulties. Under our new scheme, the foundational proof for a typed machine program simply consists of the typing derivation plus the formalized syntactic soundness proof for the underlying type system. The former can be readily obtained from a type-checker, while the latter is known to be much easier to construct than the semantic soundness proofs. We give a translation from a typed assembly language into FPCC and demonstrate the advantages of our new system through an implementation in the Coq proof assistant.

Interfacing Hoare Logic and Type Systems for Foundational Proof-Carrying Code

In this paper, we introduce a Foundational Proof-Carrying Code (FPCC) framework for constructing certified code packages from typed assembly language that will interface with a similarly certified runtime system. Our framework permits the typed assembly language to have a “foreign function” interface, in which stubs, initially provided when the program is being written, are eventually compiled and linked to code that may have been written in a language with a different type system, or even certified directly in the FPCC logic using a proof assistant. We have increased the potential scalability and flexibility of our FPCC system by providing a way to integrate programs compiled from different source type systems. In the process, we are explicitly manipulating the interface between Hoare logic and a syntactic type system.

Building certified libraries for PCC: dynamic storage allocation

Proof-Carrying Code (PCC) allows a code producer to provide to a host a program along with its formal safety proof. The proof attests a certain safety policy enforced by the code, and can be mechanically checked by the host. While this language-based approach to code certification is very general in principle, existing PCC systems have only focused on programs whose safety proofs can be automatically generated. As a result, many low-level system libraries (e.g., memory management) have not yet been handled. In this paper, we explore a complementary approach in which general properties and program correctness are semiautomatically certified. In particular, we introduce a low-level language CAP for building certified programs and present a certified library for dynamic storage allocation.

A Generic Framework for Engaging Online Data Sources in Introductory Programming Courses

This paper presents work on a code framework and methodology to facilitate the introduction of large, real-time, online data sources into introductory (or advanced) Computer Science courses. The framework is generic in the sense that no prior scaffolding or template specification is needed to make the data accessible, as long as the source uses a standard format such as XML, CSV, or JSON. The implementation described here maintains minimal syntactic overhead while relieving novice programmers from low-level issues of parsing raw data from a web-based data source. It interfaces directly with data structures and representations defined by the students themselves, rather than predefined and supplied by the library. Together, these features allow students and instructors to focus on algorithmic aspects of processing a wide variety of live and large data sources, without having to deal with low-level connection, parsing, extraction, and data binding. The library, available at http://cs.berry.edu/big-data, has been used in an introductory programming course based on Processing.

Automated web-based user interfaces for novice programmers

This paper presents the development of a library for introductory programming courses that automatically builds web forms based on a simple specification of parameter types (both primitive and complex, user-defined) and labels for a function. Upon invocation, the library launches a browser to display a page with a reasonably well laid-out form that allows entry of input values, browsing and recall of past inputs, and application of the underlying function to validated inputs. Novice programmers can thus develop programs focusing on design, implementation, and testing of their algorithm (realized as a function of appropriate parameters) and ignore the intricacies of handling user I/O. The web interface is more impressive than console I/O and is much less complicated to assemble than a traditional GUI, requiring no knowledge of web technologies to setup and launch.

Preparing, Visualizing, and Using Real-world Data in Introductory Courses

Working with real-world data has increasingly become a popular context for introductory computing courses. As a valuable 21st century skill, preparing students to be able to divine meaning from data can be useful to their long-term careers. Because Data Science aligns so closely with computing, many of the topics and problems it affords as a context can support the core learning objectives in introductory computing classes. In many instances, incorporating a real-world dataset to provide concrete context for an activity or assignment can improve student engagement and understanding of the abstract educational content being presented. However, there are many problems inherent to bringing real-world data into introductory courses. How do instructors, with finite amounts of time and energy, find and prepare suitable datasets for their pedagogical needs? Once the datasets are ready, how can students conveniently interact with and draw meaning from the datasets, especially when they are used in complex projects that are typical of later introductory courses? On the other hand, how does an instructor balance the complexities of using real-world datasets in the classroom, making sure that students appreciate the meaningfulness of course activities and their connection to learning objectives? This panel brings together experts with experience in using real-world data in introductory computing courses. Each panelist provides unique perspectives and skills to the problem of preparing, interacting, visualizing, and using pedagogical datasets. This panel should be of particular interest to instructors who are considering integrating current and real-world data into their assignments and projects, and to educational developers who want to create and manage datasets for pedagogical purposes. The panel will follow a conventional format: 5 minutes of introduction, 10 minutes for each panelist to present, and then 30 minutes for audience Q&A.

Formal verification of change making algorithms

We present progress on a project to formally verify properties of various algorithms related to the change making problem. In particular, we formalize proofs of the classic greedy algorithms behavior as well as an algorithm to verify its optimality for particular coin systems.

Formally certified stable marriages

We present an implementation of the Gale-Shapley stable matching algorithm in the Coq proof assistant. The resulting program is guaranteed to terminate and provides a proof of the stability of the matchings that it produces. While proofs of the algorithms termination and correctness exist on paper, our purpose was to investigate the process of developing a completely formalized proof for an executable implementation. The stages of our development are presented as a series of refinements to an initial version of the program. We suggest that the incremental approach we demonstrate is a reasonable model to follow in developing formalized correctness proofs for complex algorithms.

Certified code development for a microcontroller architecture

We are surrounded in our daily lives by embedded systems--microprocessors running software to control the operation of electronic gadgets and appliances we rely on. The proliferation of such devices and increased dependence upon them means that the correctness and safety of the software controlling them is all the more critical. Numerous techniques to ensure such properties are being widely researched, ranging from software engineering processes to formal verification technologies.

Integrating a certified memory management runtime with proof-carrying code

Software systems today are built from collections of interacting components written in different languages at varying levels of abstraction from the machine hardware. The ability to integrate certified components from different levels of a software architecture is a necessary part of the process of developing a dependable and secure computing infrastructure. In this paper we present a prototype system in the context of Proof-Carrying Code that allows for the integration of safety proofs derived from a high-level type system with a certified, low-level memory management runtime library.