[PriSC 2022 talk: https://popl22.sigplan.org/home/prisc-2022#program]
Proving secure compilation of partial programs typically requires back-translating a target attack against the compiled program to an attack against the source program. To prove this back-translation step, one can syntactically translate the target attacker to a source one -- i.e., syntax-directed back-translation -- or show that the interaction traces of the target attacker can also be produced by source attackers -- i.e., trace-directed back-translation.
Syntax-directed back-translation is not suitable when the target attacker uses unstructured control flow that the source language cannot directly represent. Trace-directed back-translation works with such syntactic dissimilarity because only the external interactions of the target attacker have to be mimicked in the source, not its internal control flow. Revealing only external interactions is, however, inconvenient when sharing memory via unforgeable pointers, since information about stashed pointers to shared memory gets lost. This made prior proofs complex, since the generated attacker had to stash all reachable pointers.
In this work, we introduce more informative data-flow traces, which allow us to combine the best of syntax-directed and trace-directed back-translation. Our data-flow back-translation is simple, handles both syntactic dissimilarity and memory sharing well, and we have proved it correct in Coq.
We, moreover, develop a novel turn-taking simulation relation and use it to prove a recomposition lemma, which is key to reusing compiler correctness in such secure compilation proofs. We are the first to mechanize such a recomposition lemma in a proof assistant in the presence of memory sharing.
We put these two key innovations to use in a secure compilation proof for a code generation compiler pass between a safe source language with pointers and components, and a target language with unstructured control flow.
This slides show
1. How to obtain code coverage information for Java code
2. What kind of code coverage it is possible to get
3. Is 100% block coverage feasible, is it useful
4. How the code coverage could be used for more than discovering a percentage of uncovered code
This slides show
1. How to obtain code coverage information for Java code
2. What kind of code coverage it is possible to get
3. Is 100% block coverage feasible, is it useful
4. How the code coverage could be used for more than discovering a percentage of uncovered code
Keynote given at the Asia Pacific Software Engineering Conference (APSEC), December 2020, on Automated Program Repair technologies and their applications.
Key Updating for Leakage Resiliency with Application to AES Modes of Operation1crore projects
IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
Automated Program Repair, Distinguished lecture at MPI-SWSAbhik Roychoudhury
MPI-SWS Distinguished Lecture 2019. The talk focuses on fuzzing, symbolic execution as background technologies and compares their relative power. Then the use of such technologies for automated program repair is investigated.
Partitioning Composite Code Changes to Facilitate Code Review (MSR2015)Sung Kim
Yida's presentation at MSR 2015!
Abstract—Developers expend significant effort on reviewing source code changes, hence the comprehensibility of code changes directly affects development productivity. Our prior study has suggested that composite code changes, which mix multiple development issues together, are typically difficult to review. Unfortunately, our manual inspection of 453 open source code changes reveals a non-trivial occurrence (up to 29%) of such composite changes.
In this paper, we propose a heuristic-based approach to automatically partition composite changes, such that each sub-change in the partition is more cohesive and self-contained. Our quantitative and qualitative evaluation results are promising in demonstrating the potential benefits of our approach for facilitating code review of composite code changes.
International Journal of Engineering and Science Invention (IJESI) is an international journal intended for professionals and researchers in all fields of computer science and electronics. IJESI publishes research articles and reviews within the whole field Engineering Science and Technology, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online.
All organizations want to go faster and decrease friction in delivering software. The problem is that InfoSec has historically slowed this down or worse. But, with the rise of CD pipelines and new devsecops tooling, there is an opportunity to reverse this trend and move Security from being a blocker to being an enabler.
This talk will discuss hallmarks of doing security in a software delivery pipeline with an emphasis on being pragmatic. At each phase of the delivery pipeline, you will be armed with philosophy, questions, and tools that will get security up-to-speed with your software delivery cadence.
From DeliveryConf 2020
SECURITY FOR DEVOPS DEPLOYMENT PROCESSES: DEFENSES, RISKS, RESEARCH DIRECTIONSijseajournal
DevOps is an emerging collection of software management practices intended to shorten time to market for
new software features and to reduce the risk of costly deployment errors. In this paper we examine the security implications of two of the key DevOps practices, automation of the deployment pipeline using a deployment toolchain and infrastructure-as-code to specify the environment of the eployed software. We focus on identifying what changes when an organization moves from manual deployments to DevOps
automated deployment processes.We reviewed the literature and conducted three case studies using simple configurations of common DevOps tools. This allowed us to identify specific:
• Positive influences on security where automation enhances defenses.
• Negative influences, where automation enables different kinds of attacks and increases the attack
surface.
• Research directions that look promising to support this new approach to software management.
• Recommendations for DevOps adopters
Erik Costlow, Product Evangelist at Contrast Security, was Oracle's principal product manager for Java 8 and 9, focused on security and performance. His security expertise involves threat modeling, code analysis, and instrumentation of security sensors. He is working to broaden this approach to security with Contrast Security. Before becoming involved in technology, Erik was a circus performer who juggled fire on a three-wheel vertical unicycle.
Security process should be integrated with SDLC well to be successful. While many companies have already moved from Waterfall to Agile methodologies security remains behind more often than not. We have demonstrated in our presentation how security can move to agile by utilizing open source tools, customizing them to meet our needs and to implement a continuos security testing using dynamic scanners as well as manual testing.
It’s very important also to assure that false positives are not fed to the developers bug tracking systems and to assign a severity for each finding correctly. To make it happen we import all our findings to a security dashboard and review them before exporting to a bug tracking system.
CS266 Software Reverse Engineering (SRE)
Introduction to Software Reverse Engineering
Teodoro (Ted) Cipresso, teodoro.cipresso@sjsu.edu
Department of Computer Science
San José State University
Spring 2015
Keynote given at the Asia Pacific Software Engineering Conference (APSEC), December 2020, on Automated Program Repair technologies and their applications.
Key Updating for Leakage Resiliency with Application to AES Modes of Operation1crore projects
IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
Automated Program Repair, Distinguished lecture at MPI-SWSAbhik Roychoudhury
MPI-SWS Distinguished Lecture 2019. The talk focuses on fuzzing, symbolic execution as background technologies and compares their relative power. Then the use of such technologies for automated program repair is investigated.
Partitioning Composite Code Changes to Facilitate Code Review (MSR2015)Sung Kim
Yida's presentation at MSR 2015!
Abstract—Developers expend significant effort on reviewing source code changes, hence the comprehensibility of code changes directly affects development productivity. Our prior study has suggested that composite code changes, which mix multiple development issues together, are typically difficult to review. Unfortunately, our manual inspection of 453 open source code changes reveals a non-trivial occurrence (up to 29%) of such composite changes.
In this paper, we propose a heuristic-based approach to automatically partition composite changes, such that each sub-change in the partition is more cohesive and self-contained. Our quantitative and qualitative evaluation results are promising in demonstrating the potential benefits of our approach for facilitating code review of composite code changes.
International Journal of Engineering and Science Invention (IJESI) is an international journal intended for professionals and researchers in all fields of computer science and electronics. IJESI publishes research articles and reviews within the whole field Engineering Science and Technology, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online.
All organizations want to go faster and decrease friction in delivering software. The problem is that InfoSec has historically slowed this down or worse. But, with the rise of CD pipelines and new devsecops tooling, there is an opportunity to reverse this trend and move Security from being a blocker to being an enabler.
This talk will discuss hallmarks of doing security in a software delivery pipeline with an emphasis on being pragmatic. At each phase of the delivery pipeline, you will be armed with philosophy, questions, and tools that will get security up-to-speed with your software delivery cadence.
From DeliveryConf 2020
SECURITY FOR DEVOPS DEPLOYMENT PROCESSES: DEFENSES, RISKS, RESEARCH DIRECTIONSijseajournal
DevOps is an emerging collection of software management practices intended to shorten time to market for
new software features and to reduce the risk of costly deployment errors. In this paper we examine the security implications of two of the key DevOps practices, automation of the deployment pipeline using a deployment toolchain and infrastructure-as-code to specify the environment of the eployed software. We focus on identifying what changes when an organization moves from manual deployments to DevOps
automated deployment processes.We reviewed the literature and conducted three case studies using simple configurations of common DevOps tools. This allowed us to identify specific:
• Positive influences on security where automation enhances defenses.
• Negative influences, where automation enables different kinds of attacks and increases the attack
surface.
• Research directions that look promising to support this new approach to software management.
• Recommendations for DevOps adopters
Erik Costlow, Product Evangelist at Contrast Security, was Oracle's principal product manager for Java 8 and 9, focused on security and performance. His security expertise involves threat modeling, code analysis, and instrumentation of security sensors. He is working to broaden this approach to security with Contrast Security. Before becoming involved in technology, Erik was a circus performer who juggled fire on a three-wheel vertical unicycle.
Security process should be integrated with SDLC well to be successful. While many companies have already moved from Waterfall to Agile methodologies security remains behind more often than not. We have demonstrated in our presentation how security can move to agile by utilizing open source tools, customizing them to meet our needs and to implement a continuos security testing using dynamic scanners as well as manual testing.
It’s very important also to assure that false positives are not fed to the developers bug tracking systems and to assign a severity for each finding correctly. To make it happen we import all our findings to a security dashboard and review them before exporting to a bug tracking system.
CS266 Software Reverse Engineering (SRE)
Introduction to Software Reverse Engineering
Teodoro (Ted) Cipresso, teodoro.cipresso@sjsu.edu
Department of Computer Science
San José State University
Spring 2015
Creating Developer-Friendly Docker Containers with ChaperoneGary Wisniewski
Chaperone provides a lean, full-featured environment which simplifies development and deployment of container services while adding minimal overhead (a single process does it all).
VCCFinder: Finding Potential Vulnerabilities in Open-Source Projects to Assis...Stefano Dalla Palma
These slides describe the paper of Henning Perl et. al. about a new method of finding potentially dangerous code in code repositories with a significantly lower false-positive rate than comparable systems. They combine code-metric analysis with metadata gathered from code repositories to help code review teams prioritize their work.
OpenMetadata Community Meeting - 5th June 2024OpenMetadata
The OpenMetadata Community Meeting was held on June 5th, 2024. In this meeting, we discussed about the data quality capabilities that are integrated with the Incident Manager, providing a complete solution to handle your data observability needs. Watch the end-to-end demo of the data quality features.
* How to run your own data quality framework
* What is the performance impact of running data quality frameworks
* How to run the test cases in your own ETL pipelines
* How the Incident Manager is integrated
* Get notified with alerts when test cases fail
Watch the meeting recording here - https://www.youtube.com/watch?v=UbNOje0kf6E
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...Crescat
Crescat is industry-trusted event management software, built by event professionals for event professionals. Founded in 2017, we have three key products tailored for the live event industry.
Crescat Event for concert promoters and event agencies. Crescat Venue for music venues, conference centers, wedding venues, concert halls and more. And Crescat Festival for festivals, conferences and complex events.
With a wide range of popular features such as event scheduling, shift management, volunteer and crew coordination, artist booking and much more, Crescat is designed for customisation and ease-of-use.
Over 125,000 events have been planned in Crescat and with hundreds of customers of all shapes and sizes, from boutique event agencies through to international concert promoters, Crescat is rigged for success. What's more, we highly value feedback from our users and we are constantly improving our software with updates, new features and improvements.
If you plan events, run a venue or produce festivals and you're looking for ways to make your life easier, then we have a solution for you. Try our software for free or schedule a no-obligation demo with one of our product specialists today at crescat.io
Transform Your Communication with Cloud-Based IVR SolutionsTheSMSPoint
Discover the power of Cloud-Based IVR Solutions to streamline communication processes. Embrace scalability and cost-efficiency while enhancing customer experiences with features like automated call routing and voice recognition. Accessible from anywhere, these solutions integrate seamlessly with existing systems, providing real-time analytics for continuous improvement. Revolutionize your communication strategy today with Cloud-Based IVR Solutions. Learn more at: https://thesmspoint.com/channel/cloud-telephony
Need for Speed: Removing speed bumps from your Symfony projects ⚡️Łukasz Chruściel
No one wants their application to drag like a car stuck in the slow lane! Yet it’s all too common to encounter bumpy, pothole-filled solutions that slow the speed of any application. Symfony apps are not an exception.
In this talk, I will take you for a spin around the performance racetrack. We’ll explore common pitfalls - those hidden potholes on your application that can cause unexpected slowdowns. Learn how to spot these performance bumps early, and more importantly, how to navigate around them to keep your application running at top speed.
We will focus in particular on tuning your engine at the application level, making the right adjustments to ensure that your system responds like a well-oiled, high-performance race car.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
AI Pilot Review: The World’s First Virtual Assistant Marketing SuiteGoogle
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
👉👉 Click Here To Get More Info 👇👇
https://sumonreview.com/ai-pilot-review/
AI Pilot Review: Key Features
✅Deploy AI expert bots in Any Niche With Just A Click
✅With one keyword, generate complete funnels, websites, landing pages, and more.
✅More than 85 AI features are included in the AI pilot.
✅No setup or configuration; use your voice (like Siri) to do whatever you want.
✅You Can Use AI Pilot To Create your version of AI Pilot And Charge People For It…
✅ZERO Manual Work With AI Pilot. Never write, Design, Or Code Again.
✅ZERO Limits On Features Or Usages
✅Use Our AI-powered Traffic To Get Hundreds Of Customers
✅No Complicated Setup: Get Up And Running In 2 Minutes
✅99.99% Up-Time Guaranteed
✅30 Days Money-Back Guarantee
✅ZERO Upfront Cost
See My Other Reviews Article:
(1) TubeTrivia AI Review: https://sumonreview.com/tubetrivia-ai-review
(2) SocioWave Review: https://sumonreview.com/sociowave-review
(3) AI Partner & Profit Review: https://sumonreview.com/ai-partner-profit-review
(4) AI Ebook Suite Review: https://sumonreview.com/ai-ebook-suite-review
Hand Rolled Applicative User ValidationCode KataPhilip Schwarz
Could you use a simple piece of Scala validation code (granted, a very simplistic one too!) that you can rewrite, now and again, to refresh your basic understanding of Applicative operators <*>, <*, *>?
The goal is not to write perfect code showcasing validation, but rather, to provide a small, rough-and ready exercise to reinforce your muscle-memory.
Despite its grandiose-sounding title, this deck consists of just three slides showing the Scala 3 code to be rewritten whenever the details of the operators begin to fade away.
The code is my rough and ready translation of a Haskell user-validation program found in a book called Finding Success (and Failure) in Haskell - Fall in love with applicative functors.
AI Fusion Buddy Review: Brand New, Groundbreaking Gemini-Powered AI AppGoogle
AI Fusion Buddy Review: Brand New, Groundbreaking Gemini-Powered AI App
👉👉 Click Here To Get More Info 👇👇
https://sumonreview.com/ai-fusion-buddy-review
AI Fusion Buddy Review: Key Features
✅Create Stunning AI App Suite Fully Powered By Google's Latest AI technology, Gemini
✅Use Gemini to Build high-converting Converting Sales Video Scripts, ad copies, Trending Articles, blogs, etc.100% unique!
✅Create Ultra-HD graphics with a single keyword or phrase that commands 10x eyeballs!
✅Fully automated AI articles bulk generation!
✅Auto-post or schedule stunning AI content across all your accounts at once—WordPress, Facebook, LinkedIn, Blogger, and more.
✅With one keyword or URL, generate complete websites, landing pages, and more…
✅Automatically create & sell AI content, graphics, websites, landing pages, & all that gets you paid non-stop 24*7.
✅Pre-built High-Converting 100+ website Templates and 2000+ graphic templates logos, banners, and thumbnail images in Trending Niches.
✅Say goodbye to wasting time logging into multiple Chat GPT & AI Apps once & for all!
✅Save over $5000 per year and kick out dependency on third parties completely!
✅Brand New App: Not available anywhere else!
✅ Beginner-friendly!
✅ZERO upfront cost or any extra expenses
✅Risk-Free: 30-Day Money-Back Guarantee!
✅Commercial License included!
See My Other Reviews Article:
(1) AI Genie Review: https://sumonreview.com/ai-genie-review
(2) SocioWave Review: https://sumonreview.com/sociowave-review
(3) AI Partner & Profit Review: https://sumonreview.com/ai-partner-profit-review
(4) AI Ebook Suite Review: https://sumonreview.com/ai-ebook-suite-review
#AIFusionBuddyReview,
#AIFusionBuddyFeatures,
#AIFusionBuddyPricing,
#AIFusionBuddyProsandCons,
#AIFusionBuddyTutorial,
#AIFusionBuddyUserExperience
#AIFusionBuddyforBeginners,
#AIFusionBuddyBenefits,
#AIFusionBuddyComparison,
#AIFusionBuddyInstallation,
#AIFusionBuddyRefundPolicy,
#AIFusionBuddyDemo,
#AIFusionBuddyMaintenanceFees,
#AIFusionBuddyNewbieFriendly,
#WhatIsAIFusionBuddy?,
#HowDoesAIFusionBuddyWorks
E-commerce Application Development Company.pdfHornet Dynamics
Your business can reach new heights with our assistance as we design solutions that are specifically appropriate for your goals and vision. Our eCommerce application solutions can digitally coordinate all retail operations processes to meet the demands of the marketplace while maintaining business continuity.
Utilocate offers a comprehensive solution for locate ticket management by automating and streamlining the entire process. By integrating with Geospatial Information Systems (GIS), it provides accurate mapping and visualization of utility locations, enhancing decision-making and reducing the risk of errors. The system's advanced data analytics tools help identify trends, predict potential issues, and optimize resource allocation, making the locate ticket management process smarter and more efficient. Additionally, automated ticket management ensures consistency and reduces human error, while real-time notifications keep all relevant personnel informed and ready to respond promptly.
The system's ability to streamline workflows and automate ticket routing significantly reduces the time taken to process each ticket, making the process faster and more efficient. Mobile access allows field technicians to update ticket information on the go, ensuring that the latest information is always available and accelerating the locate process. Overall, Utilocate not only enhances the efficiency and accuracy of locate ticket management but also improves safety by minimizing the risk of utility damage through precise and timely locates.
Software Engineering, Software Consulting, Tech Lead, Spring Boot, Spring Cloud, Spring Core, Spring JDBC, Spring Transaction, Spring MVC, OpenShift Cloud Platform, Kafka, REST, SOAP, LLD & HLD.
Code reviews are vital for ensuring good code quality. They serve as one of our last lines of defense against bugs and subpar code reaching production.
Yet, they often turn into annoying tasks riddled with frustration, hostility, unclear feedback and lack of standards. How can we improve this crucial process?
In this session we will cover:
- The Art of Effective Code Reviews
- Streamlining the Review Process
- Elevating Reviews with Automated Tools
By the end of this presentation, you'll have the knowledge on how to organize and improve your code review proces
Do you want Software for your Business? Visit Deuglo
Deuglo has top Software Developers in India. They are experts in software development and help design and create custom Software solutions.
Deuglo follows seven steps methods for delivering their services to their customers. They called it the Software development life cycle process (SDLC).
Requirement — Collecting the Requirements is the first Phase in the SSLC process.
Feasibility Study — after completing the requirement process they move to the design phase.
Design — in this phase, they start designing the software.
Coding — when designing is completed, the developers start coding for the software.
Testing — in this phase when the coding of the software is done the testing team will start testing.
Installation — after completion of testing, the application opens to the live server and launches!
Maintenance — after completing the software development, customers start using the software.
Why Mobile App Regression Testing is Critical for Sustained Success_ A Detail...kalichargn70th171
A dynamic process unfolds in the intricate realm of software development, dedicated to crafting and sustaining products that effortlessly address user needs. Amidst vital stages like market analysis and requirement assessments, the heart of software development lies in the meticulous creation and upkeep of source code. Code alterations are inherent, challenging code quality, particularly under stringent deadlines.
Mobile App Development Company In Noida | Drona InfotechDrona Infotech
Looking for a reliable mobile app development company in Noida? Look no further than Drona Infotech. We specialize in creating customized apps for your business needs.
Visit Us For : https://www.dronainfotech.com/mobile-application-development/
Zoom is a comprehensive platform designed to connect individuals and teams efficiently. With its user-friendly interface and powerful features, Zoom has become a go-to solution for virtual communication and collaboration. It offers a range of tools, including virtual meetings, team chat, VoIP phone systems, online whiteboards, and AI companions, to streamline workflows and enhance productivity.
Takashi Kobayashi and Hironori Washizaki, "SWEBOK Guide and Future of SE Education," First International Symposium on the Future of Software Engineering (FUSE), June 3-6, 2024, Okinawa, Japan
3. Setup: Secure compilation of partial programs
Risk: Partial programs may be linked against buggy
or malicious contexts.
3
4. Setup: Secure compilation of partial programs
Risk: Partial programs may be linked against buggy
or malicious contexts.
Strategy: Prove that the partial programs, when
compiled properly, are protected from the contexts.
6. Setup: Secure compilation of partial programs
import module Net
module Main {
char iobuffer[1024];
static long int user_balance_usd;
int main(void) {
Net.init_network(iobuffer)
Net.receive();
}
}
7. Setup: Secure compilation of partial programs
import module Net
module Main {
char iobuffer[1024];
static long int user_balance_usd;
int main(void) {
Net.init_network(iobuffer)
Net.receive();
}
}
The context
implements it
The partial
program calls it
8. Setup: Secure compilation of partial programs
import module Net
module Main {
char iobuffer[1024];
static long int user_balance_usd;
int main(void) {
Net.init_network(iobuffer)
Net.receive();
}
}
The partial program
intentionally shares
the array with the
context
9. Setup: Secure compilation of partial programs
import module Net
module Main {
char iobuffer[1024];
static long int user_balance_usd;
int main(void) {
Net.init_network(iobuffer)
Net.receive();
}
}
The partial program
NEVER shares the
user balance with
the context
10. Setup: Secure compilation of partial programs
import module Net
module Main {
char iobuffer[1024];
static long int user_balance_usd;
int main(void) {
Net.init_network(iobuffer)
Net.receive();
}
}
The partial program
NEVER shares the
user balance with
the context
Intention is that
user balance is
"high integrity"
11. Setup: Secure compilation of partial programs
Risk: Partial programs may be linked against buggy
or malicious contexts.
Strategy: Prove that the partial programs, when
compiled properly, are protected from the contexts.
Recall
12. Intention is that
user balance is
"high integrity"
Setup: Secure compilation of partial programs
import module Net
module Main {
char iobuffer[1024];
static long int user_balance_usd;
int main(void) {
Net.init_network(iobuffer)
Net.receive();
}
}
The partial program
NEVER shares the
user balance with
the context
A buggy/malicious
context
might access the
user balance
13. Setup: Secure compilation of partial programs
import module Net
module Main {
char iobuffer[1024];
static long int user_balance_usd;
int main(void) {
Net.init_network(iobuffer)
Net.receive();
}
}
A buggy/malicious
context
might access the
user balance
r1
init_network:
addi $r1 $r_arg 1024
sw $r2 0($r1)
OVERWRITE
14. Setup: Secure compilation of partial programs
Risk: Partial programs may be linked against buggy
or malicious contexts.
Strategy: Prove that the partial programs, when
compiled properly, are protected from the contexts.
15. Setup: Secure compilation of partial programs
Risk: Partial programs may be linked against buggy
or malicious contexts.
Strategy: Prove that the partial programs, when
compiled properly, are protected from the contexts.
"Compiled properly"
means the compiler
enforces isolation e.g.
by relying on CHERI,
micropolicies, etc.
16. Setup: Secure compilation of partial programs
Risk: Partial programs may be linked against buggy
or malicious contexts.
Strategy: Prove that the partial programs, when
compiled properly, are protected from the contexts.
Focus of this talk:
Proof
techniques
17. Strategy: Prove that the partial programs, when
compiled properly, are protected from the contexts.
Desired: Preserve the security of the
source program part
(assuming a memory-safe source semantics)
18. Desired: Preserve the security of the
source program part
(assuming a memory-safe source semantics)
Desired (for our example):
If no execution with a source context overwrites the user
balance, then
no execution with a target context overwrites it either.
19. Desired: Preserve the security of the
source program part
(assuming a memory-safe source semantics)
Desired (for our example):
Forall safety property S,
If no execution with a source context violates S,
no execution with a target context violates S
either.
20. called "Preservation of Robust Safety"
Desired (for our example):
Forall safety property S,
If no execution of a source context violates S, then
no execution of the target context violates Seither.
20
21. called "Preservation of Robust Safety"
Desired (for our example):
Forall safety property S,
If no execution of a source context violates S, then
no execution of the target context violates Seither.
This talk: Explain a proof technique,
called data-flow back-translation.
22. called "Preservation of Robust Safety"
This talk: Explain a proof technique,
called data-flow back-translation.
Desired (for our example):
Forall safety property S,
If no execution of a source context violates S, then
no execution of the target context violates Seither.
Key
Benefits:
Suited for memory sharing
and syntactic dissimilarity
23. Desired (for our example):
If no execution with a source context overwrites the user
balance, then
no execution with a target context overwrites it either.
24. Alternatively, prove the contrapositive:
If there exists an execution of a target context that
overwrites the user balance, then
there also exists a source context and an execution in which
it too overwrites the user balance.
25. Alternatively, prove the contrapositive:
If there exists an execution of a target context that
overwrites the user balance, then
there also exists a source context and an execution in which
it too overwrites the user balance.
called "Back-translation".
Familiar from plenty of secure compilationliterature
26. Alternatively, prove the contrapositive:
If there exists an execution of a target context that
overwrites the user balance, then
there also exists a source context and an execution in which
it too overwrites the user balance.
Can prove a back-translation lemma about just whole programs
[Abate et al. 2018 "When good components go bad"]:
If there exists an execution of a whole target program, then
there exists a whole source program and a related execution.
27. called "Back-translation". Two techniques in the literature:
If there exists an execution of a whole target program, then
there exists a whole source program and a related execution.
28. called "Back-translation". Two techniques in the literature:
Syntax-directed
28
If there exists an execution of a whole target program, then
there exists a whole source program and a related execution.
29. called "Back-translation". Two techniques in the literature:
Syntax-directed
target
programs
: source
programs
If there exists an execution of a whole target program, then
there exists a whole source program and a related execution.
30. If there exists an execution of a whole target program, then
there exists a whole source program and a related execution.
called "Back-translation". Two techniques in the literature:
Syntax-directed
target
programs
: source
programs
ALL target
programs, not
just the image of
the compiler
31. called "Back-translation". Two techniques in the literature:
Syntax-directed
target
programs
: source
programs
Need to prove that is correct, i.e., satisfies the spec.
If there exists an execution of a whole target program, then
there exists a whole source program and a related execution.
32. called "Back-translation". Two techniques in the literature:
Syntax-directed
target
programs
: source
programs
Correctness proof similar to a
compiler correctness proof
32
If there exists an execution of a whole target program, then
there exists a whole source program and a related execution.
33. called "Back-translation". Two techniques in the literature:
Syntax-directed
target
programs
: source
programs
Correctness proof similar to a
compiler correctness proof
Compiling unstructured target
to a structured source unclear
If there exists an execution of a whole target program, then
there exists a whole source program and a related execution.
34. called "Back-translation". Two techniques in the literature:
Syntax-directed
target
programs
: source
programs
Trace-directed
Ignore the given program.
Focus just on the given
execution trace (i.e., on an
individual run of the program).
Correctness proof similar to a
compiler correctness proof
Compiling unstructured target
to a structured source unclear
If there exists an execution of a whole target program, then
there exists a whole source program and a related execution.
35. called "Back-translation". Two techniques in the literature:
Syntax-directed
target
programs
: source
programs
Trace-directed
interaction
traces
: source
programs
Correctness proof similar to a
compiler correctness proof
Compiling unstructured target
to a structured source unclear
If there exists an execution of a whole target program, then
there exists a whole source program and a related execution.
36. called "Back-translation". Two techniques in the literature:
Syntax-directed
target
programs
: source
programs
Trace-directed
interaction
traces
: source
programs
Correctness proof similar to a
compiler correctness proof
Compiling unstructured target
to a structured source unclear
A prefix of one target
trace.
If there exists an execution of a whole target program, then
there exists a whole source program and a related execution.
37. called "Back-translation". Two techniques in the literature:
Syntax-directed
target
programs
: source
programs
Trace-directed
interaction
traces
: source
programs
Correctness proof similar to a
compiler correctness proof
Compiling unstructured target
to a structured source unclear
Indifferent to syntactic dissimilarity
between target and source
If there exists an execution of a whole target program, then
there exists a whole source program and a related execution.
38. If there exists an execution of a whole target program, then
there exists a whole source program and a related execution.
called "Back-translation". Two techniques in the literature:
Syntax-directed
target
programs
: source
programs
Trace-directed
interaction
traces
: source
programs
Correctness proof similar to a
compiler correctness proof
Compiling unstructured target
to a structured source unclear
Indifferent to syntactic dissimilarity
between target and source
No need anymore to
translate the within-
module control
constructs. Only mimic
the external interaction
(flexible def of the back-
translation)
39. called "Back-translation". Two techniques in the literature:
Syntax-directed
target
programs
: source
programs
Trace-directed
interaction
traces
: source
programs
Correctness proof similar to a
compiler correctness proof
Compiling unstructured target
to a structured source unclear
Indifferent to syntactic dissimilarity
between target and source
Correctness proof with memory
sharing is involved.
If there exists an execution of a whole target program, then
there exists a whole source program and a related execution.
40. If there exists an execution of a whole target program, then
there exists a whole source program and a related execution.
called "Back-translation". Two techniques in the literature:
Syntax-directed
target
programs
: source
programs
Trace-directed
interaction
traces
: source
programs
Correctness proof similar to a
compiler correctness proof
Compiling unstructured target
to a structured source unclear
Indifferent to syntactic dissimilarity
between target and source
Correctness proof with memory
sharing is involved.
40
44. Trace-directed
interaction
traces
: source
programs
Given a trace emitted by
a target program
Find a source program
emitting a related trace
Correctness proof
with memory sharing is involved.
Back-translation has to
mimic the visible shared
memory operations to
emit a related trace.
47. 47
and
are traces of only the externally observable events
Silent labels denote
internal execution. All
silent labels are
eventually dropped.
48. 48
and
are traces of only the externally observable events
There are two kinds of border-
crossing call events (program to
context, and context to program).
49. 49
and
are traces of only the externally observable events
There are two kinds of border-
crossing return events (program to
context, and context to program).
50. 50
and
are traces of only the externally observable events
Calls and returns record a
snapshot of all the
memory shared so far
51. include module Net
module Main {
char iobuffer[1024];
static long int user_balance_usd;
int main(void) {
Net.init_network(iobuffer)
Net.receive();
}
}
51
Walk through the
example and explain
memory shared so far
and the reason why
Proof of trace-directed back-
translation with memory sharing
is involved.
52. include module Net
module Main {
char iobuffer[1024];
static long int user_balance_usd;
int main(void) {
Net.init_network(iobuffer)
Net.receive();
}
}
52
border crossing
border crossing
53. include module Net
module Main {
char iobuffer[1024];
static long int user_balance_usd;
int main(void) {
Net.init_network(iobuffer)
Net.receive();
}
}
53
iobuffer[1024]
54. include module Net
module Main {
char iobuffer[1024];
static long int user_balance_usd;
int main(void) {
Net.init_network(iobuffer)
Net.receive();
}
}
54
iobuffer[1024]
The call
to init_network shares
the iobuffer; a snapshot
of its contents appears now
and in all future border-
crossing events.
55. include module Net
module Main {
char iobuffer[1024];
static long int user_balance_usd;
int main(void) {
Net.init_network(iobuffer)
Net.receive();
}
}
55
iobuffer[1024]
The return
from init_network still
shows the iobuffer with
the same contents.
56. include module Net
module Main {
char iobuffer[1024];
static long int user_balance_usd;
int main(void) {
Net.init_network(iobuffer)
Net.receive();
}
}
56
iobuffer[1024]
The call to receive does
not (directly) share anything
new, but still
57. include module Net
module Main {
char iobuffer[1024];
static long int user_balance_usd;
int main(void) {
Net.init_network(iobuffer)
Net.receive();
}
}
57
iobuffer[1024]
The return
event from receive also
shows a snapshot
of iobuffer, now with
the received data!
58. include module Net
module Main {
char iobuffer[1024];
static long int user_balance_usd;
int main(void) {
Net.init_network(iobuffer);
Net.receive();
}
}
58
iobuffer[1024]
The init_network function
must have
stashed the pointer
to iobuffer somewhere in order
to enable other functions of
Net to access it.
59. 59
The init_network function must have
stashed the pointer
to iobuffer somewhere in order to enable other functions of Net
to access it, but
this stash does NOT appear on the
interaction trace because it is not part of the
shared memory.
60. 60
The init_network function must have
stashed the pointer
to iobuffer somewhere in order to enable other functions of Net
to access it, but
this stash does NOT appear on the
interaction trace because it is not part of the
shared memory.
Trace-directed
interaction
traces
: source
programs
Still needs to enable other
functions of Net
to access iobuffer
61. 61
The init_network function must have
stashed the pointer
to iobuffer somewhere in order to enable other functions of Net
to access it, but
this stash does NOT appear on the
interaction trace because it is not part of the
shared memory.
Trace-directed
interaction
traces
: source
programs
implements own
stash
62. 62
Drawback of trace-directed back-translation:
must traverse and stash the whole shared memory
CapablePtrs [El-Korashy et al. 2021]
Reason: Pointers may
be shared indirectly.
63. 63
Fatten the whole graph
reachable from the shared
memory and stash it:
init_network_arg_1,
init_network_arg_2,
.. .
init_network_arg_n
and maintain invariants
between the flattening and
the original.
Drawback of trace-directed back-translation:
must traverse and stash the whole shared memory
CapablePtrs [El-Korashy et al. 2021]
Reason: Pointers may
be shared indirectly.
64. The stashing mechanism of CapablePtrs [El-Korashy et al.
2021] is not mechanized-proof friendly.
Proving that this stashing mechanism is
sufficient to mimic every possible
memory snapshot is not trivial in Coq.
65. Proving that this stashing mechanism is
sufficient to mimic every possible
memory snapshot is not trivial in Coq.
e.g., Termination lemmas for custom graph traversal algorithms have to be
proved.
The stashing mechanism of CapablePtrs [El-Korashy et al.
2021] is not mechanized-proof friendly.
66. 66
In summary: Need a back-translation
technique that
we can mechanize with reasonable effort
supports memory sharing by pointer passing
67. 67
In summary: Need a back-translation
technique that
we can mechanize with reasonable effort
supports memory sharing by pointer passing
is indifferent to syntactic dissimilarity between target and source
68. 68
In summary: Need a back-translation
technique that
we can mechanize with reasonable effort
supports memory sharing by pointer passing
is indifferent to syntactic dissimilarity between target and source
Data-Flow
Back-Translation
x 3
70. 70
Data-Flow Back-Translation
[Under submission]
Need to be careful: The validity of the top-leveltheorem
depends on the interaction traces capturing just the externally
observable behavior of a module.
High level idea: Make the traces more informative
so that trace-directed back-translation is easier.
71. 71
Data-Flow Back-Translation
[Under submission]
(Turns out: easy to decouple the trace alphabet of the main theorem from the trace alphabet of the
back-translation. See the enrichmentlemma and the projectionfunction in the manuscript.)
Need to be careful: The validity of the top-leveltheorem
depends on the interaction traces capturing just the externally
observable behavior of a module.
High level idea: Make the traces more informative
so that trace-directed back-translation is easier.
77. 77
If the target context stashes a pointer, or recovers a pointer from the stash,
the data-flow events will now reveal the sequence of operations that
constitutethis stashing/recovery.
78. 78
If the target context stashes a pointer, or recovers a pointer from the stash,
the data-flow events will now reveal the sequence of operations that
constitutethis stashing/recovery.
Data-Flow Back-Translation
maps each individual data-flow event to one or more source-language
expression/statement(s).
data-flow
traces
: source
programs
80. 80
a a+5
Example: The target context stashes the pointer that is stored
at shared address "a+5" in a private address "b".
81. 81
a a+5
Example: The target context stashes the pointer that is stored
at shared address "a+5" in a private address "b".
Remember: On the interaction trace (standard trace-directed back-
translation), this stashing will just appear as the silent label.
85. 85
a a+5
r_arg: a
r_1: a
r_loc: b
r_ct: 5
Data-Flow Events:
Mov Mem Reg' c r_arg r_1
Const Mem Reg'' c 5 r_ct
Reg''
86. 86
a a+5
r_arg: a
r_1: a+5
r_loc: b
r_ct: 5
Data-Flow Events:
Mov Mem Reg' c r_arg r_1
Const Mem Reg'' c 5 r_ct
BinOp Mem Reg''' c add r_1 r_ct r_1
Reg'''
87. 87
a a+5
r_arg: a
r_1: ptr
r_loc: b
r_ct: 5
Data-Flow Events:
Mov Mem Reg' c r_arg r_1
Const Mem Reg'' c 5 r_ct
BinOp Mem Reg''' c add r_1 r_ct r_1
Load Mem Reg'''' c r_1 r_1
Reg''''
88. 88
a a+5
r_arg: a
r_1: ptr
r_loc: b
r_ct: 5
Reg''''
Data-Flow Events:
Mov Mem Reg' c r_arg r_1
Const Mem Reg'' c 5 r_ct
BinOp Mem Reg''' c add r_1 r_ct r_1
Load Mem Reg'''' c r_1 r_1
Store Mem' Reg'''' c r_loc r_1
b: ptr
Mem'
89. 89
Mov Mem Reg' c r_arg r_1
Const Mem Reg'' c 5 r_ct
BinOp Mem Reg''' c add r_1 r_ct r_1
Load Mem Reg'''' c r_1 r_1
Store Mem' Reg'''' c r_loc r_1
90. 90
Data-Flow Back-Translation:
Mov Mem Reg' c r_arg r_1
Const Mem Reg'' c 5 r_ct
BinOp Mem Reg''' c add r_1 r_ct r_1
Load Mem Reg'''' c r_1 r_1
Store Mem' Reg'''' c r_loc r_1
module Net {
f (arg) {
...
// tmp_loc points to Net-private memory
91. 91
Data-Flow Back-Translation:
Mov Mem Reg' c r_arg r_1
Const Mem Reg'' c 5 r_ct
BinOp Mem Reg''' c add r_1 r_ct r_1
Load Mem Reg'''' c r_1 r_1
Store Mem' Reg'''' c r_loc r_1
module Net {
f (arg) {
...
// tmp_loc points to Net-private memory
Reserve one
fixed source
variable to
simulate
each target-
language
register
92. 92
Data-Flow Back-Translation:
Mov Mem Reg' c r_arg r_1
Const Mem Reg'' c 5 r_ct
BinOp Mem Reg''' c add r_1 r_ct r_1
Load Mem Reg'''' c r_1 r_1
Store Mem' Reg'''' c r_loc r_1
module Net {
f (arg) {
...
// tmp_loc points to Net-private memory
93. 93
Data-Flow Back-Translation:
Const Mem Reg'' c 5 r_ct
BinOp Mem Reg''' c add r_1 r_ct r_1
Load Mem Reg'''' c r_1 r_1
Store Mem' Reg'''' c r_loc r_1
module Net {
f (arg) {
...
// tmp_loc points to Net-private memory
tmp_1 := arg;
94. 94
Data-Flow Back-Translation:
BinOp Mem Reg''' c add r_1 r_ct r_1
Load Mem Reg'''' c r_1 r_1
Store Mem' Reg'''' c r_loc r_1
module Net {
f (arg) {
...
// tmp_loc points to Net-private memory
tmp_1 := arg;
tmp_ct := 5;
95. 95
Data-Flow Back-Translation:
Load Mem Reg'''' c r_1 r_1
Store Mem' Reg'''' c r_loc r_1
module Net {
f (arg) {
...
// tmp_loc points to Net-private memory
tmp_1 := arg;
tmp_ct := 5;
tmp_1 := tmp_1 + tmp_ct
96. 96
Data-Flow Back-Translation:
Store Mem' Reg'''' c r_loc r_1
module Net {
f (arg) {
...
// tmp_loc points to Net-private memory
tmp_1 := arg;
tmp_ct := 5;
tmp_1 := tmp_1 + tmp_ct
tmp_1 := *(tmp_1)
101. 101
supports memory sharing (without the need for graph traversal)
Data-Flow Back-Translation
comes with a mechanized back-translation lemma in Coq (12k LoC)
102. 102
supports memory sharing (without the need for graph traversal)
Data-Flow Back-Translation
works for syntactically dissimilar languages: a safe untyped target with
unstructured control and a safe untyped source language with
structured control
comes with a mechanized back-translation lemma in Coq (12k LoC)
105. Why reuse whole-program compiler
correctness lemmas?
Some kind of a compiler correctness obligation usually shows up in a
secure compilation proof.
106. Why reuse whole-program compiler
correctness lemmas?
Some kind of a compiler correctness obligation usually shows up in a
secure compilation proof.
If we hope to scale secure compilation proofs to a verified compiler, it will
be easier to reuse rather than redo years-worth of manual proof effort.
107. Why reuse whole-program compiler
correctness lemmas?
Some kind of a compiler correctness obligation usually shows up in a
secure compilation proof.
If we hope to scale secure compilation proofs to a verified compiler, it will
be easier to reuse rather than redo years-worth of manual proof effort.
Whole-program compiler correctness makes no assumptions about the
context (because there is no context). So, a priori, there will be no difficulty
in instantiating it (as opposed to partial-program correctness lemmas).
108. Summary: Proof technique for robust safety
preservation
Mechanized in Coq (approx. 30 kLoC)
Reuses whole-program compiler correctness lemmas
Handles syntactically dissimilar target and source languages.
Supports languages with memory sharing
https://bit.ly/SecurePtrs
110. State-of-the-art re reuse of whole-program
compiler correctness lemmas in secure compilation
[Abate et al. 2018 "When good components go bad"] [El-Korashy et al. 2021 "CapablePtrs"]
Mechanized in Coq
Supports memory sharing by
pointer passing
Detailed technique but not
machine checkable
Languages have static
memory partition with only
primitive values passable as
arguments.
111. Scaled the proof of Abate et al. 2018 to languages
with memory sharing
[Abate et al. 2018 "When good components go bad"] [El-Korashy et al. 2021 "CapablePtrs"]
Mechanized in Coq
Supports memory sharing by
pointer passing
Detailed technique but not
machine checkable
Languages have static
memory partition with only
primitive values passable as
arguments.
112. Scaled the proof of Abate et al. 2018 to languages
with memory sharing
[Abate et al. 2018 "When good components go bad"] [El-Korashy et al. 2021 "CapablePtrs"]
Mechanized in Coq
Supports memory sharing by
pointer passing
Detailed technique but not
machine checkable
Novel ternary turn-taking
relation to support
memory sharing.
(13k LoC in Coq)
113. Borrowed some intuitions from CapablePtrs
[Abate et al. 2018 "When good components go bad"] [El-Korashy et al. 2021 "CapablePtrs"]
Key Ingredient: Rely on a ternary relation. Key Ingredient: Rely on a ternary relation.
114. Borrowed some intuitions from CapablePtrs
[Abate et al. 2018 "When good components go bad"] [El-Korashy et al. 2021 "CapablePtrs"]
Key Ingredient: Rely on a ternary relation
(called recomposition) between three target-
language executions.
Key Ingredient: Rely on a ternary relation (called
TrICL) between two target-language executions, and
a third sourceexecuton.
115. Borrowed some intuitions from CapablePtrs
[Abate et al. 2018 "When good components go bad"] [El-Korashy et al. 2021 "CapablePtrs"]
Key Ingredient: Rely on a ternary relation
(called recomposition) between three target-
language executions.
Key Ingredient: Rely on a ternary relation (called
TrICL) between two target-language executions, and
a third sourceexecuton.
Use ideas from the
strong/weak binary similarity
in CapablePtrs to make the
ternary recomposition
relation aware of memory
sharing.
116.
117. Setup: Secure compilation of partial programs
import module Net
module Main {
char iobuffer[1024];
static long int user_balance_usd;
int main(void) {
Net.init_network(iobuffer)
Net.receive();
}
}
r1
init_network:
addi $r1 $r_arg 1024
sw $r2 0($r1)
118. Setup: Secure compilation of partial programs
import module Net
module Main {
char iobuffer[1024];
static long int user_balance_usd;
int main(void) {
Net.init_network(iobuffer)
Net.receive();
}
}
r1
init_network:
addi $r1 $r_arg 1024
sw $r2 0($r1)
Compiler should
ensure that the
context
CANNOT access
the user balance
120. 120
Given a target interaction trace with Net
Call ? init_network
Example: stash of the Net module
CapablePtrs [El-Korashy et al. 2021]
121. 121
Given a target interaction trace with Net
Call ? init_network
Ret !
Example: stash of the Net module
CapablePtrs [El-Korashy et al. 2021]
122. 122
Given a target interaction trace with Net
Call ? init_network
Ret !
Call ? receive
Example: stash of the Net module
CapablePtrs [El-Korashy et al. 2021]
123. 123
Given a target interaction trace with Net
Call ? init_network
Ret !
Call ? receive
Ret !
Example: stash of the Net module
CapablePtrs [El-Korashy et al. 2021]
124. 124
Given a target interaction trace with Net
Call ? init_network
Ret !
Call ? receive
Ret !
Find a source
implementation
of Net that emits a related
interaction trace.
Example: stash of the Net module
CapablePtrs [El-Korashy et al. 2021]
125. 125
Given a target interaction trace with Net
Call ? init_network
Ret !
Call ? receive
Ret !
Before the source
implementation
of init_network
returns, it stashes its
argument in private
memory, e.g. in a variable
called
init_network_arg.
Example: stash of the Net module
CapablePtrs [El-Korashy et al. 2021]
126. 126
Given a target interaction trace with Net
Call ? init_network
Ret !
Call ? receive
Ret !
Before receive
returns, it uses the pointer
stashed in
init_network_arg to
hardcode in the iobuffer
all the green values that
appeared on the given trace.
Example: stash of the Net module
CapablePtrs [El-Korashy et al. 2021]
127. 127
In general, must stash the whole shared memory
CapablePtrs [El-Korashy et al. 2021]
The same function may have
been called more than once: init_network_arg_1_c1,
init_network_arg_2_c1,
.. .
init_network_arg_n_c1
128. 128
In general, must stash the whole shared memory
CapablePtrs [El-Korashy et al. 2021]
The same function may have
been called more than once: init_network_arg_1_c1,
init_network_arg_2_c1,
.. .
init_network_arg_n_c1
init_network_arg_1_c2,
init_network_arg_2_c2,
.. .
init_network_arg_m_c2