Verification, Model Checking, and Abstract Interpretation

Volume 3855 of the series Lecture Notes in Computer Science pp 174-189

A Framework for Certified Program Analysis and Its Applications to Mobile-Code Safety

  • Bor-Yuh Evan ChangAffiliated withUniversity of California
  • , Adam ChlipalaAffiliated withUniversity of California
  • , George C. NeculaAffiliated withUniversity of California

* Final gross prices may vary according to local VAT.

Get Access


A certified program analysis is an analysis whose implementation is accompanied by a checkable proof of soundness. We present a framework whose purpose is to simplify the development of certified program analyses without compromising the run-time efficiency of the analyses. At the core of the framework is a novel technique for automatically extracting Coq proof-assistant specifications from ML implementations of program analyses, while preserving to a large extent the structure of the implementation. We show that this framework allows developers of mobile code to provide to the code receivers untrusted code verifiers in the form of certified program analyses. We demonstrate efficient implementations in this framework of bytecode verification, typed assembly language, and proof-carrying code.