Speed Up Configurable Certificate Validation by Certificate Reduction and Partitioning

  • Marie-Christine JakobsEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9276)


Before execution, users should formally validate the correctness of software received from untrusted providers. To accelerate this validation, in the proof carrying code (PCC) paradigm the provider delivers the software together with a certificate, a formal proof of the software’s correctness. Thus, the user only checks if the attached certificate shows correctness of the delivered software.

Recently, we introduced configurable program certification, a generic, PCC based framework supporting various software analyses and safety properties. Evaluation of our framework revealed that validation suffers from certificate reading. In this paper, we present two orthogonal approaches which improve certificate validation, both reducing the impact of certificate reading. The first approach reduces the certificate size, storing information only if it cannot easily be recomputed. The second approach partitions the certificate into independently checkable parts. The trick is to read parts of the certificate while already checking read parts. Our experiments show that validation highly benefits from our improvements.


Certificates Reading Untrusted Provider Configurable Program Analysis (CPA) Abstract Reachability Graph (ARG) CPAchecker 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Albert, E., Arenas, P., Puebla, G., Hermenegildo, M.V.: Reduced certificates for abstraction-carrying code. In: Etalle, S., Truszczyński, M. (eds.) ICLP 2006. LNCS, vol. 4079, pp. 163–178. Springer, Heidelberg (2006) CrossRefGoogle Scholar
  2. 2.
    Amme, W., Möller, M.A., Adler, P.: Data flow analysis as a general concept for the transport of verifiable program annotations. Theor. Comput. Sci. 176(3), 97–108 (2007). COCV 2006Google Scholar
  3. 3.
    Andreev, K., Räcke, H.: Balanced graph partitioning. In: SPAA 2004, pp. 120–124. ACM (2004)Google Scholar
  4. 4.
    Besson, F., Jensen, T., Pichardie, D.: Proof-carrying code from certified abstract interpretation and fixpoint compression. Theor. Comput. Sci. 364(3), 273–291 (2006). applied SemanticsCrossRefzbMATHMathSciNetGoogle Scholar
  5. 5.
    Besson, F., Jensen, T., Turpin, T.: Small witnesses for abstract interpretation-based proofs. In: De Nicola, R. (ed.) ESOP 2007 (ETAPS). LNCS, vol. 4421, pp. 268–283. Springer, Heidelberg (2007) CrossRefGoogle Scholar
  6. 6.
    Beyer, D.: Status report on software verification. In: Ábrahám, E., Havelund, K. (eds.) TACAS 2014 (ETAPS). LNCS, vol. 8413, pp. 373–388. Springer, Heidelberg (2014) CrossRefGoogle Scholar
  7. 7.
    Beyer, D., Henzinger, T.A., Théoduloz, G.: Configurable software verification: concretizing the convergence of model checking and program analysis. In: Damm, W., Hermanns, H. (eds.) CAV 2007. LNCS, vol. 4590, pp. 504–518. Springer, Heidelberg (2007) CrossRefGoogle Scholar
  8. 8.
    Beyer, D., Keremoglu, M.E.: CPAchecker: A tool for configurable software verification. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV 2011. LNCS, vol. 6806, pp. 184–190. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  9. 9.
    Beyer, D., Löwe, S., Novikov, E., Stahlbauer, A., Wendler, P.: Precision reuse for efficient regression verification. In: ESEC/FSE 2013, pp. 389–399. ACM (2013)Google Scholar
  10. 10.
    Brückner, I., Dräger, K., Finkbeiner, B., Wehrheim, H.: Slicing abstractions. In: Arbab, F., Sirjani, M. (eds.) FSEN 2007. LNCS, vol. 4767, pp. 17–32. Springer, Heidelberg (2007) CrossRefGoogle Scholar
  11. 11.
    Dräger, K., Kupriyanov, A., Finkbeiner, B., Wehrheim, H.: SLAB: a certifying model checker for infinite-state concurrent systems. In: Esparza, J., Majumdar, R. (eds.) TACAS 2010 (ETAPS). LNCS, vol. 6015, pp. 271–274. Springer, Heidelberg (2010) CrossRefGoogle Scholar
  12. 12.
    Jakobs, M.C., Wehrheim, H.: Certification for configurable program analysis. In: SPIN 2014, pp. 30–39. ACM (2014)Google Scholar
  13. 13.
    Necula, G., Lee, P.: Efficient representation and validation of proofs. In: LICS 1998, June 1998, pp. 93–104 (1998)Google Scholar
  14. 14.
    Necula, G.C.: Proof-carrying code. In: POPL 1997, pp. 106–119. ACM (1997)Google Scholar
  15. 15.
    Necula, G.C., Rahul, S.P.: Oracle-based checking of untrusted software. In: POPL 2001, pp. 142–154. ACM (2001)Google Scholar
  16. 16.
    Nielson, F., Nielson, H.R., Hankin, C.: Principles of Program Analysis. Springer, Heidelberg (2004) Google Scholar
  17. 17.
    Rose, E.: Lightweight bytecode verification. J. Autom. Reasoning 31(3–4), 303–334 (2003)CrossRefzbMATHGoogle Scholar
  18. 18.
    Seo, S., Yang, H., Yi, K., Han, T.: Goal-directed weakening of abstract interpretation results. TOPLAS 29(6), 1–39 (2007)CrossRefGoogle Scholar
  19. 19.
    Taleghani, A., Atlee, J.M.: Search-carrying code. In: ASE 2010, pp. 367–376. ACM (2010)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  1. 1.University of PaderbornPaderbornGermany

Personalised recommendations