Mobile Resource Guarantees for Smart Devices

  • David Aspinall
  • Stephen Gilmore
  • Martin Hofmann
  • Donald Sannella
  • Ian Stark
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3362)


We present the Mobile Resource Guarantees framework: a system for ensuring that downloaded programs are free from run-time violations of resource bounds. Certificates are attached to code in the form of efficiently checkable proofs of resource bounds; in contrast to cryptographic certificates of code origin, these are independent of trust networks. A novel programming language with resource constraints encoded in function types is used to streamline the generation of proofs of resource usage.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Appel, A.: Foundational proof-carrying code. In: Proceedings of LICS 2001, pp. 247–256. IEEE Computer Society Press, Los Alamitos (2001)Google Scholar
  2. 2.
    Appel, A.W.: Compiling with Continuations. Cambridge University Press, Cambridge (1992)Google Scholar
  3. 3.
    Appel, A.W.: SSA is functional programming. ACM SIGPLAN Notices 33(4), 17–20 (1998)CrossRefMathSciNetGoogle Scholar
  4. 4.
    Aspinall, D., Beringer, L., Hofmann, M., Loidl, H.-W., Momigliano, A.: A program logic for resource verification. In: Slind, K., Bunker, A., Gopalakrishnan, G.C. (eds.) TPHOLs 2004. LNCS, vol. 3223, pp. 34–49. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  5. 5.
    Aspinall, D., Compagnoni, A.: Heap bounded assembly language. Journal of Automated Reasoning 31(3-4), 261–302 (2003)MATHCrossRefGoogle Scholar
  6. 6.
    Aspinall, D., Hofmann, M.: Another type system for in-place update. In: Le Métayer, D. (ed.) ESOP 2002. LNCS, vol. 2305, pp. 36–52. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  7. 7.
    Augustsson, L.: Cayenne - a language with dependent types. In: International Conference on Functional Programming, pp. 239–250 (1998)Google Scholar
  8. 8.
    Beringer, L., Hofmann, M., Momigliano, A., Shkaravska, O.: Towards certificate generation for linear heap consumption. In: Proceedings of the ICALP/LICS Workshop on Logics for Resources, Processes, and Programs, LRPP 2004 (2004)Google Scholar
  9. 9.
    Beringer, L., MacKenzie, K., Stark, I.: Grail: a functional form for imperative mobile code. In: Foundations of Global Computing: Proceedings of the 2nd EATCS Workshop, number 85.1 in Electronic Notes in Theoretical Computer Science. Elsevier, Amsterdam (June 2003)Google Scholar
  10. 10.
    Colby, C., Lee, P., Necula, G.C., Blau, F., Cline, K., Plesko, M.: A certifying compiler for Java. In: Proceedings of the 2000 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 2000), Vancouver, Canada (2000)Google Scholar
  11. 11.
    Flanagan, C., Sabry, A., Duba, B.F., Felleisen, M.: The essence of compiling with continuations. In: Proc. PDLI 1993, ACM SIGPLAN Notices, vol. 28(6), pp. 237–247 (1993)Google Scholar
  12. 12.
    Flanagan, C., Sabry, A., Duba, B.F., Felleisen, M.: Retrospective on “The essence of compiling with continuations”. In: 20 Years of the ACM SIGPLAN Conference on Programming Language Design and Implementation (1979-1999): A Selection. ACM Press, New York (2003)Google Scholar
  13. 13.
    Foster, I., Kesselman, C., Lee, C., Lindell, R., Nahrstedt, K., Roy, A.: A distributed resource management architecture that supports advance reservations and co-allocation. In: Proceedings of the IEEE/IFIP 7th International Workshop on Quality of Service (1999)Google Scholar
  14. 14.
    Hofmann, M.: A type system for bounded space and functional in-place update. Nordic Journal of Computing 7(4), 258–289 (2000)MATHMathSciNetGoogle Scholar
  15. 15.
    Hofmann, M.: Linear types and non size-increasing polynomial time computation. Information and Computation 183, 57–85 (2003)MATHCrossRefMathSciNetGoogle Scholar
  16. 16.
    Hofmann, M., Jost, S.: Static prediction of heap space usage for first-order functional programs. In: Proceedings of the 30th ACM Symposium on Principles of Programming Languages, New Orleans (2003)Google Scholar
  17. 17.
    Jost, S.: lfd_infer: an implementation of a static inference on heap space usage. In: Proceedings of Second Workshop on Semantics, Program Analysis and Computing Environments for Memory Management, SPACE 2004 (2004)Google Scholar
  18. 18.
    Kleymann, T.: Hoare Logic and VDM: Machine-Checked Soundness and Completeness Proofs. PhD thesis, LFCS, University of Edinburgh (1999)Google Scholar
  19. 19.
    League, C., Trifonov, V., Shao, Z.: Functional Java bytecode. In: Proc. 5th SCI World Multiconference, Workshop on Intermediate Representation Engineering for the Java Virtual Machine. Internat. Inst. of Informatics and Systemics (July 2001)Google Scholar
  20. 20.
    Leavens, G., Leino, R., Poll, E., Ruby, C., Jacobs, B.: JML: notations and tools supporting detailed design in Java. In: OOPSLA 2000 Companion, pp. 105–106 (2000)Google Scholar
  21. 21.
    Leroy, X.: Bytecode verification on Java smart cards. Software Practice & Experience 32, 319–340 (2002)MATHCrossRefGoogle Scholar
  22. 22.
    Lindholm, T., Yellin, F.: The Java Virtual Machine Specification. The Java Series. Addison-Wesley, Reading (January 1997)Google Scholar
  23. 23.
    MacKenzie, K., Wolverson, N.: Camelot and Grail: resource-aware functional programming for the JVM. In: Trends in Functional Programming, vol. 4, pp. 29–46 (2004) (Intellect)Google Scholar
  24. 24.
    Microsoft. Overview of the .NET framework. .NET Framework Developer’s Guide,
  25. 25.
    Morrisett, G., Walker, D., Crary, K., Glew, N.: From System F to typed assembly language. ACM Transactions on Programming Languages and Systems 21(3), 528–569 (1999)CrossRefGoogle Scholar
  26. 26.
    Necula, G.: Proof-carrying code. In: Proceedings of the ACM Symposium on Principles of Programming Languages (1997)Google Scholar
  27. 27.
    Nipkow, T.: Hoare logics for recursive procedures and unbounded nondeterminism. In: Bradfield, J.C. (ed.) CSL 2002 and EACSL 2002. LNCS, vol. 2471, pp. 103–119. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  28. 28.
    Nipkow, T., Paulson, L., Wenzel, M.: Isabelle/HOL: A Proof Assistant for Higher-Order Logic. In: Nipkow, T., Paulson, L.C., Wenzel, M.T. (eds.) Isabelle/HOL. LNCS, vol. 2283. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  29. 29.
    O’Caml Web site. The O’Caml Language,
  30. 30.
    Prowse, M.: Proving Grail resource bounds. University of Edinburgh (May 2003)Google Scholar
  31. 31.
    Reynolds, J.: Separation logic: A logic for shared mutable data structures. In: LICS 2002: Proceedings of the Seventeenth Annual IEEE Symposium on Logic in Computer Science, pp. 55–74 (2002)Google Scholar
  32. 32.
    Shaylor, N., Simon, D.N., Bush, W.R.: A Java virtual machine architecture for very small devices. In: Language, Compiler, and Tool Support for Embedded Systems: Proceedings of LCTES 2003, ACM SIGPLAN Notices, vol. 38(7), pp. 31–41 (July 2003)Google Scholar
  33. 33.
    Sun Microsystems. Java Card 2.2 Platform Specification (2003), available online at,
  34. 34.
    Wand, M.: Correctness of procedure representations in higher-order assembly language. In: Proc. MFPS 1991. LNCS, vol. 298, pp. 294–311. Springer, Heidelberg (1992)Google Scholar
  35. 35.
    Wolverson, N.: Optimisation and resource bounds in Camelot compilation. Laboratory for Foundations of Computer Science, University of Edinburgh (2003)Google Scholar
  36. 36.
    Wolverson, N., MacKenzie, K.: O’Camelot: Adding objects to a resource aware functional language. In: Trends in Functional Programming, vol. 4, pp. 47–62 (2004) (Intellect)Google Scholar
  37. 37.
    Xi, H., Pfenning, F.: Dependent types in practical programming. In: Proceedings of the 26th ACM SIGPLAN Symposium on Principles of Programming Languages, San Antonio, pp. 214–227 (January 1999)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • David Aspinall
    • 1
  • Stephen Gilmore
    • 1
  • Martin Hofmann
    • 2
  • Donald Sannella
    • 1
  • Ian Stark
    • 1
  1. 1.Laboratory for Foundations of Computer Science, School of InformaticsThe University of Edinburgh 
  2. 2.Lehr- und Forschungseinheit für Theoretische Informatik, Institut für InformatikLudwig-Maximilians-UniversitätMünchen

Personalised recommendations