Relational Verification Using Product Programs

  • Gilles Barthe
  • Juan Manuel Crespo
  • César Kunz
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6664)


Relational program logics are formalisms for specifying and verifying properties about two programs or two runs of the same program. These properties range from correctness of compiler optimizations or equivalence between two implementations of an abstract data type, to properties like non-interference or determinism. Yet the current technology for relational verification remains underdeveloped. We provide a general notion of product program that supports a direct reduction of relational verification to standard verification. We illustrate the benefits of our method with selected examples, including non-interference, standard loop optimizations, and a state-of-the-art optimization for incremental computation. All examples have been verified using the Why tool.


Program Logic Loop Iteration Proof Obligation Product Program Product Construction 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Barrett, C.W., Fang, Y., Goldberg, B., Hu, Y., Pnueli, A., Zuck, L.D.: TVOC: A translation validator for optimizing compilers. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 291–295. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  2. 2.
    Barthe, G., D’Argenio, P., Rezk, T.: Secure Information Flow by Self-Composition. In: Foccardi, R. (ed.) Computer Security Foundations Workshop, pp. 100–114. IEEE Press, Los Alamitos (2004)Google Scholar
  3. 3.
    Barthe, G., Grégoire, B., Zanella Béguelin, S.: Formal certification of code-based cryptographic proofs. In: Shao, Z., Pierce, B.C. (eds.) Principles of Programming Languages, pp. 90–101. ACM Press, New York (2009)Google Scholar
  4. 4.
    Benton, N.: Simple relational correctness proofs for static analyses and program transformations. In: Jones, N.D., Leroy, X. (eds.) Principles of Programming Languages, pp. 14–25. ACM Press, New York (2004)Google Scholar
  5. 5.
    Burnim, J., Sen, K.: Asserting and checking determinism for multithreaded programs. Communications of the ACM 53(6), 97–105 (2010)CrossRefGoogle Scholar
  6. 6.
    Chaudhuri, S., Gulwani, S., Lublinerman, R.: Continuity analysis of programs. In: Principles of Programming Languages, pp. 57–70 (2010)Google Scholar
  7. 7.
    Clarkson, M.R., Schneider, F.B.: Hyperproperties. In: Computer Security Foundations Symposium, pp. 51–65 (2008)Google Scholar
  8. 8.
    Darvas, A., Hähnle, R., Sands, D.: A theorem proving approach to analysis of secure information flow. In: Hutter, D., Ullmann, M. (eds.) SPC 2005. LNCS, vol. 3450, pp. 193–209. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  9. 9.
    Dufay, G., Felty, A.P., Matwin, S.: Privacy-sensitive information flow with JML. In: Nieuwenhuis, R. (ed.) CADE 2005. LNCS (LNAI), vol. 3632, pp. 116–130. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  10. 10.
    Godlin, B., Strichman, O.: Regression verification. In: Design Meets Automation, pp. 466–471. ACM Press, New York (2009)Google Scholar
  11. 11.
    Goldberg, B., Zuck, L.D., Barrett, C.W.: Into the loops: Practical issues in translation validation for optimizing compilers. Electr. Notes Theor. Comput. Sci. 132(1), 53–71 (2005)CrossRefGoogle Scholar
  12. 12.
    Goldreich, O.: Foundations of Cryptography. Cambridge University Press, Cambridge (2004)CrossRefzbMATHGoogle Scholar
  13. 13.
    Kundu, S., Tatlock, Z., Lerner, S.: Proving optimizations correct using parameterized program equivalence. In: Programming Languages Design and Implementation, pp. 327–337 (2009)Google Scholar
  14. 14.
    Liu, Y.A., Stoller, S.D., Teitelbaum, T.: Static caching for incremental computation. ACM Transactions on Programming Languages and Systems 20(3), 546–585 (1998)CrossRefGoogle Scholar
  15. 15.
    Naumann, D.A.: From coupling relations to mated invariants for checking information flow. In: Gollmann, D., Meier, J., Sabelfeld, A. (eds.) ESORICS 2006. LNCS, vol. 4189, pp. 279–296. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  16. 16.
    Necula, G.C.: Translation validation for an optimizing compiler. ACM SIGPLAN Notices 35(5), 83–94 (2000)CrossRefGoogle Scholar
  17. 17.
    Pnueli, A., Singerman, E., Siegel, M.: Translation validation. In: Steffen, B. (ed.) TACAS 1998. LNCS, vol. 1384, pp. 151–166. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  18. 18.
    Reed, J., Pierce, B.C.: Distance makes the types grow stronger: a calculus for differential privacy. In: Hudak, P., Weirich, S. (eds.) ICFP, pp. 157–168. ACM, New York (2010)Google Scholar
  19. 19.
    Terauchi, T., Aiken, A.: Secure information flow as a safety problem. In: Hankin, C., Siveroni, I. (eds.) SAS 2005. LNCS, vol. 3672, pp. 352–367. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  20. 20.
    Yang, H.: Relational separation logic. Theoretical Computer Science 375(1-3), 308–334 (2007)MathSciNetCrossRefzbMATHGoogle Scholar
  21. 21.
    Zaks, A., Pnueli, A.: CoVaC: Compiler validation by program analysis of the cross-product. In: Cuellar, J., Sere, K. (eds.) FM 2008. LNCS, vol. 5014, pp. 35–51. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  22. 22.
    Zuck, L.D., Pnueli, A., Goldberg, B.: Voc: A methodology for the translation validation of optimizing compilers. J. UCS 9(3), 223–247 (2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Gilles Barthe
    • 1
  • Juan Manuel Crespo
    • 1
  • César Kunz
    • 1
    • 2
  1. 1.IMDEA Software InstituteSpain
  2. 2.Universidad Politécnica de MadridSpain

Personalised recommendations