A Proof-Carrying Code Architecture for Java

  • Christopher Colby
  • Peter Lee
  • George C. Necula
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1855)


In earlier work, Necula and Lee developed proof-carrying code (PCC) [3,5],which is a mechanism for ensuring the safe behavior of programs. In PCC, a program contains both the code and an encoding of an easy-to-check proof. The validity of the proof, which can be automatically determined by a simple proof-checking program, implies that the code, when executed, will behave safely according to a user-supplied formal definition of safe behavior. Later, Necula and Lee demonstrated the concept of a certifying compiler [6,7].Certifying compilers promise to make PCC more practical by compiling high-level source programs into optimized PCC binaries completely automatically, as opposed to depending on semi-automatic theorem-proving techniques. Taken together, PCC and certifying compilers provide a possible solution to the code safety problem, even in applications involving mobile code [4].


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Harper, R., Honsell, F., Plotkin, G.: A framework for defining logics. Journal of the Association for Computing Machinery 40(1), 143–184 (1993)MATHMathSciNetGoogle Scholar
  2. 2.
    Leroy, X.: The ZINC experiment, an economical implementation of the ML language. Technical Report 117, INRIA (1990)Google Scholar
  3. 3.
    Necula, G., Lee, P.: Safe kernel extensions without run-time checking. In: Second Symposium on Operating Systems Design and Implementation, Seattle, October 1996, pp. 229–243 (1996)Google Scholar
  4. 4.
    Necula, G., Lee, P.: Safe, untrusted agents using proof-carrying code. In: Vigna, G. (ed.) Mobile Agents and Security. LNCS, vol. 1419, p. 61. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  5. 5.
    Necula, G.C.: Proof-carrying code. In: Jones, N.D. (ed.) Conference Record of the 24th Symposium on Principles of Programming Languages (POPL 1997), Paris, France, pp. 106–119. ACM Press, New York (1997)CrossRefGoogle Scholar
  6. 6.
    Necula, G.C.: Compiling with Proofs. PhD thesis, Carnegie Mellon University (October 1998); Available as Technical Report CMU-CS-98-154Google Scholar
  7. 7.
    Necula, G.C., Lee, P.: The design and implementation of a certifying compiler. In: Cooper, K.D. (ed.) Proceedings of the Conference on Programming Language Design and Implementation (PLDI 1998), Montreal, Canada, pp. 333–344. ACM Press, New York (1998)CrossRefGoogle Scholar
  8. 8.
    Necula, G.C., Rahul, S.P.: Oracle-based checking of untrusted soft-ware. Submitted to Programming Language Design and Implementation. In: PLDI 2000 (November 1999)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2000

Authors and Affiliations

  • Christopher Colby
    • 1
  • Peter Lee
    • 1
  • George C. Necula
    • 1
  1. 1.Cedilla Systems IncorporatedPittsburgh

Personalised recommendations