Resource Usage Verification

Marriott, Kim; Stuckey, Peter J.; Sulzmann, Martin

doi:10.1007/978-3-540-40018-9_15

Kim Marriott⁵,
Peter J. Stuckey⁶ &
Martin Sulzmann⁷

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2895))

Included in the following conference series:

Asian Symposium on Programming Languages and Systems

286 Accesses
19 Citations

Abstract

We investigate how to automatically verify that resources such as files are not used improperly or unsafely by a program. We employ a mixture of compile-time analysis and run-time testing to verify that a program conforms to a resource usage policy specified by a deterministic finite state automata (DFA) which details allowed sequences of operations on resources. Our approach has four main phases. The first is to generate a context-free grammar which safely approximates the resource usage behaviour of the program. This, rather than the original program, is analysed in subsequent phases. The second phase checks whether the grammar satisfies the resource usage policy and, if not, where the problems arise. The third phase determines where to place a minimal set of run-time tests and the fourth determines how to instrument the program to compute the state information required for the tests.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Talpin, J., Jouvelot, P.: The type and effect discipline. In: Proc. of LICS 1992, pp. 162–173. IEEE, Los Alamitos (1992)
Google Scholar
Marriott, K., Stuckey, P., Sulzmann, M.: Resource usage verification. Technical report, University of Melbourne (2003), http://www.cs.mu.oz.au/~pjs/ruv.ps.gz
Sudkamp, T.: Languages and Machines. Addison-Wesley, Reading (1988)
Google Scholar
Schneider, F.B.: Enforceable security policies. Information and System Security 3, 30–50 (2000)
Article Google Scholar
Cousot, P., Cousot, R.: Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: Proc. of POPL 1977, pp. 238–252. ACM, New York (1977)
Google Scholar
Colcombet, T., Fradet, P.: Enforcing trace properties by program transformation. In: Proc. of POPL 2000, pp. 54–66. ACM, New York (2000)
Google Scholar
DeLine, R., Fähndrich, M.: Enforcing high-level protocols in low-level software. In: Proc. of PLDI 2001, pp. 59–69. ACM, New York (2001)
Google Scholar
Grossman, D., Morrisett, G., Jim, T., Hicks, M., Wang, Y., Cheney, J.: Region-based memory management in cyclone. In: Proc. of PLDI 2001, pp. 282–293. ACM, New York (2001)
Google Scholar
Tan, G., Ou, X., Walker, D.: Resource usage analysis via scoped methods. In: Foundations of Object-Oriented Languages, FOOL’10 (2003)
Google Scholar
Igarashi, A., Kobayashi, N.: Resource usage analysis. In: Proc. of POPL 2002, pp. 331–342. ACM, New York (2002)
Google Scholar
Foster, J.S., Terauchi, T., Aiken, A.: Flow-sensitive type qualifiers. In: Proc. of PLDI 2002, pp. 1–12. ACM, New York (2002)
Google Scholar
Hallem, S., Chelf, B., Xie, Y., Engler, D.: A system and language for building system-specific, static analyses. In: Proc. of PLDI 2002, pp. 69–82. ACM, New York (2002)
Google Scholar
Das, M., Lerner, S., Seigle, M.: ESP: path-sensitive program verification in polynomial time. In: Proc. of PLDI 2002, pp. 57–68. ACM, New York (2002)
Google Scholar
Chen, H., Wagner, D.: Mops: an infrastructure for examining security properties of software. In: Proc. of CCS 2002, pp. 235–244 (2002)
Google Scholar
Erlingsson, U., Schneider, F.B.: SASI enforcement of security policies: A retrospective. In: Proc. of the 1999 New Security Paradigm Workshop (1999)
Google Scholar
Walker, D.: A type system for expressive security policies. In: Proc. of POPL 2000, pp. 254–267. ACM, New York (2000)
Google Scholar
Thiemann, P.: Enforcing safety properties using type specialization. In: Sands, D. (ed.) ESOP 2001. LNCS, vol. 2028, p. 62. Springer, Heidelberg (2001)
Chapter Google Scholar

Download references

Author information

Authors and Affiliations

School of Computer Science and Software Engineering, Monash University, Vic., 3800, Australia
Kim Marriott
Department of Computer Science and Software Engineering, The University of Melbourne, Vic., 3010, Australia
Peter J. Stuckey
School of Computing, National University of Singapore, S16 Level 5, 3 Science Drive 2, Singapore, 117543
Martin Sulzmann

Authors

Kim Marriott
View author publications
You can also search for this author in PubMed Google Scholar
Peter J. Stuckey
View author publications
You can also search for this author in PubMed Google Scholar
Martin Sulzmann
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

School of Information Science, Japan Advanced Institute of Science and Technology, Tatsunokuchi, Ishikawa, Japan
Atsushi Ohori

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Marriott, K., Stuckey, P.J., Sulzmann, M. (2003). Resource Usage Verification. In: Ohori, A. (eds) Programming Languages and Systems. APLAS 2003. Lecture Notes in Computer Science, vol 2895. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-40018-9_15

Download citation

DOI: https://doi.org/10.1007/978-3-540-40018-9_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20536-4
Online ISBN: 978-3-540-40018-9
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics