The Science of Deep Specification

Name	Verified Software Toolchain
Logo
Home Page	`http://vst.cs.princeton.edu/`
Description	The Verified Software Toolchain is a toolchain for verifying C code inside the Coq proof assistant, in a higher-order concurrent, impredicative separation logic ("Verifiable C") that is provably sound w.r.t.~the Clight operational semantics of CompCert. Current work is focused on enhancing automation support ("Floyd"), particularly for well-synchronized concurrent programs executing on processors with weakly cache-coherent memory models, formally connecting the VST to other DeepSpec components (CertiKOS, CertiCoq, Vellum), and verifying high-assurance application components, including mailbox-style message delivery systems and cryptographic libraries.
Latest Results	During the first year of DeepSpec, we (1) worked towards proving soundness VST's concurrent separation logic w.r.t. relaxed memory models, (2) developed a new understanding of the semantic models underlying "classical" (or "malloc-free") and "intuitionistic" (or "garbage-collected") separation logic, (3) verified a new resilient mailbox protocol with low-level concurrency primitives. (4) The verification of cryptographic primitives led to additional improvements to VST's Floyd automation library.
Members	Andrew W. Appel Aquinas Hobor Jean-Marie Madiot Josiah Dodds Lennart Beringer Nick Giannarakis Qinxiang Cao Samuel Gruetter Santiago Cuellar Shengyi Wang William Mansky
Publications	Verifying an HTTP Key-Value Server with Interaction Trees and VST A verified messaging system Abstraction and Subsumption in Modular Verification of C Programs Abstraction and Subsumption in Modular Verification of C Programs [journal version] Bringing order to the separation logic jungle C-language floating-point proofs layered with VST and Flocq Certified Code Generation from CPS to C Certifying graph-manipulating C programs via localizations within data structures Compiler Correctness for Concurrency: from concurrent separation logic to shared-memory assembly language Concurrent Permission Machine for modular proofs of optimizing compilers with shared memory concurrency Connecting Higher-Order Separation Logic to a First-Order Outside World From C to Interaction Trees: Specifying, Verifying, and Testing a Networked Server Modular Verification for Computer Security Separation-Logic-based Program Verification in Coq VST-Floyd: A separation logic tool to verify correctness of C programs Verified Software Units Verified correctness and security of mbedTLS HMAC-DRBG Verified sequential malloc/free Verifying an HTTP Key-Value Server with Interaction Trees and VST