Trustworthy Systems

Cogent: Uniqueness types and certifying compilation


Liam O'Connor, Zilin Chen, Christine Rizkallah, Vincent Jackson, Sidney Amani, Gerwin Klein, Toby Murray, Thomas Sewell and Gabriele Keller

    School of Computer Science and Engineering
    Sydney 2052, Australia


This paper presents a framework aimed at significantly reducing the cost of proving functional correctness for low-level operating systems components. The framework is designed around a new functional programming language, Cogent. A central aspect of the language is its uniqueness type system, which eliminates the need for a trusted runtime or garbage collector while still guaranteeing memory safety, a crucial property for safety and security. Moreover, it allows us to assign two semantics to the language: The first semantics is imperative, suitable for efficient C code generation, and the second is purely functional, providing a user-friendly interface for equational reasoning and verification of higher-level correctness properties. The refinement theorem connecting the two semantics allows the compiler to produce a proof via translation validation certifying the correctness of the generated C code with respect to the semantics of the Cogent source program. We have demonstrated the effectiveness of our framework for implementation and for verification through two file system implementations.

BibTeX Entry

    author           = {O’Connor, Liam and Chen, Zilin and Rizkallah, Christine and Jackson, Vincent and Amani, Sidney and
                        Klein, Gerwin and Murray, Toby and Sewell, Thomas and Keller, Gabriele},
    doi              = {10.1017/S095679682100023X},
    journal          = {Journal of Functional Programming},
    paperurl         = {},
    publisher        = {Cambridge University Press},
    title            = {{Cogent}: uniqueness types and certifying compilation},
    volume           = {31},
    year             = {2021}