Trustworthy Systems

On the synthesis of proof-carrying temporal reference monitors


Simon Winwood, Gerwin Klein and Manuel Chakravarty

NICTA, Sydney, Australia
UNSW, Australia


We extend the range of security policies that can be guaranteed with proof carrying code from the classical type safety, control safety, memory safety, and space/time guarantees to more general security policies, such as general resource and access control. We do so by means of (1) a specification logic for security policies, which is the past-time fragment of LTL, and (2) a synthesis algorithm generating reference monitor code and accompanying proof objects from formulae of the specification logic. To evaluate the feasibility of our approach, we developed a prototype implementation producing proofs in Isabelle/HOL.

BibTeX Entry

    address          = {Venice, Italy},
    author           = {Simon Winwood and Gerwin Klein and Manuel Chakravarty},
    booktitle        = {Proceedings of the 16th International Symposium on Logic-Based Program Synthesis and Transformation},
    isbn             = {3-540-71409-X},
    pages            = {111--126},
    paperurl         = {},
    publisher        = {Springer},
    series           = {Lecture Notes in Computer Science},
    title            = {On the Synthesis of Proof-Carrying Temporal Reference Monitors},
    volume           = {4407},
    year             = {2006}