Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
No Panic! Verification of Rust Programs by Symbolic Execution
Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Embedded Internet Systems Lab. Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.ORCID iD: 0000-0002-1791-535x
Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Embedded Internet Systems Lab. Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering, Computer Science.
2018 (English)Conference paper, Published paper (Refereed)
Abstract [en]

The Rust language stands out with a type system and underlying memory model targeting memory safety. The accompanying rustc compiler is typically able to statically prove the safety conditions and accept or reject input programs accordingly. However, e.g., cases of raw array indexing are in general out of reach for static analysis and promoted to runtime verification rendering executables with partial correctness guarantees (aborting with a panic on safety violations). For safety-critical applications, this requires proper panic handling, which is by itself a hard problem. Moreover, runtime verification may be undesirable for performance reasons and hence calling for stronger methods to static program analysis. In this paper, we take the approach of symbolic execution and propose a generic contract based verification process for programs written in Rust. For the verified properties (assertions), the program is both safe and panic free. Besides correctness, this implies further performance improvements as code for runtime verification can be safely dropped. We demonstrate the feasibility of the approach by adopting the KLEE symbolic execution engine to analyze LLVM bitcode extracted from Rust programs and libraries under verification and discuss its implications and limitations.

Place, publisher, year, edition, pages
Piscataway, NJ: IEEE, 2018. p. 108-114, article id 8471992
Series
IEEE International Conference on Industrial Informatics INDIN, ISSN 1935-4576, E-ISSN 2378-363X
National Category
Computer Sciences
Research subject
Dependable Communication and Computation Systems
Identifiers
URN: urn:nbn:se:ltu:diva-71249DOI: 10.1109/INDIN.2018.8471992ISI: 000450180200015Scopus ID: 2-s2.0-85055511267ISBN: 978-1-5386-4829-2 (electronic)ISBN: 978-1-5386-4830-8 (print)OAI: oai:DiVA.org:ltu-71249DiVA, id: diva2:1256728
Conference
16th International Conference on Industrial Informatics (INDIN), Porto, Portugal, 18-20 July 2018
Available from: 2018-10-17 Created: 2018-10-17 Last updated: 2019-02-27Bibliographically approved
In thesis
1. !secure(system) <=?=> !safe(system): On Security and Safety of Industrial Software Systems
Open this publication in new window or tab >>!secure(system) <=?=> !safe(system): On Security and Safety of Industrial Software Systems
2019 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

The focus of our research work is on readily accessible, embedded, real-time development with concurrency support. To this end, we develop the Real-Time For the Masses (RTFM) programming framework with a model of computation based on tasks and resources and that stipulates a timing semantics. Typically, hard real-time requirements are a characteristic of safety-critical applications. In contrast to runtime verification, such applications primarily require static assurances concerning safety and security attributes. This thesis discusses the building blocks for a statically analyzable programming paradigm for embedded real-time applications and its implementation. Svenska kraftnät funded the research presented in this thesis and set the scope to industrial automation. Consequently, we also investigate the applicability of our RTFM framework for scheduling and resource management for the runtime environments of industrial applications. We start by reviewing relevant and well-established industry standards to build background knowledge of the state-of-the-art safety and security requirements in software development. Special attention is placed on the IEC 61131 and IEC 61499 standards for industrial software development and their programming and execution model. We show the feasibility of using IEC 61499 as a holistic, distributed, and hierarchical model with mappings from the functional layer (IEC 61499 function block networks) and safety layer (PLCopen safety function blocks) to RTFM. We also demonstrate that our Rust-based RTFM implementation enables static verification for a myriad of safety and security attributes. Moreover, our investigations reveal a mutual dependency of safety and security in the context of software systems. For this reason, we believe and argue that safety and security cannot be considered independent during the design and implementation of safety-critical applications. Upon closer examination, we even conclude that safety and security are equivalent.

 

Place, publisher, year, edition, pages
Luleå: Luleå University of Technology, 2019
Series
Doctoral thesis / Luleå University of Technology 1 jan 1997 → …, ISSN 1402-1544
Keywords
embedded systems, hard real-time, concurrency, model of computation, safety-critical, safety, security, industrial automation, RTFM, real-time for the masses
National Category
Embedded Systems
Research subject
Embedded Systems
Identifiers
urn:nbn:se:ltu:diva-73059 (URN)978-91-7790-320-8 (ISBN)978-91-7790-321-5 (ISBN)
Public defence
2019-05-08, A3024, Luleå, 13:00 (English)
Opponent
Supervisors
Available from: 2019-03-01 Created: 2019-02-27 Last updated: 2019-09-26Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records BETA

Lindner, MarcusLindgren, Per

Search in DiVA

By author/editor
Lindner, MarcusAparicio, JorgeLindgren, Per
By organisation
Embedded Internet Systems LabComputer Science
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 192 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf