Self-composition to Prove Relational Properties in Annotated C Program
share
Deductive verification provides a powerful tool to show functional properties of a given program. However, in practice, many properties of interest link several program calls. This is for instance the case for non-interference, continuity and monotony. Other examples relate sequences of function calls, for instance to show that decrypting an encrypted message with the appropriate key gives back the original one message. Such properties cannot be expressed directly in the traditional setting used by modular deductive verification, but are amenable to verification through self-composition. This paper presents a verification tool dedicated to relational properties, in the form of a Frama-C plug-in called RPP and based on self-composition. It supports functions with side effects and recursive functions. Our initial experiments on existing benchmarks confirm that RPP is useful to prove relational properties.
READ FULL TEXT