DeepAI AI Chat
Log In Sign Up

Sound Transpilation from Binary to Machine-Independent Code

by   Roberto Metere, et al.

In order to handle the complexity and heterogeneity of mod- ern instruction set architectures, analysis platforms share a common design, the adoption of hardware-independent intermediate representa- tions. The usage of these platforms to verify systems down to binary-level is appealing due to the high degree of automation they provide. How- ever, it introduces the need for trusting the correctness of the translation from binary code to intermediate language. Achieving a high degree of trust is challenging since this transpilation must handle (i) all the side effects of the instructions, (ii) multiple instruction encoding (e.g. ARM Thumb), and (iii) variable instruction length (e.g. Intel). We overcome these problems by formally modeling one of such intermediate languages in the interactive theorem prover HOL4 and by implementing a proof- producing transpiler. This tool translates ARMv8 programs to the in- termediate language and generates a HOL4 proof that demonstrates the correctness of the translation in the form of a simulation theorem. We also show how the transpiler theorems can be used to transfer properties verified on the intermediate language to the binary code.


page 1

page 2

page 3

page 4


TrABin: Trustworthy Analyses of Binaries

Verification of microkernels, device drivers, and crypto routines requir...

On Architecture to Architecture Mapping for Concurrency

Mapping programs from one architecture to another plays a key role in te...

Formalization of Quantum Intermediate Representations for Code Safety

Quantum Intermediate Representation (QIR) is a Microsoft-developed, LLVM...

On the complexity of the correctness problem for non-zeroness test instruction sequences

In this paper, we consider the programming of the function on bit string...

Metamath Zero: The Cartesian Theorem Prover

As the usage of theorem prover technology expands, so too does the relia...

Probabilistic verification of all languages

We present three protocols for verifying all languages: (i) For any unar...

Dynamic Binary Translation for SGX Enclaves

Enclaves, such as those enabled by Intel SGX, offer a hardware primitive...