Learn More
AVISPA is a pushbutton tool for the automated validation of Internet security-sensitive protocols and applications. It provides a modular and expressive formal language for specifying protocols and their security properties, and integrates different back-ends that implement a variety of state-of-the-art automatic analysis techniques. To the best of our(More)
In this article we present Bali, the formalization of a large (hitherto sequential) sublanguage of Java. We give its abstract syntax, type system, well-formedness conditions, and an operational evaluation semantics. Based on these deenitions, we can express soundness of the type system, an important design goal claimed to be reached by the designers of(More)
SUMMARY This article presents a Hoare-style calculus for a substantial subset of Java Card, which we call Java Ø. The Hoare logic of partial correctness is proved not only sound (w.r.t. our operational semantics of Java Ø , described in detail elsewhere) but even complete. It is the first logic for an object-oriented language that is provably complete. The(More)
This paper introduces ASLan++, the AVANTSSAR Specification Language. ASLan++ has been designed for formally specifying dynamically composed security-sensitive web services and service-oriented architectures, their associated security policies, as well as their security properties, at both communication and application level. We introduce the main concepts(More)
We define NanoJava, a kernel of Java tailored to the investigation of Hoare logics. We then introduce a Hoare logic for this language featuring an elegant approach for expressing auxiliary variables: by universal quantification on the outer logical level. Furthermore, we give simple means of handling side-effecting expressions and dynamic binding within(More)
We present a (the rst?) sound and relatively complete Hoare logic for a simple imperative programming language including mutually recursive procedures with call-by-value parameters as well as global and local variables. For such a language we formalize an operational and an axiomatic semantics of partial correctness and prove their equivalence. Global and(More)
[Abstract] The numerous benefits of enabling commercial airplanes to communicate over networks are only obtained at the price of introducing security threats to onboard systems. A primary threat arises from the opportunity for corruption of safety-critical and business-critical airplane loadable software distributed via networks from off-board systems. The(More)
HOLCF is the deenitional extension of Church's Higher-Order Logic with Scott's Logic for Computable Functions that has been implemented in the theorem prover Isabelle. This results in a exible setup for reasoning about functional programs. HOLCF supports standard domain theory (in particular xpoint reasoning and recursive domain equations) but also(More)