Proj CMI Paper Reading: Ironclad Apps: End-to-End Security via Automated Full-System Verification

Abstract

本文：Ironclad
任务：允许用户将她的数据安全地传输到远程机器，并保证在该机器上执行的每条指令都遵循应用程序行为的正式抽象规范。
方法：

1. a set of new and modified tools, a collection of techniques and engineering disciplines, and a methodology focused on rapid development of verified systems software
2. complete, low-level软件验证提供保证

效果：这不仅消除了缓冲区溢出、解析错误或数据泄漏等实现漏洞；它告诉用户应用程序在任何时候将如何运行的信息。
实验：
数据集: SHA, HMAC, RSA，4个ironclad Apps
效果： We describe our methodology, formal results, and lessons we learned from building a full stack of verified software