ABSTRACT
Energy, Time and Security (ETS) properties of programs are becoming increasingly prioritised by developers, especially where applications are running on ETS sensitive systems, such as embedded devices or the Internet of Things. Moreover, developers currently lack tools and language properties to allow them to reason about ETS. In this paper, we introduce a new contract specification framework, called Drive, which allows a developer to reason about ETS or other non-functional properties of their programs as first-class properties of the language. Furthermore, we introduce a contract specification language, allowing developers to reason about these first-class ETS properties by expressing contracts that are proved correct by an underlying formal type system. Finally, we show our contract framework over a number of representable examples, demonstrating provable worst-case ETS properties.
- Xc specification ver. 1.0 (x5965a) (2011), https://www.xmos.com/developer/xc-specificationGoogle Scholar
- Albert, E., Arenas, P., Puebla, G., Hermenegildo, M.V.: Certificate size reduction in abstraction-carrying code. TPLP 12(3), 283--318 (2012)Google ScholarDigital Library
- Andrei, A., Eles, P., Jovanovic, O., Schmitz, M.T., Ogniewski, J., Peng, Z.: Quasi-static voltage scaling for energy minimization with time constraints. IEEE Trans. VLSI Syst. 19(1), 10--23 (2011)Google ScholarDigital Library
- Bell, D.E., La Padula, L.J.: Secure computer system: Unified exposition and multics interpretation. In: Tech report ESD-TR-75-306. pp. 1--133. Mitre Corp, Bedford, Ma. (1976)Google Scholar
- Brady, E.C.: Idris --: Systems programming meets full dependent types. In: Proceedings of the 5th ACM Workshop on Programming Languages Meets Program Verification. pp. 43--54. PLPV '11, ACM, New York, NY, USA (2011). https://doi.org/10.1145/1929529.1929536, http://doi.acm.org/10.1145/1929529.1929536Google ScholarDigital Library
- Chen, H., Tiu, A., Xu, Z., Liu, Y.: A permission-dependent type system for secure information flow analysis. In: CSF. pp. 218--232. IEEE Computer Society (2018)Google Scholar
- Chin, W., Khoo, S.: Calculating sized types. Higher-Order and Symbolic Computation 14(2-3), 261--300 (2001). https://doi.org/10.1023/A:1012996816178, https://doi.org/10.1023/A:1012996816178Google ScholarDigital Library
- Çiçek, E., Garg, D., Acar, U.A.: Refinement types for incremental computational complexity. In: Programming Languages and Systems - 24th European Symposium on Programming, ESOP 2015, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2015, London, UK, April 11-18, 2015. Proceedings. pp. 406--431 (2015). https://doi.org/10.1007/978-3-662-46669-8_17, https://doi.org/10.1007/978-3-662-46669-8_17Google Scholar
- Clark, D.D., Wilson, D.R.: A comparison of commercial and military computer security policies. In: 1987 IEEE Symposium on Security and Privacy. pp. 184--184 (April 1987). https://doi.org/10.1109/SP.1987.10001Google ScholarCross Ref
- Cousot, P., Cousot, R.: Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: Conference Record of the Fourth ACM Symposium on Principles of Programming Languages, Los Angeles, California, USA, January 1977. pp. 238--252 (1977). https://doi.org/10.1145/512950.512973, https://doi.org/10.1145/512950.512973Google ScholarDigital Library
- David, H., Gorbatov, E., Hanebutte, U.R., Khanna, R., Le, C.: Rapl: Memory power estimation and capping. In: Proceedings of the 16th ACM/IEEE International Symposium on Low Power Electronics and Design. pp. 189--194. ISLPED '10, ACM, New York, NY, USA (2010). https://doi.org/10.1145/1840845.1840883, http://doi.acm.org/10.1145/1840845.1840883Google ScholarDigital Library
- Di Pirro, M., Conti, M., Lazzeretti, R.: Ensuring information security by using haskell's advanced type system. In: 2017 International Carnahan Conference on Security Technology (ICCST). pp. 1--6 (Oct 2017). https://doi.org/10.1109/CCST.2017.8167844Google ScholarCross Ref
- Falk, H., Lokuciejewski, P.: A compiler framework for the reduction of worst-case execution times. Real-Time Systems 46(2), 251--300 (Oct 2010). https://doi.org/10.1007/s11241-010-9101-x, https://doi.org/10.1007/s11241-010-9101-xGoogle ScholarDigital Library
- Falk, H., Lokuciejewski, P.: A compiler framework for the reduction of worst-case execution times. Real-Time Systems 46(2), 251--300 (2010)Google ScholarDigital Library
- Focardi, R., Martinelli, F.: A uniform approach for the definition of security properties. In: Wing, J.M., Woodcock, J., Davies, J. (eds.) FM'99 -- Formal Methods. pp. 794--813. Springer Berlin Heidelberg, Berlin, Heidelberg(1999)Google Scholar
- Georgiou, K., Kerrison, S., Chamski, Z., Eder, K.: Energy transparency for deeply embedded programs. TACO 14(1), 8:1--8.26 (2017)Google ScholarDigital Library
- Goguen, J.A., Meseguer, J.: Security policies and security models. In: 1982 IEEE Symposium on Security and Privacy. pp. 11--11 (April 1982). https://doi.org/10.1109/SP.1982.10014Google ScholarCross Ref
- Gosling, J., Joy, B., Steele, G.L., Bracha, G., Buckley, A.: The Java Language Specification, Java SE 8 Edition. Addison-Wesley Professional, 1st edn. (2014)Google Scholar
- Gulwani, S., Mehra, K.K., Chilimbi, T.M.: SPEED: precise and efficient static estimation of program computational complexity. In: Proceedings of the 36th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2009, Savannah, GA, USA, January 21-23, 2009. pp. 127--139 (2009). https://doi.org/10.1145/1480881.1480898, https://doi.org/10.1145/1480881.1480898Google ScholarDigital Library
- Hermenegildo, M.V., Puebla, G., Bueno, F., López-García, P.: Integrated program debugging, verification, and optimization using abstract interpretation (and the ciao system preprocessor). Sci. Comput. Program. 58(1-2), 115--140 (2005). https://doi.org/10.1016/j.scico.2005.02.006, https://doi.org/10.1016/j.scico.2005.02.006Google ScholarDigital Library
- Hoffmann, J., Aehlig, K., Hofmann, M.: Multivariate amortized resource analysis. ACM Trans. Program. Lang. Syst. 34(3), 14:1--14.62 (2012). https://doi.org/10.1145/2362389.2362393, https://doi.org/10.1145/2362389.2362393Google ScholarDigital Library
- Hughes, J., Pareto, L.: Recursion and dynamic data-structures in bounded space: Towards embedded ML programming. In: Proceedings of the fourth ACM SIGPLAN International Conference on Functional Programming (ICFP '99), Paris, France, September 27-29, 1999. pp. 70--81 (1999). https://doi.org/10.1145/317636.317785, https://doi.org/10.1145/317636.317785Google ScholarDigital Library
- Hutton, G.: Programming in Haskell. Cambridge University Press, New York, NY, USA (2007)Google Scholar
- Joye, M., Yen, S.M.: The montgomery powering ladder. In: Kaliski, B.S., Koç, ç.K., Paar, C. (eds.) Cryptographic Hardware and Embedded Systems - CHES 2002. pp. 291--302. Springer Berlin Heidelberg, Berlin, Heidelberg (2003)Google Scholar
- Kästner, D., Pister, M., Wegener, S., Ferdinand, C.: TimeWeaver: A Tool for Hybrid Worst-Case Execution Time Analysis. In: Altmeyer, S. (ed.) 19th International Workshop on Worst-Case Execution Time Analysis (WCET 2019). OpenAccess Series in Informatics (OASIcs), vol. 72, pp. 1:1--1.11. Schloss Dagstuhl-Leibniz-Zentrum fuer Informatik, Dagstuhl, Germany (2019). https://doi.org/10.4230/OASIcs.WCET.2019.1, http://drops.dagstuhl.de/opus/volltexte/2019/10766Google Scholar
- Kerrison, S., Eder, K.: Energy modeling of software for a hardware multithreaded embedded microprocessor. ACM Trans. Embedded Comput. Syst. 14(3), 56:1--56:25 (2015)Google ScholarDigital Library
- Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) Advances in Cryptology -- CRYPTO' 99. pp. 388--397. Springer Berlin Heidelberg, Berlin, Heidelberg (1999)Google Scholar
- Kocher, P.C.: Timing attacks on implementations of diffie-hellman, rsa, dss, and other systems. In: Koblitz, N. (ed.) Advances in Cryptology -- CRYPTO '96. pp. 104--113. Springer Berlin Heidelberg, Berlin, Heidelberg (1996)Google Scholar
- Kumar, R., Rensink, A., Stoelinga, M.: Locks: A property specification language for security goals. In: Proceedings of the 33rd Annual ACM Symposium on Applied Computing. pp. 1907--1915. SAC '18, ACM, New York, NY, USA (2018). https://doi.org/10.1145/3167132.3167336, http://doi.acm.org/10.1145/3167132.3167336Google ScholarDigital Library
- Lago, U.D., Petit, B.: The geometry of types. In: The 40th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL '13, Rome, Italy - January 23-25, 2013. pp. 167--178 (2013). https://doi.org/10.1145/2429069.2429090, https://doi.org/10.1145/2429069.2429090Google ScholarDigital Library
- Li, Y.S., Malik, S.: Performance analysis of embedded software using implicit path enumeration. IEEE Trans. on CAD of Integrated Circuits and Systems 16(12), 1477--1487 (1997)Google ScholarDigital Library
- Liqat, U., Kerrison, S., Serrano, A., Georgiou, K., López-García, P., Grech, N., Hermenegildo, M.V., Eder, K.: Energy consumption analysis of programs based on XMOS isa-level models. In: LOPSTR. Lecture Notes in Computer Science, vol. 8901, pp. 72--90. Springer (2013)Google Scholar
- López-García, P., Darmawan, L., Klemen, M., Liqat, U., Bueno, F., Hermenegildo, M.V.: Interval-based resource usage verification by translation into horn clauses and an application to energy consumption. TPLP 18(2), 167--223 (2018). https://doi.org/10.1017/S1471068418000042, https://doi.org/10.1017/S1471068418000042Google ScholarCross Ref
- Morse, J., Kerrison, S., Eder, K.: On the limitations of analysing worst-case dynamic energy of processing. ACM Transactions on Embedded Computing Systems 17(3) (2 2018). https://doi.org/10.1145/3173042Google ScholarDigital Library
- Necula, G.C.: Proof-carrying code. In: Conference Record of POPL'97: The 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, Papers Presented at the Symposium, Paris, France, 15-17 January 1997. pp. 106--119 (1997). https://doi.org/10.1145/263699.263712, https://doi.org/10.1145/263699.263712Google ScholarDigital Library
- Núñez-Yáñez, J.L., Lore, G.: Enabling accurate modeling of power and energy consumption in an arm-based system-on-chip. Microprocessors and Microsystems-Embedded Hardware Design 37(3), 319--332 (2013)Google ScholarCross Ref
- Pallister, J., Hollis, S.J., Bennett, J.: BEEBS: open benchmarks for energy measurements on embedded platforms. CoRR abs/1308.5174 (2013), http://arxiv.org/abs/1308.5174Google Scholar
- Reparaz, O., Balasch, J., Verbauwhede, I.: Dude, is my code constant time? In: Design, Automation Test in Europe Conference Exhibition (DATE), 2017. pp. 1697--1702 (March 2017). https://doi.org/10.23919/DATE.2017.7927267Google ScholarCross Ref
- Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 21(2), 120--126 (1978)Google ScholarDigital Library
- Ryan, P.Y.: Mathematical models of computer security. In: International School on Foundations of Security Analysis and Design. pp. 1--62. Springer (2000)Google Scholar
- Serrano, A., López-García, P., Hermenegildo, M.V.: Resource usage analysis of logic programs via abstract interpretation using sized types. TPLP 14(4-5), 739--754 (2014). https://doi.org/10.1017/S147106841400057X, https://doi.org/10.1017/S147106841400057XGoogle ScholarCross Ref
- Shao, Y.S., Brooks, D.M.: Energy characterization and instruction-level energy model of intel's xeon phi processor. In: ISLPED. pp. 389--394. IEEE (2013)Google Scholar
- Slama, F.: Automatic generation of proof terms in dependently typed programming languages. Ph.D. thesis, University of St Andrews (2018)Google Scholar
- Slama, F., Brady, E.: Automatically proving equivalence by type-safe reflection. In: Intelligent Computer Mathematics - 10th International Conference, CICM 2017, Edinburgh, UK, July 17-21, 2017, Proceedings. pp. 40--55 (2017). https://doi.org/10.1007/978-3-319-62075-6_4, https://doi.org/10.1007/978-3-319-62075-6_4Google Scholar
- Swamy, N., Corcoran, B.J., Hicks, M.: Fable: A language for enforcing user-defined security policies. In: 2008 IEEE Symposium on Security and Privacy (sp 2008). pp. 369--383 (May 2008). https://doi.org/10.1109/SP.2008.29Google ScholarDigital Library
- Tiwari, V., Malik, S., Wolfe, A.: Power analysis of embedded software: a first step towards software power minimization. IEEE Trans. VLSI Syst. 2(4), 437--445 (1994)Google ScholarDigital Library
- Vasconcelos, P.B., Hammond, K.: Inferring cost equations for recursive, polymorphic and higher-order functional programs. In: Implementation of Functional Languages, 15th International Workshop, IFL 2003, Edinburgh, UK, September 8-11, 2003, Revised Papers. pp. 86--101 (2003). https://doi.org/10.1007/978-3-540-27861-0_6, https://doi.org/10.1007/978-3-540-27861-0_6Google Scholar
- Volpano, D.M., Irvine, C.E., Smith, G.: A sound type system for secure flow analysis. Journal of Computer Security 4(2/3), 167--188 (1996)Google ScholarCross Ref
- Wilhelm, R., Engblom, J., Ermedahl, A., Holsti, N., Thesing, S., Whalley, D., Bernat, G., Ferdinand, C., Heckmann, R., Mitra, T., Mueller, F., Puaut, I., Puschner, P., Staschulat, J., Stenström, P.: The worst-case execution-time problem--overview of methods and survey of tools. ACM Trans. Embed. Comput. Syst. 7(3), 36:1--36:53 (May 2008). https://doi.org/10.1145/1347375.1347389, http://doi.acm.org/10.1145/1347375.1347389Google ScholarDigital Library
- Wilhelm, R., Engblom, J., Ermedahl, A., Holsti, N., Thesing, S., Whalley, D., Bernat, G., Ferdinand, C., Heckmann, R., Mitra, T., Mueller, F., Puaut, I., Puschner, P., Staschulat, J., Stenström, P.: The Worst-case Execution-time Problem--Overview of Methods and Survey of Tools. ACM Trans. Embed. Comput. Syst. 7(3), 36:1--36:53 (May 2008). https://doi.org/10.1145/1347375.1347389, http://doi.acm.org/10.1145/1347375.1347389Google ScholarDigital Library
- Xian, C., Lu, Y., Li, Z.: Energy-aware scheduling for real-time multiprocessor systems with uncertain task execution time. In: DAC. pp. 664--669. IEEE (2007)Google Scholar
- Ziade, H., Ayoubi, R., Velazco, R.: A survey on fault injection techniques. International Arab Journal of Information Technology Vol. 1, No. 2, July, 171--186 (2004), https://hal.archives-ouvertes.fr/hal-00105562Google Scholar
Index Terms
- Type-Driven Verification of Non-functional Properties
Recommendations
A trustworthy framework for resource-aware embedded programming
IFL '19: Proceedings of the 31st Symposium on Implementation and Application of Functional LanguagesSystems with non-functional requirements, such as Energy, Time and Security (ETS), are of increasing importance due to the proliferation of embedded devices with limited resources such as drones, wireless sensors, and tablet computers. Currently, ...
Pycket: a tracing JIT for a functional language
ICFP '15We present Pycket, a high-performance tracing JIT compiler for Racket. Pycket supports a wide variety of the sophisticated features in Racket such as contracts, continuations, classes, structures, dynamic binding, and more. On average, over a standard ...
Pycket: a tracing JIT for a functional language
ICFP 2015: Proceedings of the 20th ACM SIGPLAN International Conference on Functional ProgrammingWe present Pycket, a high-performance tracing JIT compiler for Racket. Pycket supports a wide variety of the sophisticated features in Racket such as contracts, continuations, classes, structures, dynamic binding, and more. On average, over a standard ...
Comments