Search Results

Documents authored by Naumann, David


Found 2 Possible Name Variants:

Naumann, David A.

Document
Toward Tool-Independent Summaries for Symbolic Execution

Authors: Frederico Ramos, Nuno Sabino, Pedro Adão, David A. Naumann, and José Fragoso Santos

Published in: LIPIcs, Volume 263, 37th European Conference on Object-Oriented Programming (ECOOP 2023)


Abstract
We introduce a new symbolic reflection API for implementing tool-independent summaries for the symbolic execution of C programs. We formalise the proposed API as a symbolic semantics and extend two state-of-the-art symbolic execution tools with support for it. Using the proposed API, we implement 67 tool-independent symbolic summaries for a total of 26 libc functions. Furthermore, we present SumBoundVerify, a fully automatic summary validation tool for checking the bounded correctness of the symbolic summaries written using our symbolic reflection API. We use SumBoundVerify to validate 37 symbolic summaries taken from 3 state-of-the-art symbolic execution tools, angr, Binsec and Manticore, detecting a total of 24 buggy summaries.

Cite as

Frederico Ramos, Nuno Sabino, Pedro Adão, David A. Naumann, and José Fragoso Santos. Toward Tool-Independent Summaries for Symbolic Execution. In 37th European Conference on Object-Oriented Programming (ECOOP 2023). Leibniz International Proceedings in Informatics (LIPIcs), Volume 263, pp. 24:1-24:29, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2023)


Copy BibTex To Clipboard

@InProceedings{ramos_et_al:LIPIcs.ECOOP.2023.24,
  author =	{Ramos, Frederico and Sabino, Nuno and Ad\~{a}o, Pedro and Naumann, David A. and Fragoso Santos, Jos\'{e}},
  title =	{{Toward Tool-Independent Summaries for Symbolic Execution}},
  booktitle =	{37th European Conference on Object-Oriented Programming (ECOOP 2023)},
  pages =	{24:1--24:29},
  series =	{Leibniz International Proceedings in Informatics (LIPIcs)},
  ISBN =	{978-3-95977-281-5},
  ISSN =	{1868-8969},
  year =	{2023},
  volume =	{263},
  editor =	{Ali, Karim and Salvaneschi, Guido},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/LIPIcs.ECOOP.2023.24},
  URN =		{urn:nbn:de:0030-drops-182171},
  doi =		{10.4230/LIPIcs.ECOOP.2023.24},
  annote =	{Keywords: Symbolic Execution, Runtime Modelling, Symbolic Summaries}
}
Document
Artifact
Toward Tool-Independent Summaries for Symbolic Execution (Artifact)

Authors: Frederico Ramos, Nuno Sabino, Pedro Adão, David A. Naumann, and José Fragoso Santos

Published in: DARTS, Volume 9, Issue 2, Special Issue of the 37th European Conference on Object-Oriented Programming (ECOOP 2023)


Abstract
The artifact contains the extended versions of the tools angr and AVD with support for the symbolic reflection API proposed in the paper. Additionally, the artifact contains the source code of SumBoundVerify, our novel tool for the bounded-verification of symbolic summaries for the C programming language. The artifact contains all the scripts and datasets required to obtain the results presented in the paper, including: a library of 67 symbolic summaries implemented using the proposed symbolic reflection API; two symbolic test suites designed to test two open source C libraries; and the source code of the third-party summaries that were validated checked with SumBoundVerify.

Cite as

Frederico Ramos, Nuno Sabino, Pedro Adão, David A. Naumann, and José Fragoso Santos. Toward Tool-Independent Summaries for Symbolic Execution (Artifact). In Special Issue of the 37th European Conference on Object-Oriented Programming (ECOOP 2023). Dagstuhl Artifacts Series (DARTS), Volume 9, Issue 2, pp. 7:1-7:4, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2023)


Copy BibTex To Clipboard

@Article{ramos_et_al:DARTS.9.2.7,
  author =	{Ramos, Frederico and Sabino, Nuno and Ad\~{a}o, Pedro and Naumann, David A. and Fragoso Santos, Jos\'{e}},
  title =	{{Toward Tool-Independent Summaries for Symbolic Execution (Artifact)}},
  pages =	{7:1--7:4},
  journal =	{Dagstuhl Artifacts Series},
  ISSN =	{2509-8195},
  year =	{2023},
  volume =	{9},
  number =	{2},
  editor =	{Ramos, Frederico and Sabino, Nuno and Ad\~{a}o, Pedro and Naumann, David A. and Fragoso Santos, Jos\'{e}},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/DARTS.9.2.7},
  URN =		{urn:nbn:de:0030-drops-182478},
  doi =		{10.4230/DARTS.9.2.7},
  annote =	{Keywords: Symbolic Execution, Runtime Modelling, Symbolic Summaries}
}
Document
Relational Logic with Framing and Hypotheses

Authors: Anindya Banerjee, David A. Naumann, and Mohammad Nikouei

Published in: LIPIcs, Volume 65, 36th IARCS Annual Conference on Foundations of Software Technology and Theoretical Computer Science (FSTTCS 2016)


Abstract
Relational properties arise in many settings: relating two versions of a program that use different data representations, noninterference properties for security, etc. The main ingredient of relational verification, relating aligned pairs of intermediate steps, has been used in numerous guises, but existing relational program logics are narrow in scope. This paper introduces a logic based on novel syntax that weaves together product programs to express alignment of control flow points at which relational formulas are asserted. Correctness judgments feature hypotheses with relational specifications, discharged by a rule for the linking of procedure implementations. The logic supports reasoning about program-pairs containing both similar and dissimilar control and data structures. Reasoning about dynamically allocated objects is supported by a frame rule based on frame conditions amenable to SMT provers. We prove soundness and sketch how the logic can be used for data abstraction, loop optimizations, and secure information flow.

Cite as

Anindya Banerjee, David A. Naumann, and Mohammad Nikouei. Relational Logic with Framing and Hypotheses. In 36th IARCS Annual Conference on Foundations of Software Technology and Theoretical Computer Science (FSTTCS 2016). Leibniz International Proceedings in Informatics (LIPIcs), Volume 65, pp. 11:1-11:16, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2016)


Copy BibTex To Clipboard

@InProceedings{banerjee_et_al:LIPIcs.FSTTCS.2016.11,
  author =	{Banerjee, Anindya and Naumann, David A. and Nikouei, Mohammad},
  title =	{{Relational Logic with Framing and Hypotheses}},
  booktitle =	{36th IARCS Annual Conference on Foundations of Software Technology and Theoretical Computer Science (FSTTCS 2016)},
  pages =	{11:1--11:16},
  series =	{Leibniz International Proceedings in Informatics (LIPIcs)},
  ISBN =	{978-3-95977-027-9},
  ISSN =	{1868-8969},
  year =	{2016},
  volume =	{65},
  editor =	{Lal, Akash and Akshay, S. and Saurabh, Saket and Sen, Sandeep},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/LIPIcs.FSTTCS.2016.11},
  URN =		{urn:nbn:de:0030-drops-68465},
  doi =		{10.4230/LIPIcs.FSTTCS.2016.11},
  annote =	{Keywords: Relational Hoare logic, program equivalence, product programs, frame conditions, region logic}
}
Document
Language-Based Security (Dagstuhl Seminar 03411)

Authors: Anindya Banerjee, Heiko Mantel, David A. Naumann, and Andrei Sabelfeld

Published in: Dagstuhl Seminar Reports. Dagstuhl Seminar Reports, Volume 1 (2021)


Abstract

Cite as

Anindya Banerjee, Heiko Mantel, David A. Naumann, and Andrei Sabelfeld. Language-Based Security (Dagstuhl Seminar 03411). Dagstuhl Seminar Report 397, pp. 1-10, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2003)


Copy BibTex To Clipboard

@TechReport{banerjee_et_al:DagSemRep.397,
  author =	{Banerjee, Anindya and Mantel, Heiko and Naumann, David A. and Sabelfeld, Andrei},
  title =	{{Language-Based Security (Dagstuhl Seminar 03411)}},
  pages =	{1--10},
  ISSN =	{1619-0203},
  year =	{2003},
  type = 	{Dagstuhl Seminar Report},
  number =	{397},
  institution =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/DagSemRep.397},
  URN =		{urn:nbn:de:0030-drops-152779},
  doi =		{10.4230/DagSemRep.397},
}

Naumann, David

Document
03411 Final Report – Language Based Security

Authors: Anindya Banerjee, Heiko Mantel, David Naumann, and Andrei Sabelfeld

Published in: Dagstuhl Seminar Proceedings, Volume 3411, Language-Based Security (2005)


Abstract
This paper summarizes the objectives and structure of a seminar with the same title, held from October 5th to 10th 2003 at Schloss Dagstuhl, Germany.

Cite as

Anindya Banerjee, Heiko Mantel, David Naumann, and Andrei Sabelfeld. 03411 Final Report – Language Based Security. In Language-Based Security. Dagstuhl Seminar Proceedings, Volume 3411, pp. 1-5, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2005)


Copy BibTex To Clipboard

@InProceedings{banerjee_et_al:DagSemProc.03411.1,
  author =	{Banerjee, Anindya and Mantel, Heiko and Naumann, David and Sabelfeld, Andrei},
  title =	{{03411  Final Report – Language Based Security}},
  booktitle =	{Language-Based Security},
  pages =	{1--5},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2005},
  volume =	{3411},
  editor =	{Anindya Banerjee and Heiko Mantel and David Naumann and Andrei Sabelfeld},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/DagSemProc.03411.1},
  URN =		{urn:nbn:de:0030-drops-1724},
  doi =		{10.4230/DagSemProc.03411.1},
  annote =	{Keywords: Access control , information flow , noninterference , downgrading protocol analysis}
}
Document
03411 Abstracts Collection – Language Based Security

Authors: Anindya Banerjee, Heiko Mantel, David Naumann, and Andrei Sabelfeld

Published in: Dagstuhl Seminar Proceedings, Volume 3411, Language-Based Security (2005)


Abstract
From October 5th to 10th 2003,the Dagstuhl Seminar 03411 ``Language Based security'' was held in the International Conference and Research Center (IBFI), Schloss Dagstuhl. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar are put together in this paper.

Cite as

Anindya Banerjee, Heiko Mantel, David Naumann, and Andrei Sabelfeld. 03411 Abstracts Collection – Language Based Security. In Language-Based Security. Dagstuhl Seminar Proceedings, Volume 3411, pp. 1-20, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2005)


Copy BibTex To Clipboard

@InProceedings{banerjee_et_al:DagSemProc.03411.2,
  author =	{Banerjee, Anindya and Mantel, Heiko and Naumann, David and Sabelfeld, Andrei},
  title =	{{03411 Abstracts Collection – Language Based Security}},
  booktitle =	{Language-Based Security},
  pages =	{1--20},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2005},
  volume =	{3411},
  editor =	{Anindya Banerjee and Heiko Mantel and David Naumann and Andrei Sabelfeld},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/entities/document/10.4230/DagSemProc.03411.2},
  URN =		{urn:nbn:de:0030-drops-1731},
  doi =		{10.4230/DagSemProc.03411.2},
  annote =	{Keywords: Access control , information flow , noninterference , downgrading protocol analysis}
}
Questions / Remarks / Feedback
X

Feedback for Dagstuhl Publishing


Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail