Proofware: establishing trustworthy computing through programming with proofs

Proofware：通过证明编程建立可信计算

• 批准号: 298177-2012
• 负责人: Pientka, Brigitte
• 金额: $ 2.04万
• 依托单位: McGill University
• 依托单位国家: 加拿大
• 项目类别: Discovery Grants Program - Individual
• 财政年份: 2015
• 资助国家: 加拿大
• 起止时间: 2015-01-01 至 2016-12-31
• 项目状态: 已结题
• 来源: https://www.nserc-crsng.gc.ca/ase-oro/Details-Detailles_eng.asp?id=571444
• 关键词: Proofware; establishing; trustworthy; computing; through

Software systems are an integral part of our infrastructure and our society more and more depends on them: Software monitors medical devices, manages our financial assets, and controls power plants. But as consumers take more and more advantage of online services, they are also becoming more concerned about whether their personal information, such as financial and medical records, are kept safe. If computing is to become truly ubiquitous, we will have to make software systems and services sufficiently trustworthy that people do not worry about its fallibility or unreliability the way they do today. Proof-carrying architectures for trustworthy computing advocate establishing trust by verifying compliance of the software with a formal safety policy. However, existing programming environments are inadequate to track and verify complex safety properties about programs. This is a major obstacle for this paradigm to become mainstream. The Proofware project aims to change the way we develop and implement software systems by extending a general purpose programming language with the ability to directly represent, generate, and manipulate proof certificates. The objectives are: Design a foundation for certifying programs based on dependent types, build a proof-of-concept programming environment where proofs are seamlessly integrated into programs, and evaluate its effectiveness in two main areas, certified meta-programming and meta-reasoning. Our goal is twofold: 1) to make it routine work for the programmer to specify and mechanically verify complex behavioral properties of their programs and ensure that these properties are preserved during compilation. 2) to make it common practice to communicate, exchange, and verify proofs to establish trust and guarantee reliability and safety of software systems and services.

软件系统是我们的基础设施不可或缺的一部分，我们的社会越来越依赖它们：软件监控医疗设备，管理我们的金融资产，控制发电厂。但随着消费者越来越多地利用在线服务，他们也越来越关心自己的个人信息，如财务和医疗记录，是否得到安全保护。如果计算要变得真正无处不在，我们必须使软件系统和服务足够值得信赖，以至于人们不会像今天这样担心它的易错性或不可靠性。 用于可信计算的携带证明的体系结构提倡通过验证软件与正式安全策略的符合性来建立信任。 然而，现有的编程环境不足以跟踪和验证程序的复杂安全属性。这是这一范式成为主流的主要障碍。 Proofware项目旨在通过扩展具有直接表示、生成和操作证明证书能力的通用编程语言来改变我们开发和实现软件系统的方式。 其目标是：设计一个基于依赖类型的程序认证基础，构建一个概念验证编程环境，将证明无缝集成到程序中，并评估其在两个主要领域的有效性，认证元编程和元推理。 我们的目标是双重的：1）使程序员指定和机械地验证其程序的复杂行为属性并确保这些属性在编译期间被保留成为常规工作。2)使通信、交换和验证证明成为惯例，以建立信任并保证软件系统和服务的可靠性和安全性。