Some Issues on Incremental Abstraction-Carrying Code

TL;DR

This paper discusses the challenges and solutions for incremental abstraction-carrying code, focusing on logic programming, to efficiently validate program updates without reprocessing the entire code base.

Contribution

It introduces methods for generating and validating incremental certificates in ACC, addressing various types of program updates and their impact on correctness and accuracy.

Findings

Proposes an incremental checking algorithm for untrusted program updates

Analyzes the effects of different update types on certificate accuracy

Highlights issues and solutions for incremental ACC in logic programming

Abstract

Abstraction-Carrying Code (ACC) has recently been proposed as a framework for proof-carrying code (PCC) in which the code supplier provides a program together with an abstraction (or abstract model of the program) whose validity entails compliance with a predefined safety policy. The abstraction thus plays the role of safety certificate and its generation (and validation) is carried out automatically by a fixed-point analyzer. Existing approaches for PCC are developed under the assumption that the consumer reads and validates the entire program w.r.t. the full certificate at once, in a non incremental way. In this abstract, we overview the main issues on incremental ACC. In particular, in the context of logic programming, we discuss both the generation of incremental certificates and the design of an incremental checking algorithm for untrusted updates of a (trusted) program, i.e., when a producer provides a modified version of a previously validated program. By update, we refer to any arbitrary change on a program, i.e., the extension of the program with new predicates, the deletion of existing predicates and the replacement of existing predicates by new versions for them. We also discuss how each kind of update affects the incremental extension in terms of accuracy and correctness.