[go: up one dir, main page]

WO2025017925A1 - Proof verification system and proof verification method - Google Patents

Proof verification system and proof verification method Download PDF

Info

Publication number
WO2025017925A1
WO2025017925A1 PCT/JP2023/026664 JP2023026664W WO2025017925A1 WO 2025017925 A1 WO2025017925 A1 WO 2025017925A1 JP 2023026664 W JP2023026664 W JP 2023026664W WO 2025017925 A1 WO2025017925 A1 WO 2025017925A1
Authority
WO
WIPO (PCT)
Prior art keywords
proof
verification
executable file
program
safety
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
PCT/JP2023/026664
Other languages
French (fr)
Japanese (ja)
Inventor
哲矢 奥田
美郷 中林
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nippon Telegraph and Telephone Corp
Original Assignee
Nippon Telegraph and Telephone Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nippon Telegraph and Telephone Corp filed Critical Nippon Telegraph and Telephone Corp
Priority to PCT/JP2023/026664 priority Critical patent/WO2025017925A1/en
Publication of WO2025017925A1 publication Critical patent/WO2025017925A1/en
Pending legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information

Definitions

  • This disclosure relates to a proof verification system and a proof verification method.
  • PCC Proof-Carrying Code
  • the present invention was made in consideration of the above points, and aims to reduce the amount of work required to verify a program.
  • the invention according to claim 1 is a proof verification system having a proof terminal that proves the safety of a program in a high-level language and a verification terminal that verifies the safety of the program, the proof terminal having a compiler that generates an executable file based on the source code of the program, a logical expression generation unit that generates an intermediate representation based on the source code of the program, and generates a verification logical expression indicating a condition that should be satisfied immediately before and after the executable file of the program is executed based on the intermediate representation and confidential definition information indicating confidentiality indicating that a specific variable name in the high-level language is confidential information, a proof creation unit that creates a safety proof to prove that the executable file satisfies the condition based on the verification logical expression and ensure the safety of the executable file, and an output unit that outputs the executable file, the verification logical expression, and the safety proof, and the verification terminal has a proof confirmation unit that confirms that the safety proof obtained from the proof terminal exists
  • the present invention has the effect of reducing the amount of work required to verify a program.
  • FIG. 1 is a schematic diagram of a proof verification system according to a first embodiment.
  • FIG. 2 is a diagram illustrating the electrical hardware configuration of each terminal.
  • FIG. 2 is a functional configuration diagram of a certification terminal according to the first embodiment;
  • FIG. 2 is a functional configuration diagram of a verification terminal according to the first embodiment.
  • 2 is a sequence diagram showing the processing or operation of the proof verification system according to the first embodiment.
  • FIG. 4 is a flowchart showing a process or operation of a verification terminal which is a premise of the first embodiment;
  • FIG. 11 is a functional configuration diagram of a certification terminal according to the second embodiment.
  • FIG. 11 is a sequence diagram showing the processing or operation of the proof verification system according to the second embodiment.
  • FIG. 13 is a functional configuration diagram of a certification terminal according to the third embodiment.
  • FIG. 13 is a sequence diagram showing the processing or operation of the proof verification system according to the third embodiment.
  • Fig. 1 is a schematic diagram of a proof verification system according to the first embodiment.
  • the proof verification system 10 of the first embodiment is constructed by a proof terminal 30 and a verification terminal 50.
  • the proof terminal 30 is a terminal that proves the safety of a program and creates a safety proof p, etc., and in this embodiment, it is also a development terminal of a program developer.
  • the verification terminal 50 is a terminal that verifies the safety of a program and in this embodiment, it is also a user terminal of a program user.
  • the verification terminal 50 executes a program (executable file) after confirming the existence of the safety proof p.
  • FIG. 2 is a diagram showing the electrical hardware configuration of each terminal.
  • each terminal is a computer that includes a CPU 101, a ROM 102, a RAM 103, an SSD 104, an external device connection I/F (Interface) 105, a network I/F 106, a display device 107, an input device 108, a media I/F 109, and a bus line 110.
  • CPU 101 controls the overall operation of each terminal.
  • ROM 102 stores programs used to drive CPU 101, such as IPL.
  • RAM 103 is used as a work area for CPU 101.
  • the SSD 104 reads and writes various data according to the control of the CPU 101. Note that a HDD (Hard Disk Drive) may be used instead of the SSD 104.
  • HDD Hard Disk Drive
  • the external device connection I/F 105 is an interface for connecting various external devices.
  • the external devices include a display, a speaker, a keyboard, a mouse, a USB memory, and a printer.
  • the network I/F 106 is an interface for data communication via a communication network such as the Internet.
  • the display device 107 is a type of display means, such as a liquid crystal or organic EL (Electro Luminescence) device, that displays various images.
  • a display An example of the display device 107 is a display.
  • the input device 108 is a type of input means for selecting and executing various instructions, selecting a processing target, moving a cursor, etc.
  • An example of the input device 108 is a pointing device.
  • the media I/F 109 controls the reading and writing (storing) of data from and to a recording medium 109m such as a flash memory.
  • Recording media 109m includes DVDs and Blu-ray Discs (registered trademarks).
  • the bus line 110 is an address bus, a data bus, etc., for electrically connecting each component such as the CPU 101 shown in FIG. 2.
  • ⁇ Certification terminal> 3 is a functional configuration diagram of the certification terminal according to the first embodiment.
  • the certification terminal 30a is an example of the certification terminal 30 shown in FIG.
  • the proof terminal 30a has an acquisition unit 31, a compiler 32, a logical formula generation unit 35a, a proof creation unit 36, and an output unit 39.
  • Each of these units is a function that the CPU 101 as a processor causes the proof terminal 30a to realize using one or more programs installed in the proof terminal 30a.
  • the acquisition unit 31 acquires source code s written in a programming language through the operation of the prover (developer).
  • the compiler 32 is a general compiler that reads and analyzes the source code s and converts (generates) it into an executable file (binary) b that can be directly executed by the computer.
  • the logical formula generation unit 35a generates a verification logical formula v based on confidential definition information c that is set in advance by the developer and the source code s acquired from the acquisition unit 31.
  • the developer also creates confidential definition information while creating a program in a high-level language, and indicates confidential parts in the confidential definition information.
  • the "confidential definition information" indicates that a specific variable name in the high-level language (e.g., "password”) is confidential information.
  • Verification formula v is a condition (pre-condition, post-condition) that must be satisfied immediately before and after the execution of a program (executable file b), and is provided in advance by the user of the program to the developer. If verification formula v is a valid formula, it is mathematically guaranteed that "when executable file b is executed in a situation where the pre-condition is satisfied and the calculation is completed, the post-condition will always be satisfied, and the safety required by the user will be met when executable file b is executed.”
  • the logical formula generation unit in Reference 1 has both the front-end functionality (the functionality of parsing source code s) and the back-end functionality (the functionality of creating an executable file) of the compiler in order to generate the verification logical formula v.
  • the logical formula generation unit 35a of this embodiment does not have a back-end function, or if it has a back-end function, it does not execute it, but has a front-end function.
  • the logical formula generation unit 35a generates up to an intermediate representation (LLVM-IR) during the compilation process, and generates a verification logical formula v using this intermediate representation.
  • LLVM-IR intermediate representation
  • the proof creation unit 36 verifies that the executable file b satisfies the pre-condition and post-condition based on the verification logical formula v, and creates a safety proof p to guarantee the safety of the executable file b.
  • the output unit 39 obtains the executable file b from the compiler 32, the security proof p from the proof creation unit 36, and the verification logical formula v from the logical formula generation unit 35, and outputs all of this data.
  • Each output data may be transmitted to the verification terminal 50 via a communication network such as the Internet, or may be recorded on a recording medium such as a DVD-ROM and sent to the verification terminal 50.
  • FIG. 4 is a functional configuration diagram of the certification terminal according to the first embodiment.
  • the verification terminal 50 has an acquisition unit 51, a proof verification unit 56, and an execution unit 59.
  • Each of these units is a function that the CPU 101 as a processor realizes in the verification terminal 50 using one or more programs installed in the verification terminal 50.
  • the acquisition unit 51 acquires the above data output from the certification terminal 30 through the operation of the verifier (user).
  • the proof confirmation unit 56 confirms the existence of the safety proof p.
  • the proof confirmation unit 56 confirms the existence of the safety proof p by performing the same processing as the proof creation unit 36 using each of the above data.
  • the proof confirmation unit 56 uses each of the above data to determine whether the executable file b satisfies the above conditions (pre-condition and post-condition) based on the verification logical formula v, just like the proof creation unit 36, and if it does, confirms that the safety proof p obtained from the certification terminal 30 certainly exists.
  • the execution unit 59 executes the executable file b acquired from the acquisition unit 51.
  • Fig. 5 is a sequence diagram showing the processing or operation of the proof verification system according to the first embodiment.
  • Fig. 6 is a flowchart showing the processing or operation of the verification terminal according to the first embodiment.
  • the acquisition unit 31 acquires source code s written in a programming language through the operation of the prover (developer).
  • the compiler 32 reads the source code s and generates an executable file (binary) b.
  • the logical expression generation unit 35a generates an intermediate representation r based on the source code s acquired from the acquisition unit 31.
  • the logical formula generation unit 35a generates a verification logical formula v based on the intermediate representation r and the confidential definition information c.
  • the proof creation unit 36 verifies that the executable file b satisfies the pre-condition and post-condition based on the verification logical formula v, and creates a safety proof p to guarantee the safety of the executable file b.
  • the output unit 39 obtains the executable file b from the compiler 32, obtains the security proof p from the proof creation unit 36, and obtains the verification logical formula v from the logical formula generation unit 35, and transmits each data to the verification terminal 50. As a result, the acquisition unit 51 of the verification terminal 50 acquires each data.
  • the certification terminal 30a sends the verification logical formula v using an intermediate representation (LLVM-IR) common to each language to the downstream verification terminal 50.
  • LLVM-IR intermediate representation
  • the second embodiment also has the overall configuration as shown in Fig. 1.
  • the certification terminal 30b is an example of the certification terminal 30 shown in Fig. 1.
  • the second embodiment generates the variable name in the intermediate representation (the number from the beginning, such as "20") and a label indicating that the variable name is confidential information.
  • Fig. 7 is a functional configuration diagram of a certification terminal according to the second embodiment.
  • the certification terminal 30b has an acquisition unit 31, a compiler 32, a labeling information generation unit 34b, a logical formula generation unit 35b, a proof creation unit 36, and an output unit 39. These units are functions that the CPU 101 as a processor realizes in the certification terminal 30b using one or more programs installed in the certification terminal 30b. Note that, here, the same reference numerals are used to designate the same functional configurations of the first embodiment shown in Fig. 3, and the description thereof will be omitted.
  • the labeling information generation unit 34b like the logical formula generation units 35a and 35b, has the function of generating an intermediate representation (LLVM-IR). Based on confidential definition information c indicating that a variable name (e.g., "password") in a high-level language is confidential information, the labeling information generation unit 34b analyzes the source code s acquired from the acquisition unit 31, and generates auxiliary information a, which is an intermediate representation that inherits attribute information in the high-level language (variable name (e.g., "password”), function name, and program file name).
  • variable name e.g., "password”
  • the labeling information generation unit 34b also generates labeling information L2 based on the auxiliary information a.
  • the labeling information generation unit 34b uses a predetermined tool that associates a predetermined variable name in the high-level language (e.g., "password") with the order of the variables from the beginning in the intermediate representation r (e.g., "20"). This allows the labeling information generation unit 34b to generate labeling information that is a pair of the variable name "20th” and a label indicating that this is confidential information, using auxiliary information a indicating that the variable name "password” is confidential information and a predetermined tool indicating that the variable name "password” is variable name "20th”.
  • the "labeling information” includes a pair of a specific variable name in the intermediate representation r and a label to be assigned to this specific variable.
  • the "label” indicates that the part of the specific variable name is confidential information.
  • the logical expression generation unit 35b like the logical expression generation unit 35a, generates an intermediate representation r based on the source code s acquired from the acquisition unit 31.
  • the logical formula generation unit 35b generates a verification logical formula v based on the generated intermediate representation r and the labeling information L2 (a set of a variable name (e.g., "20") and a label (e.g., "confidential information”)) generated by the labeling information generation unit 34b.
  • the method of generating the verification logical formula v is the same as in the first embodiment.
  • the compiler 32 reads the source code s and generates an executable file (binary) b.
  • the logical expression generation unit 35b generates an intermediate representation r based on the source code s acquired from the acquisition unit 31.
  • the labeling information generating unit 34b analyzes the source code s acquired from the acquiring unit 31 based on the confidential definition information c, and generates auxiliary information a, which is an intermediate representation that inherits the attribute information in the high-level language.
  • the labeling information generation unit 34b generates labeling information L2 based on the auxiliary information a.
  • the logical formula generation unit 35b generates a verification logical formula v based on the intermediate representation r and the labeling information L2.
  • the proof creation unit 36 verifies that the executable file b satisfies the pre-condition and post-condition based on the verification logical formula v, and creates a safety proof p to guarantee the safety of the executable file b.
  • the output unit 39 obtains the executable file b from the compiler 32, obtains the security proof p from the proof creation unit 36, and obtains the verification logical formula v from the logical formula generation unit 35, and transmits each data to the verification terminal 50. As a result, the acquisition unit 51 of the verification terminal 50 obtains each data.
  • variable names in the intermediate representation r (such as the sequence "20" from the beginning) and labels indicating that the variable names are confidential information are generated. This has the effect that even if confidential information in the variable names such as "password" is included in the source code s in a high-level language, a verifier in a later process can easily confirm which part of the executable file b is confidential information.
  • the third embodiment also has the overall configuration as shown in Fig. 1.
  • the certification terminal 30c is an example of the certification terminal 30 shown in Fig. 1.
  • the third embodiment assumes processing or operations performed in an open source supply chain using GitHub or the like.
  • Git is a distributed version control system, and is a tool used by developers.
  • GitHub is a web service that uses the Git mechanism to enable people all over the world to store and publish their own work (program code, design data, etc.).
  • the third embodiment assumes a situation in which, for example, in an open source supply chain, developer B replicates a program developed by developer A and adds a new program.
  • ⁇ Certification terminal> 9 is a functional configuration diagram of the proof terminal according to the third embodiment.
  • the proof terminal 30b has an acquisition unit 31, a compiler 32, a labeling information generation unit 34c, a logical expression generation unit 35c, a proof creation unit 36, and an output unit 39.
  • These units are functions that the CPU 101 as a processor realizes in the proof terminal 30c using one or more programs installed in the proof terminal 30c.
  • the same reference numerals are used for the similar functional configurations, and the description thereof is omitted.
  • the labeling information generation unit 34c and the logical expression generation unit 35c are modified versions of the labeling information generation unit 34b and the logical expression generation unit 35b in the second embodiment, respectively.
  • the labeling information generating unit 34c basically includes the same functions as the labeling information generating unit 34b, and further combines the auxiliary information a1 acquired from another terminal and the auxiliary information a2 generated by its own terminal (the certification terminal 30c) into one file, and generates the labeling information L3 based on the combined auxiliary information a1 and a2.
  • the auxiliary information a1 is information acquired from GitHub or the like by the acquisition unit 31, and is an example of the auxiliary information a by another developer A.
  • the auxiliary information a2 is an example of the auxiliary information a generated by the labeling information generating unit 34c in the certification terminal 30c of developer B in the same procedure as the labeling information generating unit 34b.
  • Each piece of auxiliary information a1 and a2 includes attribute information (variable name (e.g., "password”), function name, and program file name), so the labeling information generating unit 34c combines the auxiliary information a1 and the auxiliary information a2 based on the attribute information of each piece of auxiliary information a1 and a2.
  • attribute information variable name (e.g., "password"
  • function name e.g., "password”
  • program file name e.g., program file name
  • the logical formula generation unit 35c basically includes the same functions as the logical formula generation unit 35b, and further combines the intermediate representation r1 acquired from another terminal and the intermediate representation r2 generated on its own terminal (the proof terminal 30c) into one file.
  • the intermediate representation r1 is information acquired from GitHub or the like by the acquisition unit 31, and is an example of an intermediate representation r by another developer A.
  • the intermediate representation r2 is an example of an intermediate representation r generated by the logical formula generation unit 35c in the proof terminal 30c of developer B in the same procedure as the logical formula generation unit 35b.
  • Each intermediate representation r1, r2 includes attribute information (variable name (e.g., "20"), function name, and program file name), so the labeling information generation unit 34c combines the intermediate representation r1 and the intermediate representation r2 based on the attribute information of each intermediate representation r1, r2.
  • attribute information variable name (e.g., "20"), function name, and program file name
  • the logical formula generation unit 35c generates a verification logical formula v based on the combined intermediate representations r1 and r2 and the labeling information L3 (a set of variable names (e.g., "20") and labels (e.g., "confidential information”)) generated by the labeling information generation unit 34c. Note that in this case, due to program modification or alteration, more sets of variable names and labels may be generated than in the second embodiment.
  • FIG. 10 is a sequence diagram showing the processing or operation of the proof verification system according to the third embodiment.
  • the processing or operation of the verification terminal 50 according to the third embodiment is similar to that of the first embodiment, and therefore the description will be omitted.
  • the intermediate representation r1 is an example of the first intermediate representation
  • the intermediate representation r2 is an example of the second intermediate representation.
  • the auxiliary information a1 is an example of the first auxiliary information
  • the auxiliary information a2 is an example of the second auxiliary information.
  • the secret definition information used in the other certification terminals is an example of the first secret definition information
  • the secret definition information used in the certification terminal 30c is an example of the second secret definition information.
  • the acquisition unit 31 acquires source code s written in a programming language through the operation of the prover (developer).
  • S332 The compiler 32 reads the source code s and generates an executable file (binary) b.
  • the acquisition unit 31 acquires the intermediate representation r1 and auxiliary information a1 generated by another certification terminal from GitHub or the like in the open source supply chain.
  • the intermediate representation r1 and auxiliary information a1 correspond to the intermediate representation r and auxiliary information a in the second embodiment, respectively.
  • the logical expression generation unit 35c generates an intermediate representation r2 based on the source code s acquired from the acquisition unit 31.
  • the logical formula generation unit 35c combines the intermediate representation r1 acquired from the acquisition unit 31 and the intermediate representation r2 generated by the logical formula generation unit 35c into one file.
  • the labeling information generation unit 34c combines the auxiliary information a1 acquired from the acquisition unit 31 and the auxiliary information a2 generated by the labeling information generation unit 34c into one file.
  • the labeling information generation unit 34c generates labeling information L3 based on the combined auxiliary information a1 and a2.
  • the logical formula generation unit 35c generates a verification logical formula v based on the combined intermediate representations r1 and r2 and the labeling information L3.
  • the proof creation unit 36 verifies that the executable file b satisfies the pre-condition and post-condition based on the verification logical formula v, and creates a safety proof p to guarantee the safety of the executable file b.
  • the output unit 39 obtains the executable file b from the compiler 32, obtains the security proof p from the proof creation unit 36, and obtains the verification logical formula v from the logical formula generation unit 35, and transmits each data to the verification terminal 50. As a result, the acquisition unit 51 of the verification terminal 50 acquires each data.
  • the present invention is not limited to the above-described embodiment, and may have the following configurations or processes (operations).
  • Each of the above programs can be recorded on a (non-temporary) recording medium or provided via a network such as the Internet.
  • the CPU 101 in FIG. 2 may be a single CPU or multiple CPUs.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Physics (AREA)
  • Stored Programmes (AREA)

Abstract

The present disclosure is a proof verification system comprising: a proof terminal that proves the safety of a high-level language program; and a verification terminal that verifies the safety of the program. The proof terminal comprises: a compiler that generates an executable file on the basis of a source code of the program; a logical expression generation unit that generates an intermediate representation on the basis of the source code of the program, and generates, on the basis of secret definition information indicating that a prescribed variable name in the intermediate representation and in the high-level language is confidential information, a verification logical expression indicating a condition to be established immediately before and immediately after executing the executable file of the program; a proof creation unit that demonstrates that the executable file satisfies the condition on the basis of the verification logical expression, and creates a safety proof for guaranteeing the safety of the executable file; and an output unit that outputs the executable file, the verification logical expression, and the safety proof.

Description

証明検証システム、及び証明検証方法Proof verification system and proof verification method

 本開示内容は、証明検証システム、及び証明検証方法に関する。 This disclosure relates to a proof verification system and a proof verification method.

 オープン技術の普及により、重要システムにおいてもソフトウェア部品の共通化及び多様化が進んでいる。また、近年、そのソフトウェアサプライチェーンを狙ったサイバー攻撃が顕在化している。 The widespread use of open technologies has led to an increase in standardization and diversification of software components, even in critical systems. In recent years, cyber attacks targeting the software supply chain have also become evident.

 安全なソフトウェアであることを保証するための従来技術として、PCC(Proof-Carrying Code)を使うことが提案されている(非特許文献1)。PCCは、プログラムと一緒にプログラムの安全性証明を流通させることで、プログラムの真正性保証の実現や、プログラムが所望の安全性要件を満たすことを証明可能にする技術である。これにより、従来技術では、プログラム(ソフトウェア)を解析し、パスワード等の秘匿情報が正しい手順でハッシュ化されて保管されている、という安全性要件を検証論理式の形で表現することで、プログラムの利用者は秘匿情報が安全に保管されていることを確認することができる。 The use of Proof-Carrying Code (PCC) has been proposed as a conventional technique for ensuring that software is safe (Non-Patent Document 1). PCC is a technique that makes it possible to guarantee the authenticity of a program and prove that the program meets desired safety requirements by distributing a proof of the program's safety along with the program. In conventional techniques, this allows users of the program to verify that confidential information such as passwords is stored safely by analyzing the program (software) and expressing the safety requirements, such as that confidential information such as passwords is hashed and stored in the correct procedure, in the form of a verification logical formula.

所司 翼, 吉村 仁志, 中林 美郷, 奥田 哲矢, "Proof-Carrying CodeとTEEを用いたプログラムの安全性保証付き秘匿実行方式", 研究報告コンピュータセキュリティ(CSEC), 2022-CSEC-97, 2022-05-12Tokoshi Tsubasa, Yoshimura Hitoshi, Nakabayashi Misato, Okuda Tetsuya, "A method of securely executing programs using Proof-Carrying Code and TEE", Computer Security Research Report (CSEC), 2022-CSEC-97, 2022-05-12

 しかしながら、従来技術では、C++等の高級言語である特定の言語を解析対象としているため、ソフトウェアのサプライチェーンで多数の言語が使われている場合、各言語に対応した解析が必要となり、プログラムの形式検証を行う工数が増大するという課題があった。 However, conventional technology only analyzes specific high-level languages such as C++. When multiple languages are used in the software supply chain, analysis is required for each language, which increases the effort required to perform formal verification of the program.

 本発明は、上記の点に鑑みてなされたものであり、プログラムの検証を行う工数を抑制することを目的とする。 The present invention was made in consideration of the above points, and aims to reduce the amount of work required to verify a program.

 上記目的を達成するため、請求項1に係る発明は、高級言語のプログラムの安全性を証明する証明端末と、前記プログラムの安全性を検証する検証端末を有する証明検証システムであって、前記証明端末は、前記プログラムのソースコードに基づき実行ファイルを生成するコンパイラと、前記プログラムのソースコードに基づき中間表現を生成し、当該中間表現、及び前記高級言語における所定の変数名が秘匿情報である旨を示す秘匿が示されている秘匿定義情報に基づいて、前記プログラムの実行ファイルを実行する直前及び直後に成立すべき条件を示す検証論理式を生成する論理式生成部と、前記検証論理式に基づいて前記実行ファイルが前記条件を満たすことを実証し、前記実行ファイルの安全性を保証するための安全性証明を作成する証明作成部と、前記実行ファイル、前記検証論理式、及び前記安全性証明を出力する出力部と、を有し、前記検証端末は、前記検証論理式に基づいて前記実行ファイルが前記条件を満たす場合には、前記証明端末から取得した前記安全性証明が存在することを確認する証明確認部、を有する、証明検証システムである。  In order to achieve the above object, the invention according to claim 1 is a proof verification system having a proof terminal that proves the safety of a program in a high-level language and a verification terminal that verifies the safety of the program, the proof terminal having a compiler that generates an executable file based on the source code of the program, a logical expression generation unit that generates an intermediate representation based on the source code of the program, and generates a verification logical expression indicating a condition that should be satisfied immediately before and after the executable file of the program is executed based on the intermediate representation and confidential definition information indicating confidentiality indicating that a specific variable name in the high-level language is confidential information, a proof creation unit that creates a safety proof to prove that the executable file satisfies the condition based on the verification logical expression and ensure the safety of the executable file, and an output unit that outputs the executable file, the verification logical expression, and the safety proof, and the verification terminal has a proof confirmation unit that confirms that the safety proof obtained from the proof terminal exists if the executable file satisfies the condition based on the verification logical expression.

 以上説明したように本発明によれば、プログラムの検証を行う工数を抑制することができるという効果を奏する。 As described above, the present invention has the effect of reducing the amount of work required to verify a program.

第1の実施形態に係る証明検証システムの概略図である。1 is a schematic diagram of a proof verification system according to a first embodiment. 各端末の電気的なハードウェア構成図である。FIG. 2 is a diagram illustrating the electrical hardware configuration of each terminal. 第1の実施形態に係る証明端末の機能構成図である。FIG. 2 is a functional configuration diagram of a certification terminal according to the first embodiment; 第1の実施形態に係る検証端末の機能構成図である。FIG. 2 is a functional configuration diagram of a verification terminal according to the first embodiment. 第1の実施形態に係る証明検証システムの処理又は動作を示すシーケンス図である。2 is a sequence diagram showing the processing or operation of the proof verification system according to the first embodiment. FIG. 第1の実施形態の前提となる検証端末の処理又は動作を示すフローチャートである。4 is a flowchart showing a process or operation of a verification terminal which is a premise of the first embodiment; 第2の実施形態に係る証明端末の機能構成図である。FIG. 11 is a functional configuration diagram of a certification terminal according to the second embodiment. 第2の実施形態に係る証明検証システムの処理又は動作を示すシーケンス図である。FIG. 11 is a sequence diagram showing the processing or operation of the proof verification system according to the second embodiment. 第3の実施形態に係る証明端末の機能構成図である。FIG. 13 is a functional configuration diagram of a certification terminal according to the third embodiment. 第3の実施形態に係る証明検証システムの処理又は動作を示すシーケンス図である。FIG. 13 is a sequence diagram showing the processing or operation of the proof verification system according to the third embodiment.

 以下に、本発明の各実施形態について説明する。本実施形態では、ソフトウェアサプライチェーン(機器およびソフトウェアの設計開発及び製造、機能追加、導入、運用(又は利用))の一連の流通過程において、プログラムの開発者と利用者の処理又は動作を説明する。 Each embodiment of the present invention will be described below. In this embodiment, the processing or operation of a program developer and user in a series of distribution processes in the software supply chain (design, development, and manufacturing of equipment and software, function addition, introduction, and operation (or use)) will be described.

 ●第1の実施形態
 まずは、第1の実施形態について説明する。 First Embodiment First, the first embodiment will be described.

 〔全体構成の概略〕
 図1は、第1の実施形態に係る証明検証システムの概略図である。図1に示されているように、第1の実施形態の証明検証システム10は、証明端末30、及び検証端末50によって構築されている。この場合の証明端末30は、プログラムの安全性を証明する端末であり、安全性証明p等を作成する端末であり、本実施形態ではプログラムの開発者の開発端末でもある。また、検証端末50は、プログラムの安全性を検証する端末であり、本実施形態ではプログラムの利用者の利用端末でもある。検証端末50は、安全性証明pの存在の確認を行った後に、プログラム(実行ファイル)を実行する。 [Overall configuration]
Fig. 1 is a schematic diagram of a proof verification system according to the first embodiment. As shown in Fig. 1, the proof verification system 10 of the first embodiment is constructed by a proof terminal 30 and a verification terminal 50. In this case, the proof terminal 30 is a terminal that proves the safety of a program and creates a safety proof p, etc., and in this embodiment, it is also a development terminal of a program developer. The verification terminal 50 is a terminal that verifies the safety of a program and in this embodiment, it is also a user terminal of a program user. The verification terminal 50 executes a program (executable file) after confirming the existence of the safety proof p.

 〔各端末の電気的な構成〕
 続いて、図2を用いて、各端末の電気的なハードウェアの構成を説明する。図2は、各端末の電気的なハードウェア構成図である。 [Electrical configuration of each terminal]
Next, the electrical hardware configuration of each terminal will be described with reference to Fig. 2. Fig. 2 is a diagram showing the electrical hardware configuration of each terminal.

 図2に示すように、各端末(証明端末30、検証端末50)は、コンピュータとして、図2に示されているように、CPU101、ROM102、RAM103、SSD104、外部機器接続I/F(Interface)105、ネットワークI/F106、表示デバイス107、入力デバイス108、メディアI/F109、及びバスライン110を備えている。 As shown in FIG. 2, each terminal (certification terminal 30, verification terminal 50) is a computer that includes a CPU 101, a ROM 102, a RAM 103, an SSD 104, an external device connection I/F (Interface) 105, a network I/F 106, a display device 107, an input device 108, a media I/F 109, and a bus line 110.

 これらのうち、CPU101は、各端末全体の動作を制御する。ROM102は、IPL等のCPU101の駆動に用いられるプログラムを記憶する。RAM103は、CPU101のワークエリアとして使用される。 Of these, CPU 101 controls the overall operation of each terminal. ROM 102 stores programs used to drive CPU 101, such as IPL. RAM 103 is used as a work area for CPU 101.

 SSD104は、CPU101の制御に従って各種データの読み出し又は書き込みを行う。なお、SSD104の代わりに、HDD(Hard Disk Drive)を用いてもよい。 The SSD 104 reads and writes various data according to the control of the CPU 101. Note that a HDD (Hard Disk Drive) may be used instead of the SSD 104.

 外部機器接続I/F105は、各種の外部機器を接続するためのインターフェースである。この場合の外部機器は、ディスプレイ、スピーカ、キーボード、マウス、USBメモリ、及びプリンタ等である。 The external device connection I/F 105 is an interface for connecting various external devices. In this case, the external devices include a display, a speaker, a keyboard, a mouse, a USB memory, and a printer.

 ネットワークI/F106は、インターネット等の通信ネットワークを介してデータ通信をするためのインターフェースである。 The network I/F 106 is an interface for data communication via a communication network such as the Internet.

 表示デバイス107は、各種画像を表示する液晶や有機EL(Electro Luminescence)などの表示手段の一種である。表示デバイス107の一例として、ディスプレイ等が挙げられる。 The display device 107 is a type of display means, such as a liquid crystal or organic EL (Electro Luminescence) device, that displays various images. An example of the display device 107 is a display.

 入力デバイス108は、各種指示の選択や実行、処理対象の選択、カーソルの移動などを行う入力手段の一種である。入力デバイス108の一例として、ポインティングデバイスが挙げられる。 The input device 108 is a type of input means for selecting and executing various instructions, selecting a processing target, moving a cursor, etc. An example of the input device 108 is a pointing device.

 メディアI/F109は、フラッシュメモリ等の記録メディア109mに対するデータの読み出し又は書き込み(記憶)を制御する。記録メディア109mには、DVDやBlu-ray Disc(登録商標)等も含まれる。 The media I/F 109 controls the reading and writing (storing) of data from and to a recording medium 109m such as a flash memory. Recording media 109m includes DVDs and Blu-ray Discs (registered trademarks).

 バスライン110は、図2に示されているCPU101等の各構成要素を電気的に接続するためのアドレスバスやデータバス等である。 The bus line 110 is an address bus, a data bus, etc., for electrically connecting each component such as the CPU 101 shown in FIG. 2.

 〔第1の実施形態に係る証明検証システムの機能構成〕
 続いて、図3及び図4を用いて、第1の実施形態に係る証明検証システム10の各端末(証明端末30a、検証端末50)の機能構成について説明する。 [Functional configuration of the proof verification system according to the first embodiment]
Next, the functional configuration of each terminal (the certification terminal 30a, the verification terminal 50) of the proof verification system 10 according to the first embodiment will be described with reference to FIG. 3 and FIG.

 <証明端末>
 図3は、第1の実施形態に係る証明端末の機能構成図である。なお、証明端末30aは、図1に示す証明端末30の一例である。 <Certification terminal>
3 is a functional configuration diagram of the certification terminal according to the first embodiment. Note that the certification terminal 30a is an example of the certification terminal 30 shown in FIG.

 図3に示すように、証明端末30aは、取得部31、コンパイラ32、論理式生成部35a、証明作成部36、及び出力部39を有している。これら各部は、証明端末30aにインストールされた1以上のプログラムを使用して、プロセッサとしてのCPU101が証明端末30aに実現させる機能である。 As shown in FIG. 3, the proof terminal 30a has an acquisition unit 31, a compiler 32, a logical formula generation unit 35a, a proof creation unit 36, and an output unit 39. Each of these units is a function that the CPU 101 as a processor causes the proof terminal 30a to realize using one or more programs installed in the proof terminal 30a.

 取得部31は、証明者(開発者)の操作により、プログラミング言語で書かれたソースコードs等を取得する。 The acquisition unit 31 acquires source code s written in a programming language through the operation of the prover (developer).

 コンパイラ32は、一般のコンパイラであり、ソースコードsを読み込んで解析し、コンピュータが直に実行可能な実行ファイル(バイナリ)bに変換する(生成する)。 The compiler 32 is a general compiler that reads and analyzes the source code s and converts (generates) it into an executable file (binary) b that can be directly executed by the computer.

 論理式生成部35aは、予め開発者に設定されている秘匿定義情報c、及び取得部31から取得したソースコードsに基づいて、検証論理式vを生成する。開発者は、高級言語のプログラムを作成中に秘匿定義情報も作成し、秘匿定義情報にて秘匿部分を指摘しておく。「秘匿定義情報」には、高級言語における所定の変数名(例えば「password」)は秘匿情報である旨が示されている。 The logical formula generation unit 35a generates a verification logical formula v based on confidential definition information c that is set in advance by the developer and the source code s acquired from the acquisition unit 31. The developer also creates confidential definition information while creating a program in a high-level language, and indicates confidential parts in the confidential definition information. The "confidential definition information" indicates that a specific variable name in the high-level language (e.g., "password") is confidential information.

 なお、検証論理式vの生成方法の一例に関しては、参考文献1に開示されている。
(参考文献1)対話型安全性証明つきプログラム配信方式における証明の秘匿とその応用, 塚田 恭章, 2005
 検証論理式vは、プログラム(実行ファイルb)を実行する直前及び直後に成立すべき条件(前条件、後条件)であり、プログラムの利用者が開発者に事前に提供している。検証論理式vが妥当な論理式である場合、「前条件が成立する状況で実行ファイルbを実行し計算が終了すると必ず後条件が成立するし、実行ファイルbの実行時には利用者が要求する安全性が満たされる」ことが数学的に保証される。 An example of a method for generating the verification logical formula v is disclosed in Reference 1.
(Reference 1) Proof-of-concealment in interactive program distribution with proven security and its applications, Yasuaki Tsukada, 2005
Verification formula v is a condition (pre-condition, post-condition) that must be satisfied immediately before and after the execution of a program (executable file b), and is provided in advance by the user of the program to the developer. If verification formula v is a valid formula, it is mathematically guaranteed that "when executable file b is executed in a situation where the pre-condition is satisfied and the calculation is completed, the post-condition will always be satisfied, and the safety required by the user will be met when executable file b is executed."

 参考文献1の論理式生成部は、検証論理式vを生成するために、コンパイラの機能のフロントエンド機能(ソースコードsのパース機能)とバックエンド機能(実行ファイルの作成機能)の両機能を有している。 The logical formula generation unit in Reference 1 has both the front-end functionality (the functionality of parsing source code s) and the back-end functionality (the functionality of creating an executable file) of the compiler in order to generate the verification logical formula v.

 これに対して、本実施形態の論理式生成部35aは、バックエンド機能を有しておらず又はバックエンド機能を有していても実行せず、フロントエンド機能を有している。これにより、論理式生成部35aは、コンパイルの途中過程で中間表現(LLVM-IR)までは生成し、この中間表現を用いて検証論理式vを生成する。これにより、各言語に共通する中間表現(LLVM-IR)を用いた検証論理式vを後工程の検証端末50に送ることで、ソフトウェアのサプライチェーンで多数の言語が使われている場合であっても、各言語に対応した解析の必要がなく、プログラムの形式検証を行う工数を抑制することができる。 In contrast, the logical formula generation unit 35a of this embodiment does not have a back-end function, or if it has a back-end function, it does not execute it, but has a front-end function. As a result, the logical formula generation unit 35a generates up to an intermediate representation (LLVM-IR) during the compilation process, and generates a verification logical formula v using this intermediate representation. As a result, by sending the verification logical formula v using the intermediate representation (LLVM-IR) common to each language to the verification terminal 50 in the subsequent process, even if multiple languages are used in the software supply chain, there is no need to perform analysis corresponding to each language, and the labor required for formal verification of the program can be reduced.

 証明作成部36は、上述の参考文献1に示されているように、検証論理式vに基づいて実行ファイルbが前条件及び後条件を満たすことを実証し、実行ファイルbの安全性を保証するための安全性証明pを作成する。 The proof creation unit 36, as shown in the above-mentioned reference 1, verifies that the executable file b satisfies the pre-condition and post-condition based on the verification logical formula v, and creates a safety proof p to guarantee the safety of the executable file b.

 出力部39は、コンパイラ32から実行ファイルbを取得し、証明作成部36から安全性証明pを取得し、論理式生成部35から検証論理式vを取得し、これら全てのデータを出力する。出力された各データは、インターネット等の通信ネットワークを介して、検証端末50に送信されてもよいし、DVD-ROM等の記録媒体に記録されて検証端末50まで送られてもよい。 The output unit 39 obtains the executable file b from the compiler 32, the security proof p from the proof creation unit 36, and the verification logical formula v from the logical formula generation unit 35, and outputs all of this data. Each output data may be transmitted to the verification terminal 50 via a communication network such as the Internet, or may be recorded on a recording medium such as a DVD-ROM and sent to the verification terminal 50.

 <検証端末>
 図4は、第1の実施形態に係る証明端末の機能構成図である。 <Verification terminal>
FIG. 4 is a functional configuration diagram of the certification terminal according to the first embodiment.

 図4に示すように、検証端末50は、取得部51、証明確認部56、及び実行部59を有している。これら各部は、検証端末50にインストールされた1以上のプログラムを使用して、プロセッサとしてのCPU101が検証端末50に実現させる機能である。 As shown in FIG. 4, the verification terminal 50 has an acquisition unit 51, a proof verification unit 56, and an execution unit 59. Each of these units is a function that the CPU 101 as a processor realizes in the verification terminal 50 using one or more programs installed in the verification terminal 50.

 取得部51は、検証者(利用者)の操作により、証明端末30から出力された上記各データを取得する。 The acquisition unit 51 acquires the above data output from the certification terminal 30 through the operation of the verifier (user).

 証明確認部56は、安全性証明pの存在を確認する。この場合、証明確認部56は、上記各データを用いて、証明作成部36と同様の処理を行うことで、安全性証明pの存在を確認する。具体的には、証明確認部56は、上記各データを用い、証明作成部36と同様に、検証論理式vに基づいて実行ファイルbが上記条件(前条件及び後条件)を満たすか否かを判断し、満たす場合には、証明端末30から取得した安全性証明pが確かに存在することを確認する。 The proof confirmation unit 56 confirms the existence of the safety proof p. In this case, the proof confirmation unit 56 confirms the existence of the safety proof p by performing the same processing as the proof creation unit 36 using each of the above data. Specifically, the proof confirmation unit 56 uses each of the above data to determine whether the executable file b satisfies the above conditions (pre-condition and post-condition) based on the verification logical formula v, just like the proof creation unit 36, and if it does, confirms that the safety proof p obtained from the certification terminal 30 certainly exists.

 実行部59は、証明確認部56により安全性証明pの存在が確認された場合には、取得部51から取得した実行ファイルbを実行する。 If the proof checking unit 56 confirms the existence of the security proof p, the execution unit 59 executes the executable file b acquired from the acquisition unit 51.

 〔第1の実施形態の処理又は動作〕
 続いて、図5及び図6を用いて、第1の実施形態の処理又は動作について説明する。図5は、第1の実施形態に係る証明検証システムの処理又は動作を示すシーケンス図である。図6は、第1の実施形態に係る検証端末の処理又は動作を示すフローチャートである。 [Processing or Operation of the First Embodiment]
Next, the processing or operation of the first embodiment will be described with reference to Fig. 5 and Fig. 6. Fig. 5 is a sequence diagram showing the processing or operation of the proof verification system according to the first embodiment. Fig. 6 is a flowchart showing the processing or operation of the verification terminal according to the first embodiment.

 S131:取得部31は、証明者(開発者)の操作により、プログラミング言語で書かれたソースコードsを取得する。 S131: The acquisition unit 31 acquires source code s written in a programming language through the operation of the prover (developer).

 S132:コンパイラ32は、ソースコードsを読み込んで実行ファイル(バイナリ)bを生成する。 S132: The compiler 32 reads the source code s and generates an executable file (binary) b.

 S133: 論理式生成部35aは、取得部31から取得したソースコードsに基づき、中間表現rを生成する。 S133: The logical expression generation unit 35a generates an intermediate representation r based on the source code s acquired from the acquisition unit 31.

 S134:論理式生成部35aは、中間表現r及び秘匿定義情報cに基づき、検証論理式vを生成する。 S134: The logical formula generation unit 35a generates a verification logical formula v based on the intermediate representation r and the confidential definition information c.

 S135:証明作成部36は、検証論理式vに基づいて実行ファイルbが前条件及び後条件を満たすことを実証し、実行ファイルbの安全性を保証するための安全性証明pを作成する。 S135: The proof creation unit 36 verifies that the executable file b satisfies the pre-condition and post-condition based on the verification logical formula v, and creates a safety proof p to guarantee the safety of the executable file b.

 S136:出力部39は、コンパイラ32から実行ファイルbを取得し、証明作成部36から安全性証明pを取得し、論理式生成部35から検証論理式vを取得し、各データを検証端末50に送信する。これにより、検証端末50の取得部51は、各データを取得する。 S136: The output unit 39 obtains the executable file b from the compiler 32, obtains the security proof p from the proof creation unit 36, and obtains the verification logical formula v from the logical formula generation unit 35, and transmits each data to the verification terminal 50. As a result, the acquisition unit 51 of the verification terminal 50 acquires each data.

 S151:図6に進み、検証端末50は、証明確認部56は、上記各データを用いて、証明作成部36と同様の処理を行うことで、安全性証明pの存在を確認する。 S151: Proceeding to FIG. 6, the verification terminal 50's proof checking unit 56 uses the above data to perform processing similar to that of the proof creation unit 36, thereby confirming the existence of the security proof p.

 S152:証明確認部56によって安全性証明pの存在を確認できた場合には(S151;True)、実行部59は実行ファイルを実行する。一方、証明確認部56によって安全性証明pの存在を確認できなかった場合には(S151;False)、実行ファイルの安全性が保証できないため、実行部59は実行ファイルを実行せずに、図6に示す処理が終了する。 S152: If the proof checking unit 56 is able to confirm the existence of the safety proof p (S151; True), the execution unit 59 executes the executable file. On the other hand, if the proof checking unit 56 is unable to confirm the existence of the safety proof p (S151; False), the safety of the executable file cannot be guaranteed, so the execution unit 59 does not execute the executable file, and the process shown in FIG. 6 ends.

 〔第1の実施形態の主な効果〕
 以上説明したように本実形態によれば、証明端末30aは、各言語に共通する中間表現(LLVM-IR)を用いた検証論理式vを後工程の検証端末50に送ることで、ソフトウェアのサプライチェーンで多数の言語が使われている場合であっても、各言語に対応した解析の必要がなく、プログラムの形式検証を行う工数を抑制することができる。 [Major Effects of the First Embodiment]
As described above, according to this embodiment, the certification terminal 30a sends the verification logical formula v using an intermediate representation (LLVM-IR) common to each language to the downstream verification terminal 50. This eliminates the need for analysis corresponding to each language, even when multiple languages are used in the software supply chain, and makes it possible to reduce the labor required for formal verification of a program.

 ●第2の実施形態
 続いて、図7及び図8を用いて、第2の実施形態について説明する。なお、第2の実施形態でも、図1に示すような全体構成を有する。証明端末30bは、図1に示す証明端末30の一例である。 Second embodiment Next, a second embodiment will be described with reference to Fig. 7 and Fig. 8. The second embodiment also has the overall configuration as shown in Fig. 1. The certification terminal 30b is an example of the certification terminal 30 shown in Fig. 1.

 まずは、第1の実施形態との差異の概略を説明する。第1の実施形態において、高級言語のソースコードsに「password」等の変数名の秘匿情報が含まれている場合、ソースコードsから生成された中間表現の状態では、人による可読が困難であるため、後工程の検証者が、実行ファイルbのどの部分が秘匿情報であるのかを確認することが困難である。第2の実施形態では、この課題を解決するため、中間表現における変数名(先頭からの順番「20」等)、及び変数名が秘匿情報である旨を示すラベルを生成する。以下に、詳細に説明する。 First, an overview of the differences from the first embodiment will be explained. In the first embodiment, if source code s in a high-level language contains confidential information in the name of a variable such as "password", the intermediate representation generated from the source code s is difficult for humans to read, making it difficult for a verifier in a later process to confirm which part of the executable file b is confidential information. To solve this problem, the second embodiment generates the variable name in the intermediate representation (the number from the beginning, such as "20") and a label indicating that the variable name is confidential information. A detailed explanation is provided below.

 〔第2の実施形態に係る証明検証システムの機能構成〕
 図7を用いて、第2の実施形態に係る証明検証システム10の証明端末30bの機能構成について説明する。 [Functional configuration of the proof verification system according to the second embodiment]
The functional configuration of the proof terminal 30b of the proof verification system 10 according to the second embodiment will be described with reference to FIG.

 <証明端末>
 図7は、第2の実施形態に係る証明端末の機能構成図である。図7に示すように、証明端末30bは、取得部31、コンパイラ32、ラベリング情報生成部34b、論理式生成部35b、証明作成部36、及び出力部39を有している。これら各部は、証明端末30bにインストールされた1以上のプログラムを使用して、プロセッサとしてのCPU101が証明端末30bに実現させる機能である。なお、ここでは、図3に示す第1の実施形態の機能構成のうち、同様の機能構成に関しては同じ符号を付して、その説明を省略する。 <Certification terminal>
Fig. 7 is a functional configuration diagram of a certification terminal according to the second embodiment. As shown in Fig. 7, the certification terminal 30b has an acquisition unit 31, a compiler 32, a labeling information generation unit 34b, a logical formula generation unit 35b, a proof creation unit 36, and an output unit 39. These units are functions that the CPU 101 as a processor realizes in the certification terminal 30b using one or more programs installed in the certification terminal 30b. Note that, here, the same reference numerals are used to designate the same functional configurations of the first embodiment shown in Fig. 3, and the description thereof will be omitted.

 ラベリング情報生成部34bは、論理式生成部35a,bと同様に、中間表現(LLVM-IR)を生成する機能を有している。ラベリング情報生成部34bは、高級言語内の変数名(例えば、「password」)が秘匿情報である旨を示している秘匿定義情報cに基づき、取得部31から取得したソースコードsを解析して、高級言語内の属性情報(変数名(例えば、「password」)、関数名、及びプログラムのファイル名)を引き継ぐ中間表現である補助情報aを生成する。 The labeling information generation unit 34b, like the logical formula generation units 35a and 35b, has the function of generating an intermediate representation (LLVM-IR). Based on confidential definition information c indicating that a variable name (e.g., "password") in a high-level language is confidential information, the labeling information generation unit 34b analyzes the source code s acquired from the acquisition unit 31, and generates auxiliary information a, which is an intermediate representation that inherits attribute information in the high-level language (variable name (e.g., "password"), function name, and program file name).

 また、ラベリング情報生成部34bは、補助情報aに基づき、ラベリング情報L2を生成する。ラベリング情報生成部34bは、高級言語上の所定の変数名(例えば、「password」)と中間表現r上の変数の先頭からの順番(例えば、「20」)の対応付けが行われた所定のツールを用いる。これにより、ラベリング情報生成部34bは、例えば、変数名「password」が秘匿情報であることを示す補助情報aと、変数名「password」が変数名「20(番目)」であることを示す所定のツールにより、変数名「20(番目)」とこれが秘匿情報である旨を示すラベルの組であるラベリング情報を生成することができる。 The labeling information generation unit 34b also generates labeling information L2 based on the auxiliary information a. The labeling information generation unit 34b uses a predetermined tool that associates a predetermined variable name in the high-level language (e.g., "password") with the order of the variables from the beginning in the intermediate representation r (e.g., "20"). This allows the labeling information generation unit 34b to generate labeling information that is a pair of the variable name "20th" and a label indicating that this is confidential information, using auxiliary information a indicating that the variable name "password" is confidential information and a predetermined tool indicating that the variable name "password" is variable name "20th".

 「ラベリング情報」には、中間表現rにおける所定の変数名とこの所定の変数に与えるラベルの組が含まれている。「ラベル」は、所定の変数名の部分は秘匿情報である旨を示す。 The "labeling information" includes a pair of a specific variable name in the intermediate representation r and a label to be assigned to this specific variable. The "label" indicates that the part of the specific variable name is confidential information.

 論理式生成部35bは、論理式生成部35aと同様に、取得部31から取得したソースコードsに基づき、中間表現rを生成する。 The logical expression generation unit 35b, like the logical expression generation unit 35a, generates an intermediate representation r based on the source code s acquired from the acquisition unit 31.

 また、論理式生成部35bは、生成した中間表現r、及びラベリング情報生成部34bによって生成されたラベリング情報L2((変数名(例えば、「20」)及びラベル(例えば、「秘匿情報である旨)の組)に基づいて、検証論理式vを生成する。検証論理式vの生成手法は、第1の実施形態と同様である。 The logical formula generation unit 35b generates a verification logical formula v based on the generated intermediate representation r and the labeling information L2 (a set of a variable name (e.g., "20") and a label (e.g., "confidential information")) generated by the labeling information generation unit 34b. The method of generating the verification logical formula v is the same as in the first embodiment.

 〔第2の実施形態の処理又は動作〕
 続いて、図8を用いて、第2の実施形態の処理又は動作について説明する。図8は、第2の実施形態に係る証明検証システムの処理又は動作を示すシーケンス図である。なお、第2の実施形態に係る検証端末50の処理又は動作は、第1実施形態と同様であるため、説明を省略する。 [Processing or Operation of the Second Embodiment]
Next, the process or operation of the second embodiment will be described with reference to Fig. 8. Fig. 8 is a sequence diagram showing the process or operation of the proof verification system according to the second embodiment. Note that the process or operation of the verification terminal 50 according to the second embodiment is the same as that of the first embodiment, and therefore the description thereof will be omitted.

 S231:取得部31は、証明者(開発者)の操作により、プログラミング言語で書かれたソースコードsを取得する。 S231: The acquisition unit 31 acquires source code s written in a programming language through the operation of the prover (developer).

 S232:コンパイラ32は、ソースコードsを読み込んで実行ファイル(バイナリ)bを生成する。 S232: The compiler 32 reads the source code s and generates an executable file (binary) b.

 S233: 論理式生成部35bは、取得部31から取得したソースコードsに基づき、中間表現rを生成する。 S233: The logical expression generation unit 35b generates an intermediate representation r based on the source code s acquired from the acquisition unit 31.

 S234:ラベリング情報生成部34bは、秘匿定義情報cに基づき、取得部31から取得したソースコードsを解析して、高級言語内の属性情報を引き継ぐ中間表現である補助情報aを生成する。 S234: The labeling information generating unit 34b analyzes the source code s acquired from the acquiring unit 31 based on the confidential definition information c, and generates auxiliary information a, which is an intermediate representation that inherits the attribute information in the high-level language.

 S235:ラベリング情報生成部34bは、補助情報aに基づき、ラベリング情報L2を生成する。 S235: The labeling information generation unit 34b generates labeling information L2 based on the auxiliary information a.

 S236:論理式生成部35bは、中間表現r及びラベリング情報L2に基づき、検証論理式vを生成する。 S236: The logical formula generation unit 35b generates a verification logical formula v based on the intermediate representation r and the labeling information L2.

 S237:証明作成部36は、検証論理式vに基づいて実行ファイルbが前条件及び後条件を満たすことを実証し、実行ファイルbの安全性を保証するための安全性証明pを作成する。 S237: The proof creation unit 36 verifies that the executable file b satisfies the pre-condition and post-condition based on the verification logical formula v, and creates a safety proof p to guarantee the safety of the executable file b.

 S238:出力部39は、コンパイラ32から実行ファイルbを取得し、証明作成部36から安全性証明pを取得し、論理式生成部35から検証論理式vを取得し、各データを検証端末50に送信する。これにより、検証端末50の取得部51は、各データを取得する。 S238: The output unit 39 obtains the executable file b from the compiler 32, obtains the security proof p from the proof creation unit 36, and obtains the verification logical formula v from the logical formula generation unit 35, and transmits each data to the verification terminal 50. As a result, the acquisition unit 51 of the verification terminal 50 obtains each data.

 〔第2の実施形態の主な効果〕
 以上説明したように本実施形態によれば、第1の実施形態の効果に加え、中間表現rにおける変数名(先頭からの順番「20」等)、及び変数名が秘匿情報である旨を示すラベルを生成する。これにより、高級言語のソースコードsに「password」等の変数名の秘匿情報が含まれている場合であっても、後工程の検証者が、実行ファイルbのどの部分が秘匿情報であるかを容易に確認することができるという効果を奏する。 [Major Effects of the Second Embodiment]
As described above, according to this embodiment, in addition to the effects of the first embodiment, variable names in the intermediate representation r (such as the sequence "20" from the beginning) and labels indicating that the variable names are confidential information are generated. This has the effect that even if confidential information in the variable names such as "password" is included in the source code s in a high-level language, a verifier in a later process can easily confirm which part of the executable file b is confidential information.

 ●第3の実施形態
 続いて、図9及び図10を用いて、第3の実施形態について説明する。なお、第3の実施形態でも、図1に示すような全体構成を有する。証明端末30cは、図1に示す証明端末30の一例である。 Third embodiment Next, a third embodiment will be described with reference to Fig. 9 and Fig. 10. The third embodiment also has the overall configuration as shown in Fig. 1. The certification terminal 30c is an example of the certification terminal 30 shown in Fig. 1.

 なお、第3の実施形態は、GitHub等を利用したオープンソースのサプライチェーンで行われる処理又は動作を想定している。Gitは、分散型バージョン管理システムを示し、各開発者に使われているツールである。GitHubとは、Gitの仕組みを利用して、世界中の人々が自分の作品(プログラムコードやデザインデータなど)を保存及び公開できるようにしたウェブサービスである。第3の実施形態は、例えば、オープンソースのサプライチェーンにおいて、開発者Bが、開発者Aによって開発されたプログラムを複製すると共に新たにプログラムを追加する状況を想定している。 The third embodiment assumes processing or operations performed in an open source supply chain using GitHub or the like. Git is a distributed version control system, and is a tool used by developers. GitHub is a web service that uses the Git mechanism to enable people all over the world to store and publish their own work (program code, design data, etc.). The third embodiment assumes a situation in which, for example, in an open source supply chain, developer B replicates a program developed by developer A and adds a new program.

 まずは、第2の実施形態との差異の概略を説明する。第2の実施形態において、開発者がGitHub等上に公開されているプログラムを少しだけ改変又は改造により変更した場合に、検証論理式vを全て生成し直すと、時間が掛かるか又は重複する検証論理式vを生成してしまう。そのため、開発者及び検証者の作業の効率が悪くなる。第3の実施形態では、この課題を解決するため、改変又は改造の前後で、検証論理式vの重複部分(共通部分)を変更しないで、新たな検証論理式vを生成する。例えば、改変又は改造後の検証論理式v2が、改変又は改造後の検証論理式v1を完全に包含している場合、検証論理式v1と検証論理式v2の2つを残さずに、検証論理式v2だけを残す。以下に、詳細に説明する。 First, an outline of the differences from the second embodiment will be explained. In the second embodiment, if a developer makes a small modification or alteration to a program published on GitHub or the like, regenerating all of the verification logical formulas v will take time or will result in the generation of duplicated verification logical formulas v. This reduces the efficiency of the work of the developer and verifier. In the third embodiment, to solve this problem, a new verification logical formula v is generated without changing the duplicated parts (common parts) of the verification logical formula v before and after the modification or alteration. For example, if the verification logical formula v2 after the modification or alteration completely contains the verification logical formula v1 after the modification or alteration, only the verification logical formula v2 is left, without leaving both the verification logical formula v1 and the verification logical formula v2. This will be explained in detail below.

 〔第3の実施形態に係る証明検証システムの機能構成〕
 図9を用いて、第3の実施形態に係る証明検証システム10の証明端末30cの機能構成について説明する。 [Functional configuration of the proof verification system according to the third embodiment]
The functional configuration of the proof terminal 30c of the proof verification system 10 according to the third embodiment will be described with reference to FIG.

 <証明端末>
 図9は、第3の実施形態に係る証明端末の機能構成図である。図9に示すように、証明端末30bは、取得部31、コンパイラ32、ラベリング情報生成部34c、論理式生成部35c、証明作成部36、及び出力部39を有している。これら各部は、証明端末30cにインストールされた1以上のプログラムを使用して、プロセッサとしてのCPU101が証明端末30cに実現させる機能である。ここでは、図7に示す第1及び第2の実施形態の機能構成のうち、同様の機能構成に関しては同じ符号を付して、その説明を省略する。なお、ラベリング情報生成部34c、論理式生成部35cは、それぞれ第2の実施形態における、ラベリング情報生成部34b、論理式生成部35bの変形例である。 <Certification terminal>
9 is a functional configuration diagram of the proof terminal according to the third embodiment. As shown in FIG. 9, the proof terminal 30b has an acquisition unit 31, a compiler 32, a labeling information generation unit 34c, a logical expression generation unit 35c, a proof creation unit 36, and an output unit 39. These units are functions that the CPU 101 as a processor realizes in the proof terminal 30c using one or more programs installed in the proof terminal 30c. Here, among the functional configurations of the first and second embodiments shown in FIG. 7, the same reference numerals are used for the similar functional configurations, and the description thereof is omitted. Note that the labeling information generation unit 34c and the logical expression generation unit 35c are modified versions of the labeling information generation unit 34b and the logical expression generation unit 35b in the second embodiment, respectively.

 ラベリング情報生成部34cは、基本的にラベリング情報生成部34bと同様の機能を含み、更に、他の端末から取得された補助情報a1及び自端末(証明端末30c)で生成した補助情報a2を結合して1つのファイルにし、結合後の補助情報a1,a2に基づき、ラベリング情報L3を生成する。補助情報a1は、取得部31によってGitHub等から取得された情報であり、他の開発者Aによる補助情報aの一例である。補助情報a2は、開発者Bの証明端末30cにおけるラベリング情報生成部34cが、ラベリング情報生成部34bと同様の手順で生成した補助情報aの一例である。各補助情報a1,a2には、属性情報(変数名(例えば、「password」)、関数名、及びプログラムのファイル名)が含まれているため、ラベリング情報生成部34cは、各補助情報a1,a2の属性情報に基づいて、補助情報a1と補助情報a2を結合する。 The labeling information generating unit 34c basically includes the same functions as the labeling information generating unit 34b, and further combines the auxiliary information a1 acquired from another terminal and the auxiliary information a2 generated by its own terminal (the certification terminal 30c) into one file, and generates the labeling information L3 based on the combined auxiliary information a1 and a2. The auxiliary information a1 is information acquired from GitHub or the like by the acquisition unit 31, and is an example of the auxiliary information a by another developer A. The auxiliary information a2 is an example of the auxiliary information a generated by the labeling information generating unit 34c in the certification terminal 30c of developer B in the same procedure as the labeling information generating unit 34b. Each piece of auxiliary information a1 and a2 includes attribute information (variable name (e.g., "password"), function name, and program file name), so the labeling information generating unit 34c combines the auxiliary information a1 and the auxiliary information a2 based on the attribute information of each piece of auxiliary information a1 and a2.

 論理式生成部35cは、基本的に論理式生成部35bと同様の機能を含み、更に、他の端末から取得された中間表現r1及び自端末(証明端末30c)で生成した中間表現r2を結合して1つのファイルにする。中間表現r1は、取得部31によってGitHub等から取得された情報であり、他の開発者Aによる中間表現rの一例である。中間表現r2は、開発者Bの証明端末30cにおける論理式生成部35cが、論理式生成部35bと同様の手順で生成した中間表現rの一例である。各中間表現r1,r2には、属性情報(変数名(例えば、「20」)、関数名、及びプログラムのファイル名)が含まれているため、ラベリング情報生成部34cは、各中間表現r1,r2の属性情報に基づいて、中間表現r1と中間表現r2を結合する。 The logical formula generation unit 35c basically includes the same functions as the logical formula generation unit 35b, and further combines the intermediate representation r1 acquired from another terminal and the intermediate representation r2 generated on its own terminal (the proof terminal 30c) into one file. The intermediate representation r1 is information acquired from GitHub or the like by the acquisition unit 31, and is an example of an intermediate representation r by another developer A. The intermediate representation r2 is an example of an intermediate representation r generated by the logical formula generation unit 35c in the proof terminal 30c of developer B in the same procedure as the logical formula generation unit 35b. Each intermediate representation r1, r2 includes attribute information (variable name (e.g., "20"), function name, and program file name), so the labeling information generation unit 34c combines the intermediate representation r1 and the intermediate representation r2 based on the attribute information of each intermediate representation r1, r2.

 また、論理式生成部35cは、結合後の中間表現r1,r2、及びラベリング情報生成部34cによって生成されたラベリング情報L3((変数名(例えば、「20」)及びラベル(例えば、「秘匿情報である旨)の組)に基づいて、検証論理式vを生成する。なお、この場合、プログラムの改変又は改造により、第2の実施形態よりも多くの変数名及びラベルの組が生成される場合がある。 The logical formula generation unit 35c generates a verification logical formula v based on the combined intermediate representations r1 and r2 and the labeling information L3 (a set of variable names (e.g., "20") and labels (e.g., "confidential information")) generated by the labeling information generation unit 34c. Note that in this case, due to program modification or alteration, more sets of variable names and labels may be generated than in the second embodiment.

 〔第3の実施形態の処理又は動作〕
 続いて、図10を用いて、第3の実施形態の処理又は動作について説明する。図10は、第3の実施形態に係る証明検証システムの処理又は動作を示すシーケンス図である。なお、第3の実施形態に係る検証端末50の処理又は動作は、第1実施形態と同様であるため、説明を省略する。また、中間表現r1は第1の中間表現の一例であり、中間表現r2は第2の中間表現の一例である。補助情報a1は第1の補助情報の一例であり、補助情報a2は第2の補助情報の一例である。更に、他の証明端末で用いられた秘匿定義情報は第1の秘匿定義情報の一例であり、証明端末30cで用いられた秘匿定義情報は第2の秘匿定義情報の一例である。 [Processing or Operation of the Third Embodiment]
Next, the processing or operation of the third embodiment will be described with reference to FIG. 10. FIG. 10 is a sequence diagram showing the processing or operation of the proof verification system according to the third embodiment. The processing or operation of the verification terminal 50 according to the third embodiment is similar to that of the first embodiment, and therefore the description will be omitted. Furthermore, the intermediate representation r1 is an example of the first intermediate representation, and the intermediate representation r2 is an example of the second intermediate representation. The auxiliary information a1 is an example of the first auxiliary information, and the auxiliary information a2 is an example of the second auxiliary information. Furthermore, the secret definition information used in the other certification terminals is an example of the first secret definition information, and the secret definition information used in the certification terminal 30c is an example of the second secret definition information.

 S331:取得部31は、証明者(開発者)の操作により、プログラミング言語で書かれたソースコードsを取得する。 S331: The acquisition unit 31 acquires source code s written in a programming language through the operation of the prover (developer).

 S332:コンパイラ32は、ソースコードsを読み込んで実行ファイル(バイナリ)bを生成する。 S332: The compiler 32 reads the source code s and generates an executable file (binary) b.

 S333:取得部31は、オープンソースのサプライチェーンにおけるGitHub等から、他の証明端末で生成された中間表現r1及び補助情報a1を取得する。中間表現r1及び補助情報a1は、それぞれ第2の実施形態における中間表現r及び補助情報aに相当する。 S333: The acquisition unit 31 acquires the intermediate representation r1 and auxiliary information a1 generated by another certification terminal from GitHub or the like in the open source supply chain. The intermediate representation r1 and auxiliary information a1 correspond to the intermediate representation r and auxiliary information a in the second embodiment, respectively.

 S334:論理式生成部35cは、取得部31から取得したソースコードsに基づき、中間表現r2を生成する。 S334: The logical expression generation unit 35c generates an intermediate representation r2 based on the source code s acquired from the acquisition unit 31.

 S335:論理式生成部35cは、取得部31から取得した中間表現r1、及び論理式生成部35cが生成した中間表現r2を結合して1つのファイルにする。 S335: The logical formula generation unit 35c combines the intermediate representation r1 acquired from the acquisition unit 31 and the intermediate representation r2 generated by the logical formula generation unit 35c into one file.

 S336:ラベリング情報生成部34cは、証明端末30cを使用する開発者が作成した秘匿定義情報c2に基づき、取得部31から取得したソースコードsを解析して、高級言語内の属性情報を引き継ぐ中間表現r2である補助情報a2を生成する。 S336: The labeling information generation unit 34c analyzes the source code s acquired from the acquisition unit 31 based on the confidential definition information c2 created by the developer using the certification terminal 30c, and generates auxiliary information a2, which is an intermediate representation r2 that inherits the attribute information in the high-level language.

 S337:ラベリング情報生成部34cは、取得部31から取得した補助情報a1、及びラベリング情報生成部34cが生成した補助情報a2を結合して1つのファイルにする。 S337: The labeling information generation unit 34c combines the auxiliary information a1 acquired from the acquisition unit 31 and the auxiliary information a2 generated by the labeling information generation unit 34c into one file.

 S338:ラベリング情報生成部34cは、結合後の補助情報a1,a2に基づき、ラベリング情報L3を生成する。 S338: The labeling information generation unit 34c generates labeling information L3 based on the combined auxiliary information a1 and a2.

 S339:論理式生成部35cは、結合後の中間表現r1,r2、及びラベリング情報L3に基づき、検証論理式vを生成する。 S339: The logical formula generation unit 35c generates a verification logical formula v based on the combined intermediate representations r1 and r2 and the labeling information L3.

 S340:証明作成部36は、検証論理式vに基づいて実行ファイルbが前条件及び後条件を満たすことを実証し、実行ファイルbの安全性を保証するための安全性証明pを作成する。 S340: The proof creation unit 36 verifies that the executable file b satisfies the pre-condition and post-condition based on the verification logical formula v, and creates a safety proof p to guarantee the safety of the executable file b.

 S341:出力部39は、コンパイラ32から実行ファイルbを取得し、証明作成部36から安全性証明pを取得し、論理式生成部35から検証論理式vを取得し、各データを検証端末50に送信する。これにより、検証端末50の取得部51は、各データを取得する。 S341: The output unit 39 obtains the executable file b from the compiler 32, obtains the security proof p from the proof creation unit 36, and obtains the verification logical formula v from the logical formula generation unit 35, and transmits each data to the verification terminal 50. As a result, the acquisition unit 51 of the verification terminal 50 acquires each data.

 〔第3の実施形態の主な効果〕
 以上説明したように本実形態によれば、第1及び第2の実施形態の効果に加え、開発者がGitHub等上に公開されているプログラムを少しだけ改変又は改造した場合に、改変又は改造の前後で、検証論理式vの重複部分(共通部分)を変更しないで、新たな検証論理式vを生成する。これにより、検証論理式のデータサイズを低減することができると共に、開発者及び検証者の作業の効率を高めることができるという効果を奏する。 [Major Effects of the Third Embodiment]
As described above, according to this embodiment, in addition to the effects of the first and second embodiments, when a developer slightly modifies or alters a program published on GitHub or the like, a new verification logical formula v is generated without changing the overlapping parts (common parts) of the verification logical formula v before and after the modification or alteration. This has the effect of reducing the data size of the verification logical formula and improving the work efficiency of the developer and verifier.

 〔補足〕
 本発明は上述の実施形態に限定されるものではなく、以下に示すような構成又は処理(動作)であってもよい。 〔supplement〕
The present invention is not limited to the above-described embodiment, and may have the following configurations or processes (operations).

 (1)上述の各プログラムを(非一時的な)記録媒体に記録することも、インターネット等のネットワークを通して提供することも可能である。 (1) Each of the above programs can be recorded on a (non-temporary) recording medium or provided via a network such as the Internet.

 (2)図2のCPU101は、単一であってもよく複数であってもよい。 (2) The CPU 101 in FIG. 2 may be a single CPU or multiple CPUs.

10 証明検証システム
30、30a、30b、30c 証明端末
31 取得部
32 コンパイラ
34b、34c ラベリング情報生成部
35a、35b、35c 論理式生成部
36 証明作成部
39 出力部
51 取得部
56 証明確認部
59 実行部 10 Proof verification system 30, 30a, 30b, 30c Proof terminal 31 Acquisition unit 32 Compiler 34b, 34c Labeling information generation unit 35a, 35b, 35c Logical formula generation unit 36 Proof creation unit 39 Output unit 51 Acquisition unit 56 Proof confirmation unit 59 Execution unit

Claims (4)

 高級言語のプログラムの安全性を証明する証明端末と、前記プログラムの安全性を検証する検証端末を有する証明検証システムであって、
 前記証明端末は、
 前記プログラムのソースコードに基づき実行ファイルを生成するコンパイラと、
 前記プログラムのソースコードに基づき中間表現を生成し、当該中間表現、及び前記高級言語における所定の変数名が秘匿情報である旨を示す秘匿が示されている秘匿定義情報に基づいて、前記プログラムの実行ファイルを実行する直前及び直後に成立すべき条件を示す検証論理式を生成する論理式生成部と、
 前記検証論理式に基づいて前記実行ファイルが前記条件を満たすことを実証し、前記実行ファイルの安全性を保証するための安全性証明を作成する証明作成部と、
 前記実行ファイル、前記検証論理式、及び前記安全性証明を出力する出力部と、
 を有し、
 前記検証端末は、
 前記検証論理式に基づいて前記実行ファイルが前記条件を満たす場合には、前記証明端末から取得した前記安全性証明が存在することを確認する証明確認部、
 を有する、
 証明検証システム。 A proof verification system having a proof terminal for proving the safety of a program written in a high-level language and a verification terminal for verifying the safety of the program,
The certification terminal is
A compiler that generates an executable file based on the source code of the program;
a logical expression generating unit that generates an intermediate representation based on a source code of the program, and generates a verification logical expression indicating a condition that should be satisfied immediately before and immediately after an executable file of the program is executed, based on the intermediate representation and confidential definition information indicating that a predetermined variable name in the high-level language is confidential information;
a proof creation unit that proves that the executable file satisfies the condition based on the verification logical formula and creates a safety proof to guarantee the safety of the executable file;
an output unit that outputs the executable file, the verification formula, and the security proof;
having
The verification terminal includes:
a proof confirmation unit that confirms that the safety proof obtained from the certification terminal exists if the executable file satisfies the condition based on the verification logical formula;
having
Proof verification system.  高級言語のプログラムの安全性を証明する証明端末と、前記プログラムの安全性を検証する検証端末を有する証明検証システムであって、
 前記証明端末は、
 前記高級言語のプログラムのソースコードに基づき実行ファイルを生成するコンパイラと、
 前記高級言語における所定の変数名が秘匿情報である旨を示す秘匿定義情報に基づいて中間表現である補助情報を生成し、当該補助情報に基づき、当該補助情報における変数名及び当該中間表現における変数名が前記秘匿情報である旨を示すラベルを含むラベリング情報を生成するラベリング情報生成部と、
 前記高級言語のプログラムのソースコードに基づき中間表現を生成し、当該高級言語の中間表現及び前記ラベリング情報に基づいて、前記プログラムの実行ファイルを実行する直前及び直後に成立すべき条件を示す検証論理式を生成する論理式生成部と、
 前記検証論理式に基づいて前記実行ファイルが前記条件を満たすことを実証し、前記実行ファイルの安全性を保証するための安全性証明を作成する証明作成部と、
 前記実行ファイル、前記検証論理式、及び前記安全性証明を出力する出力部と、
 を有し、
 前記検証端末は、
 前記検証論理式に基づいて前記実行ファイルが前記条件を満たす場合には、前記証明端末から取得した前記安全性証明が存在することを確認する証明確認部、
 を有する、
 証明検証システム。 A proof verification system having a proof terminal for proving the safety of a program written in a high-level language and a verification terminal for verifying the safety of the program,
The certification terminal is
a compiler for generating an executable file based on the source code of the program in the high-level language;
a labeling information generation unit that generates auxiliary information, which is an intermediate representation, based on confidential definition information indicating that a predetermined variable name in the high-level language is confidential information, and generates labeling information, based on the auxiliary information, including a variable name in the auxiliary information and a label indicating that the variable name in the intermediate representation is the confidential information;
a logical expression generating unit that generates an intermediate representation based on a source code of the program in the high-level language, and generates a verification logical expression indicating a condition that should be satisfied immediately before and immediately after an executable file of the program is executed, based on the intermediate representation in the high-level language and the labeling information;
a proof creation unit that proves that the executable file satisfies the condition based on the verification logical formula and creates a safety proof to guarantee the safety of the executable file;
an output unit that outputs the executable file, the verification formula, and the security proof;
having
The verification terminal includes:
a proof confirmation unit that confirms that the safety proof obtained from the certification terminal exists if the executable file satisfies the condition based on the verification logical formula;
having
Proof verification system.  高級言語のプログラムの安全性を証明する証明端末と、前記プログラムの安全性を検証する検証端末を有する証明検証システムであって、
 前記高級言語のプログラムの変更後のソースコードに基づき実行ファイルを生成するコンパイラと、
 変更前の前記高級言語における所定の変数名が秘匿情報である旨を示す第1の秘匿定義情報に基づいて他の証明端末によって生成された中間表現である第1の補助情報と、変更後の前記高級言語における所定の変数名が秘匿情報である旨を示す第2の秘匿定義情報に基づいて生成した中間表現である第2の補助情報とに基づき、当該第2の補助情報における変数名及び当該中間表現における変数名が前記秘匿情報である旨を示すラベルを含むラベリング情報を生成するラベリング情報生成部と、
 変更前の前記高級言語のプログラムのソースコードに基づいて前記他の証明端末によって生成された第1の中間表現、及び変更後の前記高級言語のプログラムのソースコードに基づいて生成した第2の中間表現、並びに前記ラベリング情報に基づいて、前記プログラムの実行ファイルを実行する直前及び直後に成立すべき条件を示す検証論理式を生成する論理式生成部と、
 前記検証論理式に基づいて前記実行ファイルが前記条件を満たすことを実証し、前記実行ファイルの安全性を保証するための安全性証明を作成する証明作成部と、
 前記実行ファイル、前記検証論理式、及び前記安全性証明を出力する出力部と、
 を有し、
 前記検証端末は、
 前記検証論理式に基づいて前記実行ファイルが前記条件を満たす場合には、前記証明端末から取得した前記安全性証明が存在することを確認する証明確認部
 を有する、
 証明検証システム。 A proof verification system having a proof terminal for proving the safety of a program written in a high-level language and a verification terminal for verifying the safety of the program,
a compiler for generating an executable file based on the modified source code of the high-level language program;
a labeling information generating unit that generates labeling information including a variable name in the second auxiliary information and a label indicating that the variable name in the intermediate representation is the confidential information, based on first auxiliary information, which is an intermediate representation generated by another certification terminal based on first confidential definition information indicating that a predetermined variable name in the high-level language before the change is confidential information, and second auxiliary information, which is an intermediate representation generated based on second confidential definition information indicating that a predetermined variable name in the high-level language after the change is confidential information;
a logical expression generating unit that generates a verification logical expression indicating a condition that should be satisfied immediately before and immediately after an executable file of the program is executed, based on a first intermediate representation generated by the other proving terminal based on a source code of the high-level language program before the change, a second intermediate representation generated based on the source code of the high-level language program after the change, and the labeling information;
a proof creation unit that proves that the executable file satisfies the condition based on the verification logical formula and creates a safety proof to guarantee the safety of the executable file;
an output unit that outputs the executable file, the verification formula, and the security proof;
having
The verification terminal includes:
a proof confirmation unit that confirms that the safety proof obtained from the certification terminal exists when the execution file satisfies the condition based on the verification logical formula.
Proof verification system.  高級言語のプログラムの安全性を証明する証明端末と、前記プログラムの安全性を検証する検証端末を有する証明検証システムが実行する証明検証方法であって、
 前記証明端末は、
 前記プログラムのソースコードに基づき実行ファイルを生成するコンパイル処理と、
 前記プログラムのソースコードに基づき中間表現を生成し、当該中間表現、及び前記高級言語における所定の変数名が秘匿情報である旨を示す秘匿が示されている秘匿定義情報に基づいて、前記プログラムの実行ファイルを実行する直前及び直後に成立すべき条件を示す検証論理式を生成する論理式生成処理と、
 前記検証論理式に基づいて前記実行ファイルが前記条件を満たすことを実証し、前記実行ファイルの安全性を保証するための安全性証明を作成する証明作成処理と、
 前記実行ファイル、前記検証論理式、及び前記安全性証明を出力する出力処理と、
 を実行し、
 前記検証端末は、
 前記検証論理式に基づいて前記実行ファイルが前記条件を満たす場合には、前記証明端末から取得した前記安全性証明が存在することを確認する証明確認処理、
 を実行する、
 証明検証方法。 A proof verification method executed by a proof verification system having a proof terminal for proving the safety of a program written in a high-level language and a verification terminal for verifying the safety of the program, comprising:
The certification terminal is
A compilation process for generating an executable file based on the source code of the program;
a logical expression generation process for generating an intermediate representation based on a source code of the program, and generating a verification logical expression indicating a condition that should be satisfied immediately before and immediately after an executable file of the program is executed, based on the intermediate representation and confidential definition information indicating confidentiality that indicates that a predetermined variable name in the high-level language is confidential information;
a proof creation process for proving that the executable file satisfies the condition based on the verification logical formula and creating a safety proof for guaranteeing the safety of the executable file;
an output process for outputting the executable file, the verification formula, and the security proof;
Run
The verification terminal includes:
a proof verification process for verifying that the safety proof obtained from the certification terminal exists if the executable file satisfies the condition based on the verification logical formula;
Execute
Proof verification method.
PCT/JP2023/026664 2023-07-20 2023-07-20 Proof verification system and proof verification method Pending WO2025017925A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP2023/026664 WO2025017925A1 (en) 2023-07-20 2023-07-20 Proof verification system and proof verification method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2023/026664 WO2025017925A1 (en) 2023-07-20 2023-07-20 Proof verification system and proof verification method

Publications (1)

Publication Number Publication Date
WO2025017925A1 true WO2025017925A1 (en) 2025-01-23

Family

ID=94282115

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2023/026664 Pending WO2025017925A1 (en) 2023-07-20 2023-07-20 Proof verification system and proof verification method

Country Status (1)

Country Link
WO (1) WO2025017925A1 (en)

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
CHRISTIAN SKALKA ; JOHN RING ; DAVID DARIAS ; MINSEOK KWON ; SAHIL GUPTA ; KYLE DILLER ; STEFFEN SMOLKA ; NATE FOSTER: "Proof-Carrying Network Code", CCS '19: PROCEEDINGS OF THE 2019 ACM SIGSAC CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, ACM, 2 PENN PLAZA, SUITE 701NEW YORKNY10121-0701USA, 6 November 2019 (2019-11-06) - 15 November 2019 (2019-11-15), 2 Penn Plaza, Suite 701New YorkNY10121-0701USA , pages 1115 - 1129, XP058443819, ISBN: 978-1-4503-6747-9, DOI: 10.1145/3319535.3363214 *
MATSUDA, REN ET AL.: "Security Assurance Against Unauthorized Communication of Network Devices Using Proof-Carrying Code", PROCEEDINGS OF THE IPSJ COMPUTER SECURITY SYMPOSIUM (CSS 2022); OCTOBER 24-27, 2022, vol. 2022, 17 October 2022 (2022-10-17) - 27 October 2022 (2022-10-27), pages 635 - 642, XP009561285 *
TSUKADA, YASUYUKI: "Proof Hiding in Interactive Proof-carrying Code and Its Applications", JOHO SHORI GAKKAI RONBUNSHI - TRANSACTIONS OF INFORMATION PROCESSING SOCIETY OF JAPAN., TOKYO., JP, vol. 46, no. 1, 15 January 2005 (2005-01-15), JP , pages 236 - 246, XP009560279, ISSN: 0387-5806 *

Similar Documents

Publication Publication Date Title
US8347277B2 (en) Verifying that binary object file has been generated from source files
US11409703B2 (en) File versions within content addressable storage
US11968088B1 (en) Artificial intelligence for intent-based networking
BR102016018127A2 (en) design method based on critical security software model
US8868976B2 (en) System-level testcase generation
CN107436794A (en) container image management system and method
US10380011B2 (en) Method, apparatus, and computer-readable medium for performing functional testing of software
JP2018151806A (en) Information processing apparatus, method for controlling information processing apparatus, and program
JP2024023911A5 (en) Information processing method, information processing system, and information processing program
JP6477553B2 (en) Program development support apparatus, program development support program, and program development support method
JP7672041B2 (en) Information processing method and information processing system
CN104035862A (en) Method and device for closure testing
WO2025017925A1 (en) Proof verification system and proof verification method
CN112445761B (en) File checking method and device and storage medium
CN110287089B (en) A Microkernel IPC Verification Method Based on Intermediate Format and SMT Technology
CA3221807A1 (en) Automated public certification of specifications and software
CN105637500A (en) Test web services using inherited test properties
CN112486460A (en) Method, system, device and medium for automatically importing interface documentation
RU2385485C1 (en) System and method of control over programs execution with help of binary applications tracing
JP6602511B2 (en) Program code generating apparatus and program code generating program
WO2025009034A1 (en) Certification verification system and certification verification method
Gordon Provable implementations of security protocols
CN114428956B (en) A file verification method, device and system based on extended attributes
US8209673B1 (en) SLI approval policy database
JP7553076B2 (en) Software verification method and software development system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 23945927

Country of ref document: EP

Kind code of ref document: A1