Leapfrog: certified equivalence for protocol parsers
| Authors |
|
|---|---|
| Publication date | 2022 |
| Host editors |
|
| Book title | PLDI '22 |
| Book subtitle | proceedings of the 43rd ACM SIGPLAN International Conference on Programming Language Design and Implementation : June 13-17, 2022, San DIego, CA, USA |
| ISBN (electronic) |
|
| Event | 43rd ACM SIGPLAN International Conference on Programming Language Design and Implementation |
| Pages (from-to) | 950-965 |
| Number of pages | 16 |
| Publisher | New York, NY: Association for Computing Machinery |
| Organisations |
|
| Abstract |
We present Leapfrog, a Coq-based framework for verifying equivalence of network protocol parsers. Our approach is based on an automata model of P4 parsers, and an algorithm for symbolically computing a compact representation of a bisimulation, using "leaps." Proofs are powered by a certified compilation chain from first-order entailments to low-level bitvector verification conditions, which are discharged using off-the-shelf SMT solvers. As a result, parser equivalence proofs in Leapfrog are fully automatic and push-button.
We mechanically prove the core metatheory that underpins our approach, including the key transformations and several optimizations. We evaluate Leapfrog on a range of practical case studies, all of which require minimal configuration and no manual proof. Our largest case study uses Leapfrog to perform translation validation for a third-party compiler from automata to hardware pipelines. Overall, Leapfrog represents a step towards a world where all parsers for critical network infrastructure are verified. It also suggests directions for follow-on efforts, such as verifying relational properties involving security. |
| Document type | Conference contribution |
| Language | English |
| Published at | https://doi.org/10.48550/arXiv.2205.08762 https://doi.org/10.1145/3519939.3523715 |
| Downloads |
2205.08762
(Accepted author manuscript)
|
| Permalink to this page | |
