Analysing Java's safety guarantees under concurrency

Andreas Lochbihler

doi:10.1515/itit-2013-1037

Article

Analysing Java's safety guarantees under concurrency

Andreas Lochbihler
Andreas Lochbihler is working as a post-doctoral researcher in the information security group at ETH Zurich. His research focuses on deriving machine-checked implementations from protocol specifications such that the security properties of the models are preserved. Andreas graduated in computer science from the University of Passau in 2006, after having studied there and at the University of Edinburgh. He received his doctorate from the Karlsruhe Institute of Technology in 2012. Before joining ETH, he was a member of Gregor Snelting's groups at the University of Passau and the Karlsruhe Institute of Technology working on programming languages and static program analysis.
Institute of Information Security, ETH Zurich, Universitätstrasse 6, CH-8092 Zurich, Switzerland, Tel.: +41-44-6328470, Fax: +41-44-6321172

Published/Copyright: March 31, 2014

Published by

Become an author with De Gruyter Brill

Submit Manuscript Author Information Explore this Subject

From the journal it – Information Technology Volume 56 Issue 2

Abstract

Two features distinguish Java from other main-stream programming languages like C and C++: its built-in support for concurrency and safety guarantees such as type safety or safe execution in a sandbox. In this work, we build a formal, unified model of Java concurrency, validate it empirically, and analyse it with respect to the safety guarantees using a proof assistant. We show that type safety and Java's data race freedom guarantee hold. Our analysis, however, revealed a weakness in the Java security architecture, because the Java memory model theoretically allows pointer forgery. As a result, this work clarifies the specification of the Java memory model.

Keywords: ACM CCS→Software and its engineering→Software notations and tools→Formal language definitions→Semantics; ACM CCS→Theory of computation→Semantics and reasoning→Program semantics→Operational semantics; ACM CCS→Computing methodologies→Concurrent computing methodologies→Concurrent programming languages; Java threads; operational semantics; type safety; data race freedom; compiler verification

About the author

Andreas Lochbihler

Andreas Lochbihler is working as a post-doctoral researcher in the information security group at ETH Zurich. His research focuses on deriving machine-checked implementations from protocol specifications such that the security properties of the models are preserved. Andreas graduated in computer science from the University of Passau in 2006, after having studied there and at the University of Edinburgh. He received his doctorate from the Karlsruhe Institute of Technology in 2012. Before joining ETH, he was a member of Gregor Snelting's groups at the University of Passau and the Karlsruhe Institute of Technology working on programming languages and static program analysis.

Institute of Information Security, ETH Zurich, Universitätstrasse 6, CH-8092 Zurich, Switzerland, Tel.: +41-44-6328470, Fax: +41-44-6321172

Received: 2013-10-29

Accepted: 2013-11-5

Published Online: 2014-3-31

Published in Print: 2014-4-28

You are currently not able to access this content.

Articles in the same Issue

https://doi.org/10.1515/itit-2013-1037

Keywords for this article

ACM CCS→Software and its engineering→Software notations and tools→Formal language definitions→Semantics; ACM CCS→Theory of computation→Semantics and reasoning→Program semantics→Operational semantics; ACM CCS→Computing methodologies→Concurrent computing methodologies→Concurrent programming languages; Java threads; operational semantics; type safety; data race freedom; compiler verification