Automated Synthesis of Verified Firewalls

doi:10.5281/zenodo.4316324

Published January 19, 2021 | Version v1

Conference paper Open

Automated Synthesis of Verified Firewalls

1. MIT CSAIL

We demonstrate correct-by-construction firewalls—stateful packet filters for TCP/IP packets—using the Fiat synthesis library [3]. We present a general DSL for specifying their behavior independent of algorithmic implementation. We outline the design of a verified compiler in Coq, detail a few verified efficiency optimizations, and show how the compiler can easily be extended to support custom optimizations for user-defined policies.

Files

verified-firewalls.pdf

Files (352.8 kB)

Name	Size	Download all
verified-firewalls.pdf md5:d9a93578bde73e69df22a273eb33b5be	352.8 kB	Preview Download

Additional details

Is identical to: https://popl21.sigplan.org/details/CoqPL-2021-papers/5/Automated-Synthesis-of-Verified-Firewalls (URL)

Views

Downloads

Show more details

	All versions	This version
Views	70	70
Downloads	60	60
Data volume	22.2 MB	22.2 MB

More info on how stats are collected....

DOI

Resource type

Conference paper

Publisher

Zenodo

Conference

The Seventh International Workshop on Coq for Programming Languages (CoqPL) , 19 January 2021

Languages

English

Creative Commons Attribution 4.0 International

The Creative Commons Attribution license allows re-distribution and re-use of a licensed work on the condition that the creator is appropriately credited. Read more

Technical metadata

Created: December 14, 2020
Modified: December 15, 2020

Automated Synthesis of Verified Firewalls

Creators

Description

Files

verified-firewalls.pdf

Files (352.8 kB)

Additional details

Related works