Published January 19, 2021
| Version v1
Conference paper
Open
Automated Synthesis of Verified Firewalls
Description
We demonstrate correct-by-construction firewalls—stateful packet filters for TCP/IP packets—using the Fiat synthesis library [3]. We present a general DSL for specifying their behavior independent of algorithmic implementation. We outline the design of a verified compiler in Coq, detail a few verified efficiency optimizations, and show how the compiler can easily be extended to support custom optimizations for user-defined policies.
Files
verified-firewalls.pdf
Files
(352.8 kB)
Name | Size | Download all |
---|---|---|
md5:d9a93578bde73e69df22a273eb33b5be
|
352.8 kB | Preview Download |