We found a match
Your institution may have rights to this item. Sign in to continue.
- Title
Formal Verification Platform as a Service: WebAssembly Vulnerability Detection Application.
- Authors
LiangJun Deng; Hang Lei; Zheng Yang; WeiZhong Qian; XiaoYu Li; Hao Wu; Sihao Deng; RuChao Sha; WeiDong Deng
- Abstract
In order to realize a general-purpose automatic formal verification platform based on WebAssembly technology as a web service (FVPS), which aims to provide an automated report of vulnerability detections, this work builds a Hyperledger Fabric blockchain runtime model. It proposes an optimized methodology of the functional equivalent translation from source program languages to formal languages. This methodology utilizes an external application programming interface (API) table to replace the source codes in compilation, thereby pruning the part of housekeeping codes to ease code inflation. Code inflation is a significant metric in formal language translation. Namely, minor code inflation enhances verification scale and performance efficiency. It determines the efficiency of formal verification, involving launching, running, and memory usage. For instance, path explosion increases exponentially, resulting in out-of-memory. The experimental results conclude that program languages like golang severely impact code inflation. FVPS reduces the wasm code size by over 90%, achieving two orders of optimization magnitude, from 2000 kilobyte (KB) to 90 KB. That means we can cope with golang applications up to 20 times larger than the original in scale. This work eliminates the gap between Hyperledger Fabric smart contracts and WebAssembly. Our approach is pragmatic, adaptable, extendable, and flexible. Nowadays, FVPS is successfully applied in a Railway-Port-Aviation blockchain transportation system.
- Subjects
WEB services; APPLICATION program interfaces; BLOCKCHAINS; SOFTWARE verification; FORMAL languages
- Publication
Computer Systems Science & Engineering, 2023, Vol 45, Issue 2, p2155
- ISSN
0267-6192
- Publication type
Article
- DOI
10.32604/csse.2023.027680