{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,22]],"date-time":"2026-01-22T08:43:20Z","timestamp":1769071400691,"version":"3.49.0"},"publisher-location":"Cham","reference-count":29,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030908690","type":"print"},{"value":"9783030908706","type":"electronic"}],"license":[{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021]]},"DOI":"10.1007\/978-3-030-90870-6_3","type":"book-chapter","created":{"date-parts":[[2021,11,10]],"date-time":"2021-11-10T00:06:44Z","timestamp":1636502804000},"page":"43-60","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":5,"title":["Verifying Secure Speculation in Isabelle\/HOL"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-2703-0368","authenticated-orcid":false,"given":"Matt","family":"Griffin","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0446-3507","authenticated-orcid":false,"given":"Brijesh","family":"Dongol","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2021,11,10]]},"reference":[{"key":"3_CR1","doi-asserted-by":"publisher","unstructured":"Brumley, D., Jager, I., Avgerinos, T., Schwartz, E.J.: BAP: a binary analysis platform. In: Gopalakrishnan, G., Qadeer, S. (eds.) Computer Aided Verification, CAV 2011. LNCS, vol. 6806, pp. 463\u2013469. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-22110-1_37","DOI":"10.1007\/978-3-642-22110-1_37"},{"key":"3_CR2","unstructured":"Bulck, J.V., et al.: Foreshadow: extracting the keys to the Intel SGX kingdom with transient out-of-order execution. In: Enck, W., Felt, A.P. (eds.) USENIX Security Symposium, pp. 991\u20131008. USENIX Association (2018). https:\/\/www.usenix.org\/conference\/usenixsecurity18\/presentation\/bulck"},{"key":"3_CR3","doi-asserted-by":"crossref","unstructured":"Canella, C., et al.: Fallout: leaking data on meltdown-resistant CPUs. In: Cavallaro, L., Kinder, J., Wang, X., Katz, J. (eds.) CCS, pp. 769\u2013784. ACM (2019). https:\/\/doi.org\/10.1145\/3319535.3363219","DOI":"10.1145\/3319535.3363219"},{"key":"3_CR4","doi-asserted-by":"crossref","unstructured":"Cauligi, S., et al.: Constant-time foundations for the new spectre era. In: Donaldson, A.F., Torlak, E. (eds.) PLDI, pp. 913\u2013926. ACM (2020). https:\/\/doi.org\/10.1145\/3385412.3385970","DOI":"10.1145\/3385412.3385970"},{"key":"3_CR5","doi-asserted-by":"crossref","unstructured":"Cheang, K., Rasmussen, C., Seshia, S.A., Subramanyan, P.: A formal approach to secure speculation. In: CSF, pp. 288\u2013303. IEEE (2019). https:\/\/doi.org\/10.1109\/CSF.2019.00027","DOI":"10.1109\/CSF.2019.00027"},{"issue":"6","key":"3_CR6","doi-asserted-by":"publisher","first-page":"1157","DOI":"10.3233\/JCS-2009-0393","volume":"18","author":"MR Clarkson","year":"2010","unstructured":"Clarkson, M.R., Schneider, F.B.: Hyperproperties. J. Comput. Secur. 18(6), 1157\u20131210 (2010). https:\/\/doi.org\/10.3233\/JCS-2009-0393","journal-title":"J. Comput. Secur."},{"key":"3_CR7","doi-asserted-by":"publisher","unstructured":"Colvin, R.J., Winter, K.: An abstract semantics of speculative execution for reasoning about security vulnerabilities. In: Sekerinski, E., et al. (eds.) Formal Methods. FM 2019 International Workshops, FM 2019. LNCS, vol. 12233, pp. 323\u2013341. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-54997-8_21","DOI":"10.1007\/978-3-030-54997-8_21"},{"key":"3_CR8","doi-asserted-by":"crossref","unstructured":"Disselkoen, C., Jagadeesan, R., Jeffrey, A., Riely, J.: The code that never ran: modeling attacks on speculative evaluation. In: IEEE S and P, pp. 1238\u20131255. IEEE (2019). https:\/\/doi.org\/10.1109\/SP.2019.00047","DOI":"10.1109\/SP.2019.00047"},{"key":"3_CR9","doi-asserted-by":"crossref","unstructured":"Fadiheh, M.R., M\u00fcller, J., Brinkmann, R., Mitra, S., Stoffel, D., Kunz, W.: A formal approach for detecting vulnerabilities to transient execution attacks in out-of-order processors. In: IEEE DAC, pp. 1\u20136. IEEE (2020). https:\/\/doi.org\/10.1109\/DAC18072.2020.9218572","DOI":"10.1109\/DAC18072.2020.9218572"},{"key":"3_CR10","doi-asserted-by":"crossref","unstructured":"Griffin, M., Dongol, B.: Isabelle files for Verifying Secure Speculation in Isabelle\/HOL (2021). https:\/\/figshare.com\/s\/c185541c43a7cac258b6","DOI":"10.1007\/978-3-030-90870-6_3"},{"key":"3_CR11","doi-asserted-by":"crossref","unstructured":"Guanciale, R., Balliu, M., Dam, M.: Inspectre: breaking and fixing microarchitectural vulnerabilities by formal analysis. In: Ligatti, J., Ou, X., Katz, J., Vigna, G. (eds.) CCS, pp. 1853\u20131869. ACM (2020). https:\/\/doi.org\/10.1145\/3372297.3417246","DOI":"10.1145\/3372297.3417246"},{"key":"3_CR12","doi-asserted-by":"crossref","unstructured":"Guarnieri, M., K\u00f6pf, B., Morales, J.F., Reineke, J., S\u00e1nchez, A.: Spectector: principled detection of speculative information flows. In: 2020 IEEE Symposium on Security and Privacy, SP 2020, San Francisco, CA, USA, 18\u201321 May 2020, pp. 1\u201319. IEEE (2020). https:\/\/doi.org\/10.1109\/SP40000.2020.00011","DOI":"10.1109\/SP40000.2020.00011"},{"key":"3_CR13","unstructured":"Intel: Transient execution attacks and related security issues by CPU. Tech. rep., Intel (2019). https:\/\/software.intel.com\/security-software-guidance\/processors-affected-transient-execution-attack-mitigation-product-cpu-model Accessed 5 May 2021"},{"key":"3_CR14","unstructured":"Kaldewaij, A.: Programming - the Derivation of Algorithms. Prentice Hall International Series in Computer Science. Prentice Hall, Hoboken (1990)"},{"key":"3_CR15","doi-asserted-by":"crossref","unstructured":"Kiriansky, V., Lebedev, I.A., Amarasinghe, S.P., Devadas, S., Emer, J.S.: DAWG: a defense against cache timing attacks in speculative execution processors. In: MICRO, pp. 974\u2013987. IEEE Computer Society (2018). https:\/\/doi.org\/10.1109\/MICRO.2018.00083","DOI":"10.1109\/MICRO.2018.00083"},{"key":"3_CR16","doi-asserted-by":"crossref","unstructured":"Klein, G., et al.: seL4: formal verification of an OS kernel. In: Matthews, J.N., Anderson, T.E. (eds.) SOSP, pp. 207\u2013220. ACM (2009). https:\/\/doi.org\/10.1145\/1629575.1629596","DOI":"10.1145\/1629575.1629596"},{"key":"3_CR17","unstructured":"Kocher, P.: Spectre mitigations in microsoft\u2019s c\/c++ compiler (2018). https:\/\/www.paulkocher.com\/doc\/MicrosoftCompilerSpectreMitigation.html. Accessed 5 May 2021"},{"key":"3_CR18","doi-asserted-by":"crossref","unstructured":"Kocher, P., et al.: Spectre attacks: exploiting speculative execution. In: IEEE S and P, pp. 1\u201319. IEEE (2019). https:\/\/doi.org\/10.1109\/SP.2019.00002","DOI":"10.1109\/SP.2019.00002"},{"key":"3_CR19","unstructured":"Lipp, M., et al.: Meltdown: reading kernel memory from user space. In: Enck, W., Felt, A.P. (eds.) USENIX Security Symposium, pp. 973\u2013990. USENIX Association (2018). https:\/\/www.usenix.org\/conference\/usenixsecurity18\/presentation\/lipp"},{"issue":"1","key":"3_CR20","doi-asserted-by":"publisher","first-page":"37","DOI":"10.3233\/JCS-1992-1103","volume":"1","author":"J McLean","year":"1992","unstructured":"McLean, J.: Proving noninterference and functional correctness using traces. J. Comput. Secur. 1(1), 37\u201358 (1992). https:\/\/doi.org\/10.3233\/JCS-1992-1103","journal-title":"J. Comput. Secur."},{"key":"3_CR21","doi-asserted-by":"crossref","unstructured":"Prout, A., et al.: Measuring the impact of spectre and meltdown. In: IEEE HPEC, pp. 1\u20135. IEEE (2018). https:\/\/doi.org\/10.1109\/HPEC.2018.8547554","DOI":"10.1109\/HPEC.2018.8547554"},{"key":"3_CR22","unstructured":"Rasmussen, C.: Secure Speculation: From Vulnerability to Assurances with UCLID5. Master\u2019s Thesis, EECS Department, University of California, Berkeley, May 2019. http:\/\/www2.eecs.berkeley.edu\/Pubs\/TechRpts\/2019\/EECS-2019-95.html"},{"key":"3_CR23","doi-asserted-by":"crossref","unstructured":"Ren, X., Moody, L., Taram, M., Jordan, M., Tullsen, D.M., Venkat, A.: I see dead $$\\mu $$ops: leaking secrets via Intel\/AMD micro-op caches. In: ISCA (2021). https:\/\/www.cs.virginia.edu\/venkat\/papers\/isca2021a.pdf","DOI":"10.1109\/ISCA52012.2021.00036"},{"key":"3_CR24","doi-asserted-by":"crossref","unstructured":"Roscoe, A.W.: CSP and determinism in security modelling. In: IEEE S and P, pp. 114\u2013127. IEEE Computer Society (1995). https:\/\/doi.org\/10.1109\/SECPRI.1995.398927","DOI":"10.1109\/SECPRI.1995.398927"},{"key":"3_CR25","doi-asserted-by":"crossref","unstructured":"Seshia, S.A., Subramanyan, P.: UCLID5: integrating modeling, verification, synthesis and learning. In: MEMOCODE, pp. 1\u201310. IEEE (2018). https:\/\/doi.org\/10.1109\/MEMCOD.2018.8556946","DOI":"10.1109\/MEMCOD.2018.8556946"},{"key":"3_CR26","doi-asserted-by":"crossref","unstructured":"Taram, M., Venkat, A., Tullsen, D.M.: Context-sensitive fencing: securing speculative execution via microcode customization. In: Bahar, I., Herlihy, M., Witchel, E., Lebeck, A.R. (eds.) ASPLOS, pp. 395\u2013410. ACM (2019). https:\/\/doi.org\/10.1145\/3297858.3304060","DOI":"10.1145\/3297858.3304060"},{"issue":"3","key":"3_CR27","doi-asserted-by":"publisher","first-page":"84","DOI":"10.1109\/MM.2019.2910010","volume":"39","author":"C Trippel","year":"2019","unstructured":"Trippel, C., Lustig, D., Martonosi, M.: Security verification via automatic hardware-aware exploit synthesis: the checkmate approach. IEEE Micro 39(3), 84\u201393 (2019). https:\/\/doi.org\/10.1109\/MM.2019.2910010","journal-title":"IEEE Micro"},{"key":"3_CR28","doi-asserted-by":"crossref","unstructured":"Vassena, M., et al.: Automatically eliminating speculative leaks from cryptographic code with blade. In: Proceedings of the ACM Programming Language 5(POPL), 1\u201330 (2021). https:\/\/doi.org\/10.1145\/3434330","DOI":"10.1145\/3434330"},{"key":"3_CR29","doi-asserted-by":"crossref","unstructured":"Wang, G., Chattopadhyay, S., Biswas, A.K., Mitra, T., Roychoudhury, A.: Kleespectre: detecting information leakage through speculative cache attacks via symbolic execution. ACM Trans. Softw. Eng. Methodol. 29(3), 14:1\u201314:31 (2020). https:\/\/doi.org\/10.1145\/3385897","DOI":"10.1145\/3385897"}],"container-title":["Lecture Notes in Computer Science","Formal Methods"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-90870-6_3","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,1,14]],"date-time":"2023-01-14T20:11:51Z","timestamp":1673727111000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-90870-6_3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021]]},"ISBN":["9783030908690","9783030908706"],"references-count":29,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-90870-6_3","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021]]},"assertion":[{"value":"10 November 2021","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"FM","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Symposium on Formal Methods","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 November 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26 November 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"fm2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/formalmethods2021.csp.escience.cn\/dct\/page\/1","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"131","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"40","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"31% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"9","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Additionally, this includes 4 invited full papers.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}