Skip to Main content Skip to Navigation
New interface

Proof-oriented domain-specific language design for high-assurance software

Abstract : Program verification consists in analyzing a computer program as a formal artifact in order to prove the absence of certain categories of bugs before execution. But to use a program verification framework, one has to first translate the original source code of the program to verify in the formal language of the framework. Moreover, one might use different verification frameworks to prove increasingly specialized properties about the program. To answer the need for multiple translations of the source program to various program verification frameworks with different proof paradigms, we advocate for the use of proof-oriented domain-specific languages. These domain-specific languages should act as a frontend to proof backends, with a language design that incorporates and distributes the proof obligations between provers. Moreover, the original program has often already been translated from informal domain-specific requirements that act as its specification. To close the top layer of the chain of trust, we claim that proof-oriented domain-specific language can help domain experts review the program specification at the base of formally verified implementation developments. This dissertation discusses the design and usefulness of proof-oriented domain-specific languages in five case studies. These case studies range from the domain of cryptographic implementations to legal expert systems, and often target real-world high-assurance software. Each of the case study gives its name to a chapter of this dissertation. LibSignal* is a verified implementation of the Signal cryptographic protocol for the Web. Hacspec is a domain-specific language for cryptographic specifications in Rust. Steel is a separation-logic-powered program verification framework for the F* proof assistant. Mlang is a compiler for a tax computation domain-specific language used by the French tax authority. Finally, Catala is a novel language for encoding legislative specifications into executable and analyzable artifacts.
Complete list of metadata
Contributor : ABES STAR :  Contact
Submitted on : Monday, March 28, 2022 - 4:26:07 PM
Last modification on : Friday, June 24, 2022 - 3:39:09 AM
Long-term archiving on: : Wednesday, June 29, 2022 - 8:41:18 PM


Version validated by the jury (STAR)


  • HAL Id : tel-03622012, version 1



Denis Merigoux. Proof-oriented domain-specific language design for high-assurance software. Programming Languages [cs.PL]. Université Paris sciences et lettres, 2021. English. ⟨NNT : 2021UPSLE006⟩. ⟨tel-03622012⟩



Record views


Files downloads