Remote incremental program verification using API definitions

US 20040153827A1
Filed: 09/12/2003
Published: 08/05/2004
Est. Priority Date: 04/28/2000
Status: Active Grant

First Claim

Patent Images

1. A method of operating a computer system, said method comprising:

providing a program in memory, the program including at least one program unit, each program unit comprising an Application Programming Interface (API) definition file and an implementation, each API definition file defining items in its associated program unit that are made accessible to one or more other program units, each implementation including executable code corresponding to said API definition file, said executable code including type specific instructions and data; and

performing a first verification including verifying said program prior to an installation of said program, said first verification including indicating a verification error when a first program unit implementation is not internally consistent;

indicating a verification error when said first program unit implementation is inconsistent with a first program unit API definition file associated with said first program unit implementation; and

generating a program fault signal when a verification error is indicated.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of operating a computer system includes providing a program in memory, verifying the program prior to an installation of the program and generating a program fault signal when the verification fails. The program includes at least one program unit, and each program unit includes an Application Programming Interface (API) definition file and an implementation. Each API definition file defines items in its associated program unit that are made accessible to one or more other program units and each implementation includes executable code corresponding to the API definition file. The executable code includes type specific instructions and data. Verification includes determining whether a first program unit implementation is internally consistent, determining whether the first program unit implementation is consistent with a first program unit API definition file associated with the first program unit implementation and generating a program fault signal when the verifying fails. A resource-constrained device includes a memory for providing a remotely verified application software program that includes at least one program unit, each program unit comprising type specific instructions and data. The resource-constrained device also includes a virtual machine that is capable of executing instructions included within the application software program. The remote verification uses an API definition file for each implementation to determine whether a first program unit implementation is internally consistent and to determine whether the first program unit implementation is consistent with a first program unit API definition file associated with the first program unit implementation.

Citations

27 Claims

1. A method of operating a computer system, said method comprising:
- providing a program in memory, the program including at least one program unit, each program unit comprising an Application Programming Interface (API) definition file and an implementation, each API definition file defining items in its associated program unit that are made accessible to one or more other program units, each implementation including executable code corresponding to said API definition file, said executable code including type specific instructions and data; and
  
  performing a first verification including verifying said program prior to an installation of said program, said first verification including indicating a verification error when a first program unit implementation is not internally consistent;
  
  indicating a verification error when said first program unit implementation is inconsistent with a first program unit API definition file associated with said first program unit implementation; and
  
  generating a program fault signal when a verification error is indicated.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, further comprising:
    - enabling execution of said program when said first verification results in the generation of no program fault signal; and
      
      preventing the execution of said program when said first verification results in the generation of a program fault signal.
  - 3. The method of claim 2, further comprising:
    - performing a second verification including verifying a second program unit that references said first program unit and makes no items available for one or more other program units, said second verification including indicating a verification error when the second program unit implementation is not internally consistent; and
      
      indicating a verification error when said second program unit implementation is inconsistent with said first program unit API definition file.
  - 4. The method of claim 3 wherein:
    - said first program unit includes at least one additional implementation; and
      
      said second verification includes determining whether said at least one additional implementation is consistent with said first program unit API definition file.
  - 5. The method of claim 2, further comprising:
    - performing a second verification including verifying a second program unit that references said first program unit, said second verification including indicating a verification error when the second program unit implementation is not internally consistent;
      
      indicating a verification error when said second program unit implementation is inconsistent with the second program unit API definition file; and
      
      indicating a verification error when said second program unit implementation is inconsistent with said first program unit API definition file.

6. A method of operating a computer system, said method comprising:
- providing a program in memory, the program including at least one program unit, each program unit comprising an Application Programming Interface (API) definition file and an implementation, each API definition file defining items in its associated program unit that are made accessible to one or more other program units, each implementation including executable code corresponding to said API definition file, said executable code including type specific instructions and data; and
  
  performing a first verification including verifying said program prior to execution of said program, said first verification including indicating a verification error when a program unit implementation is not internally consistent;
  
  indicating a verification error when a program unit implementation is inconsistent with its API definition file; and
  
  indicating a verification error when a program unit implementation is inconsistent with the API definition file of a program unit referenced by said program unit; and
  
  generating a program fault signal when a verification error is indicated.
- View Dependent Claims (7)
- - 7. The method of claim 6, further comprising:
    - performing a second verification including verifying said program after at least one program unit has been verified at least once, said second verification including indicating a verification error when a program unit implementation is not internally consistent;
      
      indicating a verification error when a program unit implementation is inconsistent with its API definition file; and
      
      indicating a verification error when a program unit implementation is inconsistent with the API definition file of each program unit referenced by said program unit.

8. A program storage device readable by a machine, embodying a program of instructions executable by the machine to perform program verification, comprising:
- providing a program in memory, the program including at least one program unit, each program unit comprising an Application Programming Interface (API) definition file and an implementation, each API definition file defining items in its associated program unit that are made accessible to one or more other program units, each implementation including executable code corresponding to said API definition file, said executable code including type specific instructions and data; and
  
  performing a first verification including verifying said program prior to an installation of said program, said first verification including indicating a verification error when a first program unit implementation is not internally consistent;
  
  indicating a verification error when said first program unit implementation is inconsistent with a first program unit API definition file associated with said first program unit implementation; and
  
  generating a program fault signal when a verification error is indicated.
- View Dependent Claims (9, 10, 11, 12)
- - 9. The program storage device of claim 8, further comprising:
    - enabling execution of said program when said first verification results in the generation of no program fault signal; and
      
      preventing the execution of said program when said first verification results in the generation of a program fault signal.
  - 10. The program storage device of claim 9, further comprising:
    - performing a second verification including verifying a second program unit that references said first program unit and makes no items available for one or more other program units, said second verification including indicating a verification error when the second program unit implementation is not internally consistent; and
      
      indicating a verification error when said second program unit implementation is inconsistent with said first program unit API definition file.
  - 11. The program storage device of claim 10 wherein:
    - said first program unit includes at least one additional implementation; and
      
      said second verification includes determining whether said at least one additional implementation is consistent with said first program unit API definition file.
  - 12. The program storage device of claim 9, further comprising:
    - performing a second verification including verifying a second program unit that references said first program unit, said second verification including indicating a verification error when the second program unit implementation is not internally consistent;
      
      indicating a verification error when said second program unit implementation is inconsistent with the second program unit API definition file; and
      
      indicating a verification error when said second program unit implementation is inconsistent with said first program unit API definition file.

13. A program storage device readable by a machine, embodying a program of instructions executable by the machine to perform program verification, comprising:
- providing a program in memory, the program including at least one program unit, each program unit comprising an Application Programming Interface (API) definition file and an implementation, each API definition file defining items in its associated program unit that are made accessible to one or more other program units, each implementation including executable code corresponding to said API definition file, said executable code including type specific instructions and data; and
  
  performing a first verification including verifying said program prior to execution of said program, said first verification including indicating a verification error when a program unit implementation is not internally consistent;
  
  indicating a verification error when a program unit implementation is inconsistent with its API definition file; and
  
  indicating a verification error when a program unit implementation is inconsistent with the API definition file of a program unit referenced by said program unit; and
  
  generating a program fault signal when a verification error is indicated.
- View Dependent Claims (14)
- - 14. The program storage device of claim 13, further comprising:
    - performing a second verification including verifying said program after at least one program unit has been verified at least once, said second verification including indicating a verification error when a program unit implementation is not internally consistent;
      
      indicating a verification error when a program unit implementation is inconsistent with its API definition file; and
      
      indicating a verification error when a program unit implementation is inconsistent with the API definition file of each program unit referenced by said program unit.

15. A system for executing a software application, the system comprising:
- a computing system that generates executable code, comprising means for providing a program in memory, the program including at least one program unit, each program unit comprising an Application Programming Interface (API) definition file and an implementation, each API definition file defining items in its associated program unit that are made accessible to one or more other program units, each implementation including executable code corresponding to said API definition file, said executable code including type specific instructions and data; and
  
  means for performing a first verification including verifying said program prior to an installation of said program, said means for performing a first verification including means for indicating a verification error when a first program unit implementation is not internally consistent;
  
  means for indicating a verification error when said first program unit implementation is inconsistent with a first program unit API definition file associated with said first program unit implementation; and
  
  means for generating a program fault signal when a verification error is indicated.
- View Dependent Claims (16, 17, 18, 19)
- - 16. The computing system of claim 15, further comprising:
    - means for enabling execution of said program when said first verification results in the generation of no program fault signal; and
      
      means for preventing the execution of said program when said first verification results in the generation of a program fault signal.
  - 17. The computing system of claim 16, further comprising:
    - means for performing a second verification including verifying a second program unit that references said first program unit and makes no items available for one or more other program units, said second verification including means for indicating a verification error when the second program unit implementation is not internally consistent; and
      
      means for indicating a verification error when said second program unit implementation is inconsistent with said first program unit API definition file.
  - 18. The computing system of claim 17 wherein:
    - said first program unit includes at least one additional implementation; and
      
      said means for performing a second verification includes a means for determining whether said at least one additional implementation is consistent with said first program unit API definition file.
  - 19. The computing system of claim 16, further comprising:
    - means for performing a second verification including verifying a second program unit that references said first program unit, said second verification including means for indicating a verification error when the second program unit implementation is not internally consistent;
      
      means for indicating a verification error when said second program unit implementation is inconsistent with the second program unit API definition file; and
      
      means for indicating a verification error when said second program unit implementation is inconsistent with said first program unit API definition file.

20. A system for executing a software application, the system comprising:
- a computing system that generates executable code, comprising means for providing a program in memory, the program including at least one program unit, each program unit comprising an Application Programming Interface (API) definition file and an implementation, each API definition file defining items in its associated program unit that are made accessible to one or more other program units, each implementation including executable code corresponding to said API definition file, said executable code including type specific instructions and data; and
  
  means for performing a first verification including verifying said program prior to execution of said program, said first verification including means for indicating a verification error when a program unit implementation is not internally consistent;
  
  means for indicating a verification error when a program unit implementation is inconsistent with its API definition file; and
  
  means for indicating a verification error when a program unit implementation is inconsistent with the API definition file of each program unit referenced by said program unit; and
  
  means for generating a program fault signal when a verification error is indicated.
- View Dependent Claims (21)
- - 21. The system of claim 20, further comprising:
    - means for performing a second verification including verifying said program after at least one program unit has been verified at least once, said second verification including means for indicating a verification error when a program unit implementation is not internally consistent;
      
      means for indicating a verification error when a program unit implementation is inconsistent with its API definition file; and
      
      means for indicating a verification error when a program unit implementation is inconsistent with the API definition file of each program unit referenced by said program unit.

22. A resource-constrained device, comprising:
- memory for providing a remotely verified application software program comprising at least one program unit, each program unit comprising type specific instructions and data, said remote verification utilizing an Application Programming Interface (API) definition file for each said implementation, each said API definition file defining items in its associated program unit that are made accessible to one or more other program units, said remote verification including indicating a verification error when a first program unit implementation is not internally consistent and indicating a verification error when said first program unit implementation is inconsistent with a first program unit API definition file associated with said first program unit implementation; and
  
  a virtual machine that is capable of executing instructions included within said application software program.
- View Dependent Claims (23, 24)
- - 23. The resource-constrained device of claim 22 wherein said resource-constrained device comprises a smart card.
  - 24. The resource-constrained device of claim 23 wherein said virtual machine is Java Card™
    - -compliant.

25. A resource-constrained device, comprising:
- memory for providing a remotely verified application software program comprising at least one program unit, each program unit comprising type specific instructions and data, said remote verification utilizing an Application Programming Interface (API) definition file for each said implementation, each said API definition file defining items in its associated program unit that are made accessible to one or more other program units, said remote verification including indicating a verification error when a first program unit implementation is not internally consistent, indicating a verification error when said first program unit implementation is inconsistent with a first program unit API definition file associated with said first program unit implementation and indicating a verification error when said first program unit is inconsistent with the API definition file of each program unit referenced by said first program unit; and
  
  a virtual machine that is capable of executing instructions included within said application software program.
- View Dependent Claims (26, 27)
- - 26. The resource-constrained device of claim 25 wherein said resource-constrained device comprises a smart card.
  - 27. The resource-constrained device of claim 26 wherein said virtual machine is Java Card™
    - -compliant.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle America, Inc. (Oracle Corporation)
Original Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Inventors
Schwabe, Judith E.

Granted Patent

US 7,231,635 B2
Time in Patent Office

Days
Field of Search
US Class Current

714/38
CPC Class Codes

G06F 9/44589 Program code verification, ...

Remote incremental program verification using API definitions

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

Remote incremental program verification using API definitions

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links