Trustworthy Distributed Certification of Program Execution

IF 6.5 1区计算机科学 Q1 COMPUTER SCIENCE, SOFTWARE ENGINEERING

IEEE Transactions on Software Engineering Pub Date : 2025-02-13 DOI:10.1109/TSE.2025.3541810

Alex Wolf;Marco Edoardo Palma;Pasquale Salza;Harald C. Gall

{"title":"Trustworthy Distributed Certification of Program Execution","authors":"Alex Wolf;Marco Edoardo Palma;Pasquale Salza;Harald C. Gall","doi":"10.1109/TSE.2025.3541810","DOIUrl":null,"url":null,"abstract":"Verifying the execution of a program is complicated and often limited by the inability to validate the code's correctness. It is a crucial aspect of scientific research, where it is needed to ensure the reproducibility and validity of experimental results. Similarly, in customer software testing, it is difficult for customers to verify that their specific program version was tested or executed at all. Existing state-of-the-art solutions, such as hardware-based approaches, constraint solvers, and verifiable computation systems, do not provide definitive proof of execution, which hinders reliable testing and analysis of program results. In this paper, we propose an innovative approach that combines a prototype programming language called Mona with a certification protocol OCCP to enable the distributed and decentralized re-execution of program segments. Our protocol allows for certification of program segments in a distributed, immutable, and trustworthy system without the need for naive re-execution, resulting in significant improvements in terms of time and computational resources used. We also explore the use of blockchain technology to manage the protocol workflow following other approaches in this space. Our approach offers a promising solution to the challenges of program execution verification and opens up opportunities for further research and development in this area. Our findings demonstrate the efficiency of our approach in reducing the number of program executions by up to 20-fold, while maintaining resilience against various malicious attacks compared to existing state-of-the-art methods, thus improving the efficiency of certifying program executions. Additionally, our approach handles up to 40% malicious workers effectively, showcasing resilience in detecting and mitigating malicious behavior. In the <small>EquivalentRegistersAttack</small> scenario, it successfully identifies divergent executions even when register values and results appear identical. Moreover, our findings highlight improvements in time and gas efficiency for longer-running problems (scaled with a multiplier of <inline-formula><tex-math>$1{,}000$</tex-math></inline-formula>) compared to baseline methods. Specifically, adopting an informed step size reduces execution time by up to 43-fold and gas costs by up to 12-fold compared to the baseline. Similarly, the informed step size approach reduces execution time by up to 6-fold and gas costs by up to 26-fold compared to a non-informed variation using a step size of <inline-formula><tex-math>$1{,}000$</tex-math></inline-formula>.","PeriodicalId":13324,"journal":{"name":"IEEE Transactions on Software Engineering","volume":"51 4","pages":"1134-1152"},"PeriodicalIF":6.5000,"publicationDate":"2025-02-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Software Engineering","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10884710/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}

引用次数: 0

Abstract

Verifying the execution of a program is complicated and often limited by the inability to validate the code's correctness. It is a crucial aspect of scientific research, where it is needed to ensure the reproducibility and validity of experimental results. Similarly, in customer software testing, it is difficult for customers to verify that their specific program version was tested or executed at all. Existing state-of-the-art solutions, such as hardware-based approaches, constraint solvers, and verifiable computation systems, do not provide definitive proof of execution, which hinders reliable testing and analysis of program results. In this paper, we propose an innovative approach that combines a prototype programming language called Mona with a certification protocol OCCP to enable the distributed and decentralized re-execution of program segments. Our protocol allows for certification of program segments in a distributed, immutable, and trustworthy system without the need for naive re-execution, resulting in significant improvements in terms of time and computational resources used. We also explore the use of blockchain technology to manage the protocol workflow following other approaches in this space. Our approach offers a promising solution to the challenges of program execution verification and opens up opportunities for further research and development in this area. Our findings demonstrate the efficiency of our approach in reducing the number of program executions by up to 20-fold, while maintaining resilience against various malicious attacks compared to existing state-of-the-art methods, thus improving the efficiency of certifying program executions. Additionally, our approach handles up to 40% malicious workers effectively, showcasing resilience in detecting and mitigating malicious behavior. In the EquivalentRegistersAttack scenario, it successfully identifies divergent executions even when register values and results appear identical. Moreover, our findings highlight improvements in time and gas efficiency for longer-running problems (scaled with a multiplier of

$1{,}000$

) compared to baseline methods. Specifically, adopting an informed step size reduces execution time by up to 43-fold and gas costs by up to 12-fold compared to the baseline. Similarly, the informed step size approach reduces execution time by up to 6-fold and gas costs by up to 26-fold compared to a non-informed variation using a step size of

$1{,}000$

查看原文本刊更多论文

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Transactions on Software Engineering 工程技术-工程：电子与电气

CiteScore

9.70

自引率

10.80%

发文量

724

审稿时长

6 months

期刊介绍： IEEE Transactions on Software Engineering seeks contributions comprising well-defined theoretical results and empirical studies with potential impacts on software construction, analysis, or management. The scope of this Transactions extends from fundamental mechanisms to the development of principles and their application in specific environments. Specific topic areas include: a) Development and maintenance methods and models: Techniques and principles for specifying, designing, and implementing software systems, encompassing notations and process models. b) Assessment methods: Software tests, validation, reliability models, test and diagnosis procedures, software redundancy, design for error control, and measurements and evaluation of process and product aspects. c) Software project management: Productivity factors, cost models, schedule and organizational issues, and standards. d) Tools and environments: Specific tools, integrated tool environments, associated architectures, databases, and parallel and distributed processing issues. e) System issues: Hardware-software trade-offs. f) State-of-the-art surveys: Syntheses and comprehensive reviews of the historical development within specific areas of interest.