{"id":"https://openalex.org/W7134955916","doi":"https://doi.org/10.1145/3779212.3790152","title":"Detecting Inconsistencies in Arm CCA's Formally Verified Specification","display_name":"Detecting Inconsistencies in Arm CCA's Formally Verified Specification","publication_year":2026,"publication_date":"2026-03-10","ids":{"openalex":"https://openalex.org/W7134955916","doi":"https://doi.org/10.1145/3779212.3790152"},"language":null,"primary_location":{"id":"doi:10.1145/3779212.3790152","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3779212.3790152","pdf_url":null,"source":null,"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 31st ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 2","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1145/3779212.3790152","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5128740746","display_name":"Changho Choi","orcid":null},"institutions":[{"id":"https://openalex.org/I2250650973","display_name":"Samsung (South Korea)","ror":"https://ror.org/04w3jy968","country_code":"KR","type":"company","lineage":["https://openalex.org/I2250650973"]}],"countries":["KR"],"is_corresponding":true,"raw_author_name":"Changho Choi","raw_affiliation_strings":["Samsung Research, Seoul, Republic of Korea"],"affiliations":[{"raw_affiliation_string":"Samsung Research, Seoul, Republic of Korea","institution_ids":["https://openalex.org/I2250650973"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5073972569","display_name":"Xiang Cheng","orcid":null},"institutions":[{"id":"https://openalex.org/I130701444","display_name":"Georgia Institute of Technology","ror":"https://ror.org/01zkghx44","country_code":"US","type":"education","lineage":["https://openalex.org/I130701444"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Xiang Cheng","raw_affiliation_strings":["Georgia Institute of Technology, Atlanta, GA, USA"],"affiliations":[{"raw_affiliation_string":"Georgia Institute of Technology, Atlanta, GA, USA","institution_ids":["https://openalex.org/I130701444"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5072170478","display_name":"Bokdeuk Jeong","orcid":null},"institutions":[{"id":"https://openalex.org/I2250650973","display_name":"Samsung (South Korea)","ror":"https://ror.org/04w3jy968","country_code":"KR","type":"company","lineage":["https://openalex.org/I2250650973"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Bokdeuk Jeong","raw_affiliation_strings":["Samsung Research, Seoul, Republic of Korea"],"affiliations":[{"raw_affiliation_string":"Samsung Research, Seoul, Republic of Korea","institution_ids":["https://openalex.org/I2250650973"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5128753707","display_name":"Taesoo Kim","orcid":null},"institutions":[{"id":"https://openalex.org/I130701444","display_name":"Georgia Institute of Technology","ror":"https://ror.org/01zkghx44","country_code":"US","type":"education","lineage":["https://openalex.org/I130701444"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Taesoo Kim","raw_affiliation_strings":["Samsung Research, Seoul, Republic of Korea and Georgia Institute of Technology, Atlanta, GA, USA"],"affiliations":[{"raw_affiliation_string":"Samsung Research, Seoul, Republic of Korea and Georgia Institute of Technology, Atlanta, GA, USA","institution_ids":["https://openalex.org/I130701444"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5128740746"],"corresponding_institution_ids":["https://openalex.org/I2250650973"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.93209212,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"583","last_page":"601"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.41449999809265137,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.41449999809265137,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10142","display_name":"Formal Methods in Verification","score":0.2240999937057495,"subfield":{"id":"https://openalex.org/subfields/1703","display_name":"Computational Theory and Mathematics"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10126","display_name":"Logic, programming, and type systems","score":0.07530000060796738,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/formal-specification","display_name":"Formal specification","score":0.6690999865531921},{"id":"https://openalex.org/keywords/scope","display_name":"Scope (computer science)","score":0.6680999994277954},{"id":"https://openalex.org/keywords/mathematical-proof","display_name":"Mathematical proof","score":0.5710999965667725},{"id":"https://openalex.org/keywords/semantics","display_name":"Semantics (computer science)","score":0.5626999735832214},{"id":"https://openalex.org/keywords/consistency","display_name":"Consistency (knowledge bases)","score":0.5564000010490417},{"id":"https://openalex.org/keywords/dependency","display_name":"Dependency (UML)","score":0.5372999906539917},{"id":"https://openalex.org/keywords/formal-methods","display_name":"Formal methods","score":0.5249000191688538},{"id":"https://openalex.org/keywords/formal-verification","display_name":"Formal verification","score":0.503000020980835},{"id":"https://openalex.org/keywords/completeness","display_name":"Completeness (order theory)","score":0.4530999958515167}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7947999835014343},{"id":"https://openalex.org/C116253237","wikidata":"https://www.wikidata.org/wiki/Q1437424","display_name":"Formal specification","level":2,"score":0.6690999865531921},{"id":"https://openalex.org/C2778012447","wikidata":"https://www.wikidata.org/wiki/Q1034415","display_name":"Scope (computer science)","level":2,"score":0.6680999994277954},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.6087999939918518},{"id":"https://openalex.org/C108710211","wikidata":"https://www.wikidata.org/wiki/Q11538","display_name":"Mathematical proof","level":2,"score":0.5710999965667725},{"id":"https://openalex.org/C184337299","wikidata":"https://www.wikidata.org/wiki/Q1437428","display_name":"Semantics (computer science)","level":2,"score":0.5626999735832214},{"id":"https://openalex.org/C2776436953","wikidata":"https://www.wikidata.org/wiki/Q5163215","display_name":"Consistency (knowledge bases)","level":2,"score":0.5564000010490417},{"id":"https://openalex.org/C19768560","wikidata":"https://www.wikidata.org/wiki/Q320727","display_name":"Dependency (UML)","level":2,"score":0.5372999906539917},{"id":"https://openalex.org/C75606506","wikidata":"https://www.wikidata.org/wiki/Q1049183","display_name":"Formal methods","level":2,"score":0.5249000191688538},{"id":"https://openalex.org/C111498074","wikidata":"https://www.wikidata.org/wiki/Q173326","display_name":"Formal verification","level":2,"score":0.503000020980835},{"id":"https://openalex.org/C17231256","wikidata":"https://www.wikidata.org/wiki/Q5156540","display_name":"Completeness (order theory)","level":2,"score":0.4530999958515167},{"id":"https://openalex.org/C48103436","wikidata":"https://www.wikidata.org/wiki/Q599031","display_name":"State (computer science)","level":2,"score":0.448199987411499},{"id":"https://openalex.org/C146499914","wikidata":"https://www.wikidata.org/wiki/Q5469969","display_name":"Formal semantics (linguistics)","level":2,"score":0.42640000581741333},{"id":"https://openalex.org/C201677973","wikidata":"https://www.wikidata.org/wiki/Q1209840","display_name":"Specification language","level":2,"score":0.3953999876976013},{"id":"https://openalex.org/C110251889","wikidata":"https://www.wikidata.org/wiki/Q1569697","display_name":"Model checking","level":2,"score":0.3905999958515167},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.3788999915122986},{"id":"https://openalex.org/C84651959","wikidata":"https://www.wikidata.org/wiki/Q17052506","display_name":"System requirements specification","level":2,"score":0.34779998660087585},{"id":"https://openalex.org/C39920170","wikidata":"https://www.wikidata.org/wiki/Q693083","display_name":"Soundness","level":2,"score":0.3463999927043915},{"id":"https://openalex.org/C117222624","wikidata":"https://www.wikidata.org/wiki/Q7575010","display_name":"Specification","level":2,"score":0.34380000829696655},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.32919999957084656},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.30720001459121704},{"id":"https://openalex.org/C145644426","wikidata":"https://www.wikidata.org/wiki/Q169411","display_name":"Unified Modeling Language","level":3,"score":0.29019999504089355},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.2825999855995178},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.2736000120639801},{"id":"https://openalex.org/C71745522","wikidata":"https://www.wikidata.org/wiki/Q2476929","display_name":"Confidentiality","level":2,"score":0.2669000029563904},{"id":"https://openalex.org/C2778562939","wikidata":"https://www.wikidata.org/wiki/Q1298791","display_name":"Synchronization (alternating current)","level":3,"score":0.2655999958515167},{"id":"https://openalex.org/C168065819","wikidata":"https://www.wikidata.org/wiki/Q845566","display_name":"Debugging","level":2,"score":0.25540000200271606},{"id":"https://openalex.org/C202973057","wikidata":"https://www.wikidata.org/wiki/Q7380130","display_name":"Runtime verification","level":3,"score":0.25029999017715454}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3779212.3790152","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3779212.3790152","pdf_url":null,"source":null,"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 31st ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 2","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3779212.3790152","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3779212.3790152","pdf_url":null,"source":null,"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 31st ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 2","raw_type":"proceedings-article"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.7508522868156433,"id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":15,"referenced_works":["https://openalex.org/W1988079752","https://openalex.org/W2023035194","https://openalex.org/W2060335091","https://openalex.org/W2073294836","https://openalex.org/W2073742357","https://openalex.org/W2096536569","https://openalex.org/W2136310957","https://openalex.org/W2603034903","https://openalex.org/W2899599233","https://openalex.org/W2981644358","https://openalex.org/W3205972330","https://openalex.org/W4387321107","https://openalex.org/W4390204325","https://openalex.org/W4404400628","https://openalex.org/W4414735727"],"related_works":[],"abstract_inverted_index":{"Formal":[0],"verification":[1],"offers":[2],"strong":[3],"guarantees":[4,12],"of":[5],"correctness,":[6,16],"robustness,":[7],"and":[8,17,24,72,83,112,132],"security.":[9],"However,":[10],"these":[11],"depend":[13],"on":[14,51],"specification":[15,36,56,65],"even":[18],"minor":[19],"flaws":[20,108],"can":[21],"invalidate":[22],"proofs":[23],"introduce":[25],"critical":[26],"vulnerabilities.":[27],"We":[28,86],"present":[29],"Scope,":[30],"an":[31],"automated":[32],"system":[33],"that":[34,49],"identifies":[35],"inconsistencies":[37,77],"by":[38,117,128],"combining":[39],"formal":[40],"modeling":[41],"with":[42],"rule-based":[43],"consistency":[44],"checking.":[45],"Unlike":[46],"traditional":[47],"approaches":[48],"rely":[50],"implementations,":[52],"Scope":[53,88,124],"treats":[54],"the":[55,58,64,90],"as":[57],"sole":[59],"ground":[60],"truth.":[61],"It":[62],"translates":[63],"into":[66],"a":[67],"machine-verifiable":[68],"model":[69],"using":[70],"Verus":[71],"SMT":[73],"solvers,":[74],"then":[75],"detects":[76],"in":[78,109],"success/failure":[79],"conditions,":[80],"dependency":[81],"rules,":[82],"state":[84,114],"transitions.":[85],"apply":[87],"to":[89,120,134],"Realm":[91],"Management":[92],"Monitor":[93],"(RMM)":[94],"specifications":[95],"for":[96],"Arm's":[97],"Confidential":[98],"Compute":[99],"Architecture":[100],"(CCA),":[101],"uncovering":[102],"35":[103],"previously":[104],"unknown":[105],"bugs\u2014including":[106],"security-critical":[107],"ABI":[110],"semantics":[111],"missing":[113],"transitions\u2014all":[115],"confirmed":[116],"Arm.":[118],"Compared":[119],"modern":[121],"LLM-based":[122],"tools,":[123],"improves":[125],"inconsistency-detection":[126],"precision":[127],"7x":[129],"over":[130,136],"GPT-o1":[131],"up":[133],"40\u00d7":[135],"leading":[137],"chat":[138],"models":[139],"(LLaMA":[140],"3.1,":[141],"GPT-4o,":[142],"Claude":[143],"3.7).":[144]},"counts_by_year":[],"updated_date":"2026-03-12T06:18:43.230356","created_date":"2026-03-12T00:00:00"}