核心概念
3DGEN, a framework that uses AI agents to assist in translating informal binary format specifications into provably correct executable parsers in a domain-specific language called 3D.
要約
The key points of the content are:
Improper parsing of attacker-controlled input is a leading source of software security vulnerabilities, especially when programmers transcribe informal format descriptions in RFCs into low-level, memory unsafe languages.
3DGEN is a framework that uses AI agents to transform mixed informal input, including natural language documents (i.e., RFCs) and example inputs, into format specifications in the 3D language.
3DGEN uses symbolic methods to synthesize test inputs that can be validated against an external oracle, to support humans in understanding and trusting the generated specifications.
Through a process of repeated refinement, 3DGEN produces a 3D specification that conforms to a test suite, and which yields safe, efficient, provably correct, parsing code in C.
Evaluation on 20 Internet standard formats demonstrates the potential for AI-agents to produce formally verified C code at a non-trivial scale, enabled by the use of a domain-specific language as an intermediate representation.
3DGEN integrates powerful, fully automated tools like symbolic test-case generation and differential analysis that are usually intractable for large, general-purpose languages.