Typically in a distributed computing environment, such as local area networks (LAN) and wide area networks (WAN), memory system integrity on a computing subsystem is a concern. A compromised memory system can be catastrophic to the entire distributed computing environment. The memory system can be compromised by, for example, an incoming data stream that represents an executable context, that contains errors.
In order to protect the integrity of the memory system on the computing subsystems, the subsystems typically include a verifier. The verifier is responsible for ensuring the integrity of the executable aspect of the data stream, prior to handing some degree of executing control over to the application contained with the incoming data streamon the computing subsystem. The verification by the verifier protects end users from malicious code. Malicious code may have been created by the source code author or be the result of a third party tampering with the code after it was distributed by the author. In general, the more design-time information there is associated with the code (ie. the closer the code is to the original source) the more verification there is that can be done to verify integrity. One option may be for the data stream to contain instructions in an intermediate language (IL) that is compiled from the source yet still needs further work prior to execution. In other words, the result of the compilation process is used by the code author to correct errors, whereas the result of the verification process is used by the end user to ensure system integrity.
Generally, the checks the verifier performs include a type system data flow analysis; that is, the verifier sees that every instruction in the IL system is type-consistent. Typically this check is performed by looking at the entire flow of control in the IL stream to make sure variable types, such as characters, integers, and real numbers, match. This process ensures that when a function is called by a subsystem, the variable types are correct and do not cause an error in the memory system. Typically, the verifier also looks at other properties, such as the metadata or executable file associated with the IL stream. This verifying process is memory and processor intensive. Therefore, improvements are desirable.