completed and in this article I’m showing what we have proved and what that means for security. The seL4 microkernel: Correct! The basic idea goes back to the 1970s: since then people have been trying to formally verify operating systems [4,10]. It’s the obvious place to start when you are serious about meaningful assurance for critical systems. The idea for formal verification is that programs are just mathematics in the end. And if you want to show beyond doubt that something is true in mathematics, you prove it. If you want to be sure that the proof is right, you do it fully formally so that it can be machine-checked. It was clear early on that this is possible in principle, but enthusiasm ebbed off after an initial flurry of activity ar...
Abstract. In the context of the Verisoft XT project functional correctness of the microkernel of Pik...
Interactive theorem proving software is typically designed around a trusted proof-checking kernel, t...
As computer systems become increasingly mission-critical, used in life-critical situations, and reli...
Complete formal verification is the only known way to guar-antee that a system is free of programmin...
Hard, machine-supported formal verification of software is at a turning point. Recent years have see...
Abstract. In this talk, I will give an overview of the various formal verification projects around t...
We report on the formal, machine-checked verification of the seL4 microkernel from an abstract speci...
We present recent work on building and scaling trustworthy systems with formal, machine-checkable pr...
There is increasing pressure on providing a high degree of assurance of operation system’s security ...
Errors caused by the interaction of computer systems with the physical world are hard to mitigate bu...
The function of software used to be calculation; mechanising what was previously done by hand. Now i...
The design and implementation of an operating system kernel is described and justified. The kernel i...
Abstract. This paper gives a high-level introduction to the topic of formal, interactive, machine-ch...
This paper reviews the concepts and mechanisms used to improve security in general purpose operating...
AbstractPrimitives are basic means provided by a microkernel to implementors of operating system ser...
Abstract. In the context of the Verisoft XT project functional correctness of the microkernel of Pik...
Interactive theorem proving software is typically designed around a trusted proof-checking kernel, t...
As computer systems become increasingly mission-critical, used in life-critical situations, and reli...
Complete formal verification is the only known way to guar-antee that a system is free of programmin...
Hard, machine-supported formal verification of software is at a turning point. Recent years have see...
Abstract. In this talk, I will give an overview of the various formal verification projects around t...
We report on the formal, machine-checked verification of the seL4 microkernel from an abstract speci...
We present recent work on building and scaling trustworthy systems with formal, machine-checkable pr...
There is increasing pressure on providing a high degree of assurance of operation system’s security ...
Errors caused by the interaction of computer systems with the physical world are hard to mitigate bu...
The function of software used to be calculation; mechanising what was previously done by hand. Now i...
The design and implementation of an operating system kernel is described and justified. The kernel i...
Abstract. This paper gives a high-level introduction to the topic of formal, interactive, machine-ch...
This paper reviews the concepts and mechanisms used to improve security in general purpose operating...
AbstractPrimitives are basic means provided by a microkernel to implementors of operating system ser...
Abstract. In the context of the Verisoft XT project functional correctness of the microkernel of Pik...
Interactive theorem proving software is typically designed around a trusted proof-checking kernel, t...
As computer systems become increasingly mission-critical, used in life-critical situations, and reli...