This paper presents the formal Isabelle/HOL framework we use to prove refinement between an executable, monadic specification and the C implementation of the seL4 microkernel. We describe the refinement framework itself, the automated tactics it supports, and the connection to our previous C verification framework. We also report on our experience in applying the framework to seL4. The characteristics of this microkernel verification are the size of the target (8, 700 lines of C code), the treatment of low-level programming constructs, the focus on high performance, and the large subset of the C programming language addressed, which includes pointer arithmetic and type-unsafe code
This paper examines a novel strategy for developing correctness proofs in interactive software verif...
AbstractStructured types, such as C's arrays and structs, present additional challenges in pointer p...
Abstract: Functional verification of low-level code requires abstractions over the memory model to b...
Systems code is almost universally written in the C programming language or a variant. C has a very ...
Systems code is almost universally written in the C programming language or a variant. C has a very ...
Abstract. Before low-level imperative code can be reasoned about in an interactive theorem prover, i...
Complete formal verification is the only known way to guar-antee that a system is free of programmin...
Abstract. In this talk, I will give an overview of the various formal verification projects around t...
We report on the formal, machine-checked verification of the seL4 microkernel from an abstract speci...
We present an approach for automatically generating provably correct abstractions from C source code...
Before software can be formally reasoned about, it must first be represented in some form of logic. ...
Abstract. We present a scalable, practical Hoare Logic and refinement calculus for the nondeterminis...
The safety and security of software systems depends on how they are initially configured. Manually w...
We present a formal model of memory that both captures the lowlevel features of C’s pointers and mem...
Formal verification is a promising technique to ensure the reliability of low-level programs like op...
This paper examines a novel strategy for developing correctness proofs in interactive software verif...
AbstractStructured types, such as C's arrays and structs, present additional challenges in pointer p...
Abstract: Functional verification of low-level code requires abstractions over the memory model to b...
Systems code is almost universally written in the C programming language or a variant. C has a very ...
Systems code is almost universally written in the C programming language or a variant. C has a very ...
Abstract. Before low-level imperative code can be reasoned about in an interactive theorem prover, i...
Complete formal verification is the only known way to guar-antee that a system is free of programmin...
Abstract. In this talk, I will give an overview of the various formal verification projects around t...
We report on the formal, machine-checked verification of the seL4 microkernel from an abstract speci...
We present an approach for automatically generating provably correct abstractions from C source code...
Before software can be formally reasoned about, it must first be represented in some form of logic. ...
Abstract. We present a scalable, practical Hoare Logic and refinement calculus for the nondeterminis...
The safety and security of software systems depends on how they are initially configured. Manually w...
We present a formal model of memory that both captures the lowlevel features of C’s pointers and mem...
Formal verification is a promising technique to ensure the reliability of low-level programs like op...
This paper examines a novel strategy for developing correctness proofs in interactive software verif...
AbstractStructured types, such as C's arrays and structs, present additional challenges in pointer p...
Abstract: Functional verification of low-level code requires abstractions over the memory model to b...