We report on the formal, machine-checked verification of the seL4 microkernel from an abstract specification down to its C implementation. We assume correctness of compiler, assembly code, hardware, and boot code. seL4 is a third-generation microkernel of L4 provenance, comprising 8700 lines of C and 600 lines of assembler. Its performance is comparable to other high-performance L4 kernels. We prove that the implementation always strictly follows our high-level abstract specification of kernel behavior. This encompasses traditional design and implementation safety properties such as that the kernel will never crash, and it will never perform an unsafe operation. It also implies much more: we can predict precisely how the kernel will behave ...
Abstract. Primitives are basic means provided by a microkernel to im-plementors of operating system ...
There is increasing pressure on providing a high degree of assurance of operation system’s security ...
ABSTRACT As computer systems become increasingly mission-critical, used in life-critical situations,...
Complete formal verification is the only known way to guar-antee that a system is free of programmin...
Abstract. In this talk, I will give an overview of the various formal verification projects around t...
The L4 microkernel has undergone 20 years of use and evolution. It has an active user and developer ...
completed and in this article I’m showing what we have proved and what that means for security. The ...
In the paper we examine one of the issues in designing, specifying, implementing and formally verify...
This paper presents the formal Isabelle/HOL framework we use to prove refinement between an executab...
We present recent work on building and scaling trustworthy systems with formal, machine-checkable pr...
AbstractPrimitives are basic means provided by a microkernel to implementors of operating system ser...
The safety and security of software systems depends on how they are initially configured. Manually w...
In the last ten years, we have been porting, maintaining, and evolving the world\u27s largest proof ...
Today's embedded systems are becoming increasingly complex. We are seeing many devices consolidate b...
As computer systems become increasingly mission-critical, used in life-critical situations, and reli...
Abstract. Primitives are basic means provided by a microkernel to im-plementors of operating system ...
There is increasing pressure on providing a high degree of assurance of operation system’s security ...
ABSTRACT As computer systems become increasingly mission-critical, used in life-critical situations,...
Complete formal verification is the only known way to guar-antee that a system is free of programmin...
Abstract. In this talk, I will give an overview of the various formal verification projects around t...
The L4 microkernel has undergone 20 years of use and evolution. It has an active user and developer ...
completed and in this article I’m showing what we have proved and what that means for security. The ...
In the paper we examine one of the issues in designing, specifying, implementing and formally verify...
This paper presents the formal Isabelle/HOL framework we use to prove refinement between an executab...
We present recent work on building and scaling trustworthy systems with formal, machine-checkable pr...
AbstractPrimitives are basic means provided by a microkernel to implementors of operating system ser...
The safety and security of software systems depends on how they are initially configured. Manually w...
In the last ten years, we have been porting, maintaining, and evolving the world\u27s largest proof ...
Today's embedded systems are becoming increasingly complex. We are seeing many devices consolidate b...
As computer systems become increasingly mission-critical, used in life-critical situations, and reli...
Abstract. Primitives are basic means provided by a microkernel to im-plementors of operating system ...
There is increasing pressure on providing a high degree of assurance of operation system’s security ...
ABSTRACT As computer systems become increasingly mission-critical, used in life-critical situations,...