Architecture specifications notionally define the fundamental interface between hardware and software: the envelope of allowed behaviour for processor implementations, and the basic assumptions for software development and verification. But in practice, they are typically prose and pseudocode documents, not rigorous or executable artifacts, leaving software and verification on shaky ground. In this paper, we present rigorous semantic models for the sequential behaviour of large parts of the mainstream ARMv8-A, RISC-V, and MIPS architectures, and the research CHERI-MIPS architecture, that are complete enough to boot operating systems, variously Linux, FreeBSD, or seL4. Our ARMv8-A models are automatically translated from authoritat...
In this paper, we formally verify security properties of the ARMv7 Instruction Set Architecture (ISA...
Despite all the effort spent in testing, analyzing, and formally verifying software, a program is ul...
Virtual memory is an essential mechanism for enforcing security boundaries, but its relaxed-memory c...
AbstractArchitecture specifications such as Armv8-A and RISC-V are the ultimate foundation for softw...
Copyright is held by the owner/author(s). In this paper we develop semantics for key aspects of the ...
Machine-readable specifications for the Armv8 instruction set architecture have become publicly avai...
This work was partly funded by the EPSRC Programme Grant REMS: Rigorous Engineering for Mainstream S...
International audienceIn this paper we develop semantics for key aspects of the ARMv8 multiprocessor...
AbstractComputing relies on architecture specifications to decouple hardware and software developmen...
International audienceComputing relies on architecture specifications to decouple hardware and softw...
For the verification of system software, information flow properties of the instruction set architec...
We propose a method to precisely model implementations of Instruction Set Architectures (ISA) using ...
Capability Hardware Enhanced RISC Instructions (CHERI) extend conventional ISAs with capabilities th...
Memory safety bugs continue to be a major source of security vulnerabilities in our critical infrast...
Weakly consistent multiprocessors such as ARM and IBM POWER have been with us for decades, but their...
In this paper, we formally verify security properties of the ARMv7 Instruction Set Architecture (ISA...
Despite all the effort spent in testing, analyzing, and formally verifying software, a program is ul...
Virtual memory is an essential mechanism for enforcing security boundaries, but its relaxed-memory c...
AbstractArchitecture specifications such as Armv8-A and RISC-V are the ultimate foundation for softw...
Copyright is held by the owner/author(s). In this paper we develop semantics for key aspects of the ...
Machine-readable specifications for the Armv8 instruction set architecture have become publicly avai...
This work was partly funded by the EPSRC Programme Grant REMS: Rigorous Engineering for Mainstream S...
International audienceIn this paper we develop semantics for key aspects of the ARMv8 multiprocessor...
AbstractComputing relies on architecture specifications to decouple hardware and software developmen...
International audienceComputing relies on architecture specifications to decouple hardware and softw...
For the verification of system software, information flow properties of the instruction set architec...
We propose a method to precisely model implementations of Instruction Set Architectures (ISA) using ...
Capability Hardware Enhanced RISC Instructions (CHERI) extend conventional ISAs with capabilities th...
Memory safety bugs continue to be a major source of security vulnerabilities in our critical infrast...
Weakly consistent multiprocessors such as ARM and IBM POWER have been with us for decades, but their...
In this paper, we formally verify security properties of the ARMv7 Instruction Set Architecture (ISA...
Despite all the effort spent in testing, analyzing, and formally verifying software, a program is ul...
Virtual memory is an essential mechanism for enforcing security boundaries, but its relaxed-memory c...