In the last ten years, we have been porting, maintaining, and evolving the world\u27s largest proof base, the formal proof in Isabelle/HOL of the seL4 microkernel. But actually, there is no such thing as "the seL4 proof"; there are a number of proofs (functional correctness, binary translation validation, integrity and confidentiality proofs, etc) about a number of instances of seL4 (depending on the hardware platform it runs on, the features it includes, the extensions it supports). We will give an overview of the current state of these proofs, and, importantly, the challenges we face in keeping to maintain, evolve and extend them, and the processes we have put in place to manage their dependence on the evolving implementation
Modern programming languages offer a lot of guarantees (no or few memory leaks, safe parallel progra...
This book is two books. Part I is a practical introduction to working with the Isabelle proof assist...
If testing can reveal errors in computer programs, only formal verification can guarantee their abse...
Abstract. In this talk, I will give an overview of the various formal verification projects around t...
We report on the formal, machine-checked verification of the seL4 microkernel from an abstract speci...
Complete formal verification is the only known way to guar-antee that a system is free of programmin...
This paper presents the formal Isabelle/HOL framework we use to prove refinement between an executab...
The safety and security of software systems depends on how they are initially configured. Manually w...
We present recent work on building and scaling trustworthy systems with formal, machine-checkable pr...
The L4 microkernel has undergone 20 years of use and evolution. It has an active user and developer ...
Abstract. We present a scalable, practical Hoare Logic and refinement calculus for the nondeterminis...
completed and in this article I’m showing what we have proved and what that means for security. The ...
Security modeling is the foundation to formal verification which is a core requirement for high ass...
Context: Recent projects such as L4.verified (the verification of the seL4 microkernel) have demonst...
Abstract. One way to reduce the cost of formally verifying a large program is to perform proofs over...
Modern programming languages offer a lot of guarantees (no or few memory leaks, safe parallel progra...
This book is two books. Part I is a practical introduction to working with the Isabelle proof assist...
If testing can reveal errors in computer programs, only formal verification can guarantee their abse...
Abstract. In this talk, I will give an overview of the various formal verification projects around t...
We report on the formal, machine-checked verification of the seL4 microkernel from an abstract speci...
Complete formal verification is the only known way to guar-antee that a system is free of programmin...
This paper presents the formal Isabelle/HOL framework we use to prove refinement between an executab...
The safety and security of software systems depends on how they are initially configured. Manually w...
We present recent work on building and scaling trustworthy systems with formal, machine-checkable pr...
The L4 microkernel has undergone 20 years of use and evolution. It has an active user and developer ...
Abstract. We present a scalable, practical Hoare Logic and refinement calculus for the nondeterminis...
completed and in this article I’m showing what we have proved and what that means for security. The ...
Security modeling is the foundation to formal verification which is a core requirement for high ass...
Context: Recent projects such as L4.verified (the verification of the seL4 microkernel) have demonst...
Abstract. One way to reduce the cost of formally verifying a large program is to perform proofs over...
Modern programming languages offer a lot of guarantees (no or few memory leaks, safe parallel progra...
This book is two books. Part I is a practical introduction to working with the Isabelle proof assist...
If testing can reveal errors in computer programs, only formal verification can guarantee their abse...