Pip-MPU is a minimalist separation kernel for constrained devices (scarce memory and power resources). In this work, we demonstrate high-assurance of Pip-MPU’s isolation property through formal verification. Pip-MPU offers user-defined on-demand multiple isolation levels guarded by the Memory Protection Unit (MPU). Pip-MPU derives from the Pip protokernel, with a full code refactoring to adapt to the constrained environment and targets equivalent security properties. The proofs verify that the memory blocks loaded in the MPU adhere to the global partition tree model. We provide the basis of the MPU formalisation and the demonstration of the formal verification strategy on two representative kernel services. The publicly released proofs have...
International audienceThis paper presents a framework and implementation guidelines to set up nested...
In this paper, we formally verify security properties of the ARMv7 Instruction Set Architecture (ISA...
The key software component of a computer system is the operating-system kernel. Italways needs to be...
The development of provably secure OS kernels represents a fundamental step in the creation of safe ...
International audienceThis article presents a hardware-based memory isolation solution for constrain...
Over the last years, security-kernels have played a promising role in reshaping the landscape of pla...
Although many algorithms, hardware designs, and security protocols have been formally verified, form...
peer-reviewedThe best approach to verifying an IMA separation kernel is to use a (fixed) time-space...
Abstract—Often, an integrated mixed-criticality system is built in an environment which provides sep...
Dans cette thèse nous proposons un nouveau concept de noyau adapté à la preuve que nous avons appelé...
Small kernels are a promising approach to secure and reliable system construction. These systems red...
Number of words = 45327, as counted by detex <report.tex> | wc-w. This report consists of 98 p...
Separation between processes on top of an operating system or between guests in a virtualized enviro...
We formally verify an open-source hardware implementation of physical memory protection (PMP) in RIS...
A separation kernel simulates a distributed environment using a single physical machine by executing...
International audienceThis paper presents a framework and implementation guidelines to set up nested...
In this paper, we formally verify security properties of the ARMv7 Instruction Set Architecture (ISA...
The key software component of a computer system is the operating-system kernel. Italways needs to be...
The development of provably secure OS kernels represents a fundamental step in the creation of safe ...
International audienceThis article presents a hardware-based memory isolation solution for constrain...
Over the last years, security-kernels have played a promising role in reshaping the landscape of pla...
Although many algorithms, hardware designs, and security protocols have been formally verified, form...
peer-reviewedThe best approach to verifying an IMA separation kernel is to use a (fixed) time-space...
Abstract—Often, an integrated mixed-criticality system is built in an environment which provides sep...
Dans cette thèse nous proposons un nouveau concept de noyau adapté à la preuve que nous avons appelé...
Small kernels are a promising approach to secure and reliable system construction. These systems red...
Number of words = 45327, as counted by detex <report.tex> | wc-w. This report consists of 98 p...
Separation between processes on top of an operating system or between guests in a virtualized enviro...
We formally verify an open-source hardware implementation of physical memory protection (PMP) in RIS...
A separation kernel simulates a distributed environment using a single physical machine by executing...
International audienceThis paper presents a framework and implementation guidelines to set up nested...
In this paper, we formally verify security properties of the ARMv7 Instruction Set Architecture (ISA...
The key software component of a computer system is the operating-system kernel. Italways needs to be...