Add to ORKGpeer-reviewedThe best approach to verifying an IMA separation kernel is to use a (fixed) time-space partitioning kernel with a multiple independent levels of separation (MILS) architecture. We describe an activity that explores the cost and feasibility of doing a formal verification of such a kernel to the Common Criteria (CC) levels mandated by the Separation Kernel Protection Profile (SKPP). We are developing a Reference Specification of such a kernel, and are using higher-order logic (HOL) to construct formal models of this specification and key separation properties. We then plan to do a dry run of part of a formal proof of those properties using the Isabelle/HOL theorem prover
The security of embedded systems can be dramatically improved through the use of formally verified i...
AbstractThis paper presents a methodology for automated modular verification of C programs against s...
The key software component of a computer system is the operating-system kernel. Italways needs to be...
Abstract—Often, an integrated mixed-criticality system is built in an environment which provides sep...
Although many algorithms, hardware designs, and security protocols have been formally verified, form...
Abstract. Separation kernels are key components in embedded applica-tions. Their small size and wide...
A separation kernel simulates a distributed environment using a single physical machine by executing...
A separation-kernel-based operating system (OS) has been designed for use in secure embedded systems...
Number of words = 45327, as counted by detex <report.tex> | wc-w. This report consists of 98 p...
The development of provably secure OS kernels represents a fundamental step in the creation of safe ...
Due to the new trend of integrating safe and secure functionalities into one separation kernel, se...
International audienceSeparation Logic is a framework for the development of modular program analyse...
Pip-MPU is a minimalist separation kernel for constrained devices (scarce memory and power resources...
This report is based on work at FFI towards the potential realization of a certifiable workstation f...
Assurance of information-flow security by formal methods is mandated in security certification of se...
The security of embedded systems can be dramatically improved through the use of formally verified i...
AbstractThis paper presents a methodology for automated modular verification of C programs against s...
The key software component of a computer system is the operating-system kernel. Italways needs to be...
Abstract—Often, an integrated mixed-criticality system is built in an environment which provides sep...
Although many algorithms, hardware designs, and security protocols have been formally verified, form...
Abstract. Separation kernels are key components in embedded applica-tions. Their small size and wide...
A separation kernel simulates a distributed environment using a single physical machine by executing...
A separation-kernel-based operating system (OS) has been designed for use in secure embedded systems...
Number of words = 45327, as counted by detex <report.tex> | wc-w. This report consists of 98 p...
The development of provably secure OS kernels represents a fundamental step in the creation of safe ...
Due to the new trend of integrating safe and secure functionalities into one separation kernel, se...
International audienceSeparation Logic is a framework for the development of modular program analyse...
Pip-MPU is a minimalist separation kernel for constrained devices (scarce memory and power resources...
This report is based on work at FFI towards the potential realization of a certifiable workstation f...
Assurance of information-flow security by formal methods is mandated in security certification of se...
The security of embedded systems can be dramatically improved through the use of formally verified i...
AbstractThis paper presents a methodology for automated modular verification of C programs against s...
The key software component of a computer system is the operating-system kernel. Italways needs to be...