Tentative steps toward a development method for interfering programs
ACM Transactions on Programming Languages and Systems (TOPLAS)
Kit: A Study in Operating System Verification
IEEE Transactions on Software Engineering
Journal of Automated Reasoning
Separation Logic: A Logic for Shared Mutable Data Structures
LICS '02 Proceedings of the 17th Annual IEEE Symposium on Logic in Computer Science
Inductive Definitions in the system Coq - Rules and Properties
TLCA '93 Proceedings of the International Conference on Typed Lambda Calculi and Applications
Separation and information hiding
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Certified assembly programming with embedded code pointers
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Modular verification of assembly code with stack-based control abstractions
Proceedings of the 2006 ACM SIGPLAN conference on Programming language design and implementation
An open framework for foundational proof-carrying code
TLDI '07 Proceedings of the 2007 ACM SIGPLAN international workshop on Types in languages design and implementation
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
A general framework for certifying garbage collectors and their mutators
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
Towards a practical, verified kernel
HOTOS'07 Proceedings of the 11th USENIX workshop on Hot topics in operating systems
Certifying low-level programs with hardware interrupts and preemptive threads
Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation
Combining Domain-Specific and Foundational Logics to Verify Complete Software Systems
VSTTE '08 Proceedings of the 2nd international conference on Verified Software: Theories, Tools, Experiments
Using XCAP to certify realistic systems code: machine context management
TPHOLs'07 Proceedings of the 20th international conference on Theorem proving in higher order logics
On the correctness of operating system kernels
TPHOLs'05 Proceedings of the 18th international conference on Theorem Proving in Higher Order Logics
Combining Domain-Specific and Foundational Logics to Verify Complete Software Systems
VSTTE '08 Proceedings of the 2nd international conference on Verified Software: Theories, Tools, Experiments
Communications of the ACM
VeriML: typed computation of logical terms inside a language with effects
Proceedings of the 15th ACM SIGPLAN international conference on Functional programming
Pervasive verification of an OS microkernel: inline assembly, memory consumption, concurrent devices
VSTTE'10 Proceedings of the Third international conference on Verified software: theories, tools, experiments
The next 700 separation logics
VSTTE'10 Proceedings of the Third international conference on Verified software: theories, tools, experiments
Certification of thread context switching
Journal of Computer Science and Technology
Modular verification of preemptive OS kernels
Proceedings of the 16th ACM SIGPLAN international conference on Functional programming
Local Reasoning for Global Invariants, Part I: Region Logic
Journal of the ACM (JACM)
| Hi-index | 0.02 |
A major challenge for verifying completesoftware systems is their complexity. A complete software system consists of program modules that use many language features and span different abstraction levels (e.g. user code and run-time system code). It is extremely difficult to use one verification system (e.g. type system or Hoare-style program logic) to support all these features and abstraction levels. In our previous work, we have developed a new methodology to solve this problem. We apply specialized "domain-specific" verification systems to verify individual program modules and then link the modules in a foundational open logical framework to compose the verified complete software package. In this paper, we show how this new methodology is applied to verify a software package containing implementations of preemptive threads and a set of synchronization primitives. Our experience shows that domain-specific verification systems can greatly simplify the verification process of low-level software, and new techniques for combining domain-specific and foundational logics are critical for the successful verification of complete software systems.