SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
EROS: a fast capability system
Proceedings of the seventeenth ACM symposium on Operating systems principles
A Linear Time Algorithm for Deciding Subject Security
Journal of the ACM (JACM)
Conspiracy and information flow in the Take-Grant protection model
Journal of Computer Security
Protection in operating systems
Communications of the ACM
Programming semantics for multiprogrammed computations
Communications of the ACM
The transfer of information and authority in a protection system
SOSP '79 Proceedings of the seventh ACM symposium on Operating systems principles
ACM SIGOPS Operating Systems Review
Running the manual: an approach to high-assurance microkernel development
Proceedings of the 2006 ACM SIGPLAN workshop on Haskell
Towards a practical, verified kernel
HOTOS'07 Proceedings of the 11th USENIX workshop on Hot topics in operating systems
Secure Microkernels, State Monads and Scalable Refinement
TPHOLs '08 Proceedings of the 21st International Conference on Theorem Proving in Higher Order Logics
FMICS '09 Proceedings of the 14th International Workshop on Formal Methods for Industrial Critical Systems
capDL: a language for describing capability-based systems
Proceedings of the first ACM asia-pacific workshop on Workshop on systems
Towards proving security in the presence of large untrusted components
SSV'10 Proceedings of the 5th international conference on Systems software verification
Formally verifying isolation and availability in an idealized model of virtualization
FM'11 Proceedings of the 17th international conference on Formal methods
ITP'11 Proceedings of the Second international conference on Interactive theorem proving
Analysing the information flow properties of object-capability patterns
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
A formally verified OS kernel. now what?
ITP'10 Proceedings of the First international conference on Interactive Theorem Proving
LICS '12 Proceedings of the 2012 27th Annual IEEE/ACM Symposium on Logic in Computer Science
Hi-index | 0.00 |
This paper presents a machine-checked high-level security analysis of seL4--an evolution of the L4 kernel series targeted to secure, embedded devices. We provide an abstract specification of the seL4 access control system together with a formal proof that shows how confined subsystems can be enforced. All proofs and specifications in this paper are developed in the interactive theorem prover Isabelle/HOL.