Journal of Automated Reasoning
Verifying the EROS Confinement Mechanism
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Dealing with I/O Devices in the Context of Pervasive System Verification
ICCD '05 Proceedings of the 2005 International Conference on Computer Design
Towards the Formal Verification of a C0 Compiler: Code Generation and Implementation Correctnes
SEFM '05 Proceedings of the Third IEEE International Conference on Software Engineering and Formal Methods
Applying source-code verification to a microkernel: the VFiasco project
EW 10 Proceedings of the 10th workshop on ACM SIGOPS European workshop
Putting it all together – Formal verification of the VAMP
International Journal on Software Tools for Technology Transfer (STTT) - A View from Formal Methods 2003 (pp 301-354); Special Section on Recent Advances in Hardware Verification (pp 355-447)
Towards trustworthy computing systems: taking microkernels to the next level
ACM SIGOPS Operating Systems Review
Pervasive Compiler Verification -- From Verified Programs to Verified Systems
Electronic Notes in Theoretical Computer Science (ENTCS)
Correct Microkernel Primitives
Electronic Notes in Theoretical Computer Science (ENTCS)
Using XCAP to certify realistic systems code: machine context management
TPHOLs'07 Proceedings of the 20th international conference on Theorem proving in higher order logics
Oracle semantics for concurrent separation logic
ESOP'08/ETAPS'08 Proceedings of the Theory and practice of software, 17th European conference on Programming languages and systems
Verified Process-Context Switch for C-Programmed Kernels
VSTTE '08 Proceedings of the 2nd international conference on Verified Software: Theories, Tools, Experiments
Hi-index | 0.02 |
Though the verification of operating systems is an active research field, a verification method is still missing that provides both, the proximity to practically used programming languages such as C anda realistic model of concurrency, i.e. a model that copes with the granularity of atomic operations actually used in a target machine.Our approach serves as the foundation for the verification of concurrent programs in C0 --- a C fragment enriched by kernel communication primitives --- in a Hoare-Logic. C0 is compiled by a verified compiler into assembly code representing a cooperative concurrent transition system. For the latter, it is shown that it can actually be executed in a true concurrent way reflecting the C0 semantics.