Automated verification of a small hypervisor

Authors:
Eyad Alkassar;Mark A. Hillebrand;Wolfgang J. Paul;Elena Petrova
Affiliations:
Saarland University, Computer Science Dept., Saarbrücken, Germany;German Research Center for Artificial Intelligence, Saarbrücken, Germany;Saarland University, Computer Science Dept., Saarbrücken, Germany;Saarland University, Computer Science Dept., Saarbrücken, Germany
Venue:
VSTTE'10 Proceedings of the Third international conference on Verified software: theories, tools, experiments
Year:
2010

Citing 11
Cited 6

Kit and the short stack

Journal of Automated Reasoning
Balancing the Load

Journal of Automated Reasoning
Certifying Low-Level Programs with Hardware Interrupts and Preemptive Threads

Journal of Automated Reasoning
Formal Memory Models for the Verification of Low-Level Operating-System Code

Journal of Automated Reasoning
VCC: A Practical System for Verifying Concurrent C

TPHOLs '09 Proceedings of the 22nd International Conference on Theorem Proving in Higher Order Logics
seL4: formal verification of an OS kernel

Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
A Precise Yet Efficient Memory Model For C

Electronic Notes in Theoretical Computer Science (ENTCS)
Verifying the Microsoft Hyper-V Hypervisor with VCC

FM '09 Proceedings of the 2nd World Congress on Formal Methods
Z3: an efficient SMT solver

TACAS'08/ETAPS'08 Proceedings of the Theory and practice of software, 14th international conference on Tools and algorithms for the construction and analysis of systems
Pervasive verification of an OS microkernel: inline assembly, memory consumption, concurrent devices

VSTTE'10 Proceedings of the Third international conference on Verified software: theories, tools, experiments
Boogie: a modular reusable verifier for object-oriented programs

FMCO'05 Proceedings of the 4th international conference on Formal Methods for Components and Objects

Formally verifying isolation and availability in an idealized model of virtualization

FM'11 Proceedings of the 17th international conference on Formal methods
Integrated semantics of intermediate-language c and macro-assembler for pervasive formal verification of operating systems and hypervisors from VerisoftXT

VSTTE'12 Proceedings of the 4th international conference on Verified Software: theories, tools, experiments
Parametric verification of address space separation

POST'12 Proceedings of the First international conference on Principles of Security and Trust
Completing the automated verification of a small hypervisor - assembler code verification

SEFM'12 Proceedings of the 10th international conference on Software Engineering and Formal Methods
Formal verification of information flow security for a simple arm-based separation kernel

Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Comprehensive formal verification of an OS microkernel

ACM Transactions on Computer Systems (TOCS)

Quantified Score

Hi-index	0.00

Visualization

Abstract

Hypervisors are system software programs that virtualize the architecture they run on. They are typically small, safety-critical, and hard to debug, which makes them a feasible and interesting target for formal verification. Previous functional verifications of system software were all based on interactive theorem proving, requiring substantial human effort complemented by expert prover knowledge. In this paper we present the first functional verification of a small hypervisor using VCC, an automatic verifier for (suitably annotated) C developed at Microsoft. To achieve this goal we introduce necessary system verification techniques, such as accurate modeling of software/hardware interaction and simulation proofs in a first-order logic setting.