Kit: A Study in Operating System Verification
IEEE Transactions on Software Engineering
An approach to systems verification
Journal of Automated Reasoning
Specification and verification of the UCLA Unix security kernel
Communications of the ACM
Types, bytes, and separation logic
Proceedings of the 34th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Secure Microkernels, State Monads and Scalable Refinement
TPHOLs '08 Proceedings of the 21st International Conference on Theorem Proving in Higher Order Logics
VCC: A Practical System for Verifying Concurrent C
TPHOLs '09 Proceedings of the 22nd International Conference on Theorem Proving in Higher Order Logics
TPHOLs '09 Proceedings of the 22nd International Conference on Theorem Proving in Higher Order Logics
seL4: formal verification of an OS kernel
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
A Verified Shared Capability Model
Electronic Notes in Theoretical Computer Science (ENTCS)
seL4: formal verification of an operating-system kernel
Communications of the ACM
Safe to the last instruction: automated verification of a type-safe operating system
PLDI '10 Proceedings of the 2010 ACM SIGPLAN conference on Programming language design and implementation
Experimental Security Analysis of a Modern Automobile
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
capDL: a language for describing capability-based systems
Proceedings of the first ACM asia-pacific workshop on Workshop on systems
Towards proving security in the presence of large untrusted components
SSV'10 Proceedings of the 5th international conference on Systems software verification
Hi-index | 0.00 |
The L4.verified project has produced a formal, machine-checked Isabelle/HOL proof that the C code of the seL4 OS microkernel correctly implements its abstract implementation. This paper briefly summarises the proof, its main implications and assumptions, reports on the experience in conducting such a large-scale verification, and finally lays out a vision how this formally verified kernel may be used for gaining formal, code-level assurance about safety and security properties of systems on the order of a million lines of code.