Extending the GWV security policy and its modular application to a separation kernel

Authors:
Sergey Tverdyshev
Affiliations:
SYSGO AG, Germany
Venue:
NFM'11 Proceedings of the Third international conference on NASA Formal methods
Year:
2011

Citing 3
Cited 0

On micro-kernel construction

SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
Design and verification of secure systems

SOSP '81 Proceedings of the eighth ACM symposium on Operating systems principles
Will This Be Formal?

TPHOLs '08 Proceedings of the 21st International Conference on Theorem Proving in Higher Order Logics

Quantified Score

Hi-index	0.00

Visualization

Abstract

Nowadays formal methods are required for high assurance security and safety systems. Formal methods allow a precise specification and a deep analysis of system designs. However, usage of formal methods in a certification process can be very expensive. In this context, we analyse the security policy proposed by Greve et al in the theorem prover Isabelle/HOL. We show how this policy with some extensions can be applied in a modular way, and hence, reduce the number of formal models and artifacts to certify. Thus, we show how the security policy for a separation kernel is derived from the security policy of the micro-kernel that forms the basis of the separation kernel.We apply our approach to an example derived from an industrial real-time operating system.