Formally verifying isolation and availability in an idealized model of virtualization

Authors:
Gilles Barthe;Gustavo Betarte;Juan Diego Campo;Carlos Luna
Affiliations:
IMDEA Software, Madrid, Spain;InCo, Facultad de Ingeniería, Universidad de la República, Uruguay;InCo, Facultad de Ingeniería, Universidad de la República, Uruguay;InCo, Facultad de Ingeniería, Universidad de la República, Uruguay
Venue:
FM'11 Proceedings of the 17th international conference on Formal methods
Year:
2011

Citing 13
Cited 4

Formal Construction of the Mathematically Analyzed Separation Kernel

ASE '00 Proceedings of the 15th IEEE international conference on Automated software engineering
Xen and the art of virtualization

SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Stack-based access control and secure information flow

Journal of Functional Programming
Formal specification and verification of data separation in a separation kernel for an embedded system

Proceedings of the 13th ACM conference on Computer and communications security
Verified Protection Model of the seL4 Microkernel

VSTTE '08 Proceedings of the 2nd international conference on Verified Software: Theories, Tools, Experiments
Verifying the Microsoft Hyper-V Hypervisor with VCC

FM '09 Proceedings of the 2nd World Congress on Formal Methods
seL4: formal verification of an operating-system kernel

Communications of the ACM
Safe to the last instruction: automated verification of a type-safe operating system

PLDI '10 Proceedings of the 2010 ACM SIGPLAN conference on Programming language design and implementation
Automated verification of a small hypervisor

VSTTE'10 Proceedings of the Third international conference on Verified software: theories, tools, experiments
Pervasive verification of an OS microkernel: inline assembly, memory consumption, concurrent devices

VSTTE'10 Proceedings of the Third international conference on Verified software: theories, tools, experiments
Hyperproperties

Journal of Computer Security - 7th International Workshop on Issues in the Theory of Security (WITS'07)
Verifying shadow page table algorithms

Proceedings of the 2010 Conference on Formal Methods in Computer-Aided Design
Validating the microsoft hypervisor

FM'06 Proceedings of the 14th international conference on Formal Methods

Parametric verification of address space separation

POST'12 Proceedings of the First international conference on Principles of Security and Trust
Noninterference for operating system kernels

CPP'12 Proceedings of the Second international conference on Certified Programs and Proofs
Formal verification of information flow security for a simple arm-based separation kernel

Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Comprehensive formal verification of an OS microkernel

ACM Transactions on Computer Systems (TOCS)

Quantified Score

Hi-index	0.00

Visualization

Abstract

Hypervisors allow multiple guest operating systems to run on shared hardware, and offer a compelling means of improving the security and the flexibility of software systems. We formalize in the Coq proof assistant an idealized model of a hypervisor, and formally establish that the hypervisor ensures strong isolation properties between the different operating systems, and guarantees that requests from guest operating systems are eventually attended.