Fitting formal methods into the design cycle
DAC '94 Proceedings of the 31st annual Design Automation Conference
Communications of the ACM
Formal methods: state of the art and future directions
ACM Computing Surveys (CSUR) - Special ACM 50th-anniversary issue: strategic directions in computing research
Observations on industrial practice using formal methods
ICSE '93 Proceedings of the 15th international conference on Software Engineering
IEEE Software
Integrating Formal Methods into the Development Process
IEEE Software
Seven More Myths of Formal Methods
IEEE Software
Applying Formal Specification in Industry
IEEE Software
Symbolic Simulation: An ACL2 Approach
FMCAD '98 Proceedings of the Second International Conference on Formal Methods in Computer-Aided Design
Some Misconceptions About Lines of Code
METRICS '97 Proceedings of the 4th International Symposium on Software Metrics
Logic for Computable Functions: description of a machine implementation.
Logic for Computable Functions: description of a machine implementation.
Running the manual: an approach to high-assurance microkernel development
Proceedings of the 2006 ACM SIGPLAN workshop on Haskell
Types, bytes, and separation logic
Proceedings of the 34th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Secure Microkernels, State Monads and Scalable Refinement
TPHOLs '08 Proceedings of the 21st International Conference on Theorem Proving in Higher Order Logics
Journal of Automated Reasoning
Formal methods: Practice and experience
ACM Computing Surveys (CSUR)
Experience report: seL4: formally verifying a high-performance microkernel
Proceedings of the 14th ACM SIGPLAN international conference on Functional programming
TPHOLs '09 Proceedings of the 22nd International Conference on Theorem Proving in Higher Order Logics
seL4: formal verification of an OS kernel
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
The Design of Design: Essays from a Computer Scientist
The Design of Design: Essays from a Computer Scientist
Effects of architecture and technical development process on micro-process
ICSP'07 Proceedings of the 2007 international conference on Software process
Isabelle/HOL: a proof assistant for higher-order logic
Isabelle/HOL: a proof assistant for higher-order logic
Integration of formal analysis into a model-based software development process
FMICS'07 Proceedings of the 12th international conference on Formal methods for industrial critical systems
Safe to the last instruction: automated verification of a type-safe operating system
PLDI '10 Proceedings of the 2010 ACM SIGPLAN conference on Programming language design and implementation
ITP'11 Proceedings of the Second international conference on Interactive theorem proving
Timing Analysis of a Protected Operating System Kernel
RTSS '11 Proceedings of the 2011 IEEE 32nd Real-Time Systems Symposium
Formal specifications better than function points for code sizing
Proceedings of the 2013 International Conference on Software Engineering
Comprehensive formal verification of an OS microkernel
ACM Transactions on Computer Systems (TOCS)
| Hi-index | 0.00 |
The L4.verified project was a rare success in large-scale, formal verification: it provided a formal, machine-checked, code-level proof of the full functional correctness of the seL4 microkernel. In this paper we report on the development process and management issues of this project, highlighting key success factors. We formulate a detailed descriptive model of its middle-out development process, and analyze the evolution and dependencies of code and proof artifacts. We compare our key findings on verification and re-verification with insights from other verification efforts in the literature. Our analysis of the project is based on complete access to project logs, meeting notes, and version control data over its entire history, including its long-term, ongoing maintenance phase. The aim of this work is to aid understanding of how to successfully run large-scale formal software verification projects.