Weakest-precondition of unstructured programs
PASTE '05 Proceedings of the 6th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
A robust machine code proof framework for highly secure applications
ACL2 '06 Proceedings of the sixth international workshop on the ACL2 theorem prover and its applications
Machine-code verification for multiple architectures: an application of decompilation into logic
Proceedings of the 2008 International Conference on Formal Methods in Computer-Aided Design
VCC: A Practical System for Verifying Concurrent C
TPHOLs '09 Proceedings of the 22nd International Conference on Theorem Proving in Higher Order Logics
seL4: formal verification of an OS kernel
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
WYSINWYX: What you see is not what you eXecute
ACM Transactions on Programming Languages and Systems (TOPLAS)
Hoare logic for realistically modelled machine code
TACAS'07 Proceedings of the 13th international conference on Tools and algorithms for the construction and analysis of systems
A decision procedure for bit-vectors and arrays
CAV'07 Proceedings of the 19th international conference on Computer aided verification
Hoare logic for ARM machine code
FSEN'07 Proceedings of the 2007 international conference on Fundamentals of software engineering
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
BAP: a binary analysis platform
CAV'11 Proceedings of the 23rd international conference on Computer aided verification
A trustworthy monadic formalization of the ARMv7 instruction set architecture
ITP'10 Proceedings of the First international conference on Interactive Theorem Proving
Completing the automated verification of a small hypervisor - assembler code verification
SEFM'12 Proceedings of the 10th international conference on Software Engineering and Formal Methods
Translation validation for a verified OS kernel
Proceedings of the 34th ACM SIGPLAN conference on Programming language design and implementation
Formal verification of information flow security for a simple arm-based separation kernel
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
| Hi-index | 0.00 |
Hypervisors are low level execution platforms that provide isolated partitions on shared resources, allowing to design secure systems without using dedicated hardware devices. A key requirement of this kind of solution is the formal verification of the software trusted computing base, preferably at the binary level. We accomplish a detailed verification of an ARMv7 tiny hypervisor, proving its correctness at the machine code level. We present our verification strategy, which mixes the usage of the theorem prover HOL4, the computation of weakest preconditions, and the use of SMT solvers to largely automate the verification process. The automation relies on an integration of HOL4 with BAP, the Binary Analysis Platform developed at CMU. To enable the adoption of the BAP back-ends to compute weakest preconditions and control flow graphs, a HOL4-based tool was implemented that transforms ARMv7 assembly programs to the BAP Intermediate Language. Since verifying contracts by computing the weakest precondition depends on resolving indirect jumps, we implemented a procedure that integrates SMT solvers and BAP to discover all the possible assignments to the indirect jumps under the contract precondition.