File systems deserve verification too!

Authors:
Gabriele Keller;Toby Murray;Sidney Amani;Liam O'Connor;Zilin Chen;Leonid Ryzhyk;Gerwin Klein;Gernot Heiser
Affiliations:
NICTA, Sydney, Australia and University of New South Wales, Australia;NICTA, Sydney, Australia and University of New South Wales, Australia;NICTA, Sydney, Australia and University of New South Wales, Australia;NICTA, Sydney, Australia and University of New South Wales, Australia;NICTA, Sydney, Australia and University of New South Wales, Australia;NICTA, Sydney, Australia and University of New South Wales, Australia and University of Toronto, Canada;NICTA, Sydney, Australia and University of New South Wales, Australia;NICTA, Sydney, Australia and University of New South Wales, Australia
Venue:
Proceedings of the Seventh Workshop on Programming Languages and Operating Systems
Year:
2013

Citing 14
Cited 0

Packet types: abstract specification of network protocol messages

Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
DataScript - A Specification and Scripting Language for Binary Data

GPCE '02 Proceedings of the 1st ACM SIGPLAN/SIGSOFT conference on Generative Programming and Component Engineering
Using model checking to find serious file system errors

ACM Transactions on Computer Systems (TOCS)
Types, bytes, and separation logic

Proceedings of the 34th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Formal verification of a realistic compiler

Communications of the ACM - Barbara Liskov: ACM's A.M. Turing Award Winner
seL4: formal verification of an OS kernel

Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
A Precise Yet Efficient Memory Model For C

Electronic Notes in Theoretical Computer Science (ENTCS)
A few billion lines of code later: using static analysis to find bugs in the real world

Communications of the ACM
The next 700 data description languages

Journal of the ACM (JACM)
The PADS project: an overview

Proceedings of the 14th International Conference on Database Theory
Faults in linux: ten years later

Proceedings of the sixteenth international conference on Architectural support for programming languages and operating systems
An approach to improving the structure of error-handling code in the linux kernel

Proceedings of the 2011 SIGPLAN/SIGBED conference on Languages, compilers and tools for embedded systems
SLAM2: static driver verification with under 4% false alarms

Proceedings of the 2010 Conference on Formal Methods in Computer-Aided Design
Virtualize storage, not disks

HotOS'13 Proceedings of the 14th USENIX conference on Hot Topics in Operating Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

File systems are too important, and current ones are too buggy, to remain unverified. Yet the most successful verification methods for functional correctness remain too expensive for current file system implementations --- we need verified correctness but at reasonable cost. This paper presents our vision and ongoing work to achieve this goal for a new high-performance flash file system, called BilbyFs. BilbyFs is carefully designed to be highly modular, so it can be verified against a high-level functional specification one component at a time. This modular implementation is captured in a set of domain specific languages from which we produce the design-level specification, as well as its optimised C implementation. Importantly, we also automatically generate the proof linking these two artefacts. The combination of these features dramatically reduces verification effort. Verified file systems are now within reach for the first time.