From Operating-System Correctness to Pervasively Verified Applications
نویسندگان
چکیده
Though program verification is known and has been used for decades, the verification of a complete computer system still remains a grand challenge. Part of this challenge is the interaction of application programs with the operating system, which is usually entrusted with retrieving input data from and transferring output data to peripheral devices. In this scenario, the correct operation of the applications inherently relies on operating-system correctness. Based on the formal correctness of our real-time operating system Olos, this paper describes an approach to pervasively verify applications running on top of the operating system.
منابع مشابه
Correct Microkernel Primitives
Primitives are basic means provided by a microkernel to implementors of operating system services. Intensively used within every OS and commonly implemented in a mixture of high-level and assembly programming languages, primitives are meaningful and challenging candidates for formal verification. We report on the accomplished correctness proof of academic microkernel primitives. We describe how...
متن کاملPervasive Compiler Verification - From Verified Programs to Verified Systems
We report in this paper on the formal verification of a simple compiler for the C-like programming language C0. The compiler correctness proof meets the special requirements of pervasive system verification and allows to transfer correctness properties from the C0 layer to the assembler and hardware layers. The compiler verification is split into two parts: the correctness of the compiling spec...
متن کاملJitk: A Trustworthy In-Kernel Interpreter Infrastructure
Modern operating systems run multiple interpreters in the kernel, which enable user-space applications to add new functionality or specialize system policies. The correctness of such interpreters is critical to the overall system security: bugs in interpreters could allow adversaries to compromise user-space applications and even the kernel. Jitk is a new infrastructure for building in-kernel i...
متن کاملMicrokernel Verification Down To Assembly Extending the seL4 verification
When constructing systems with high assurance requirements, it is desirable to build on a formally verified trusted computing base, such as the seL4 microkernel [4]. The verification of seL4 guarantees correctness down to the kernel’s C implementation and relies on the correctness of the C compiler used. CompCert, a verified C compiler [2, 5], has the potential to extend these guarantees to the...
متن کاملVerified Process-Context Switch for C-Programmed Kernels
A context switch — an act of saving and restoring the state of a CPU such that multiple processes can share a single CPU resource — is an essential feature of multitasking operating systems. Commonly computationally intensive and necessarily accessing hardware registers, context-switch procedures are implemented as inline assembly portions in C-programmed operating-system kernels. Feasible veri...
متن کامل