Towards a Formal Verification of a Secure and Distributed System and Its Applications

This paper presents research towards the formal speci cation and veri cation of a secure distributed system and secure application programs that run on it. We refer to the whole system | from hardware to application programs written in a concurrent programming language | as the Silo, and to a simpli ed view of the Silo as the miniSilo. Both miniSilo and Silo consist of a collection of microprocessors interconnected by a network, a distributed operating system and a compiler for a distributed programming language. Our goal is to verify the full Silo by mechanized layered formal proof using the higher order logic theorem proving system HOL. This paper describes our current results for verifying the miniSilo and our incremental approach for evolving the veri cation of the miniSilo into the veri cation of the full Silo. Scalability is addressed in part by extending the distributed operating system with additional servers which in turn provide services that extend the programming language.