We present an in-depth coverage of the comprehensive machine-checked formal verification
of seL4, a general-purpose operating system microkernel. We discuss the kernel design we …

Abstract Development of formal proofs of correctness of programs can increase actual and
perceived reliability and facilitate better understanding of program specifications and their …

Context Formal methods, and particularly formal verification, is becoming more feasible to
use in the engineering of large highly dependable software-based systems, but so far has …

Assurance of information-flow security by formal methods is mandated in security
certification of separation kernels. As an industrial standard for improving safety, ARINC 653 …

Proof engineering tools make it easier to develop and maintain large systems verified using
interactive theorem provers. Developing useful proof engineering tools hinges on …

This thesis presents the design, implementation, and evaluation of a novel capability
operating system: CheriOS. The guiding motivation behind CheriOS is to provide strong …

Pip-MPU is a minimalist separation kernel for constrained devices (scarce memory and
power resources). In this work, we demonstrate high-assurance of Pip-MPU's isolation …

We present recent work on building and scaling trustworthy systems with formal, machine-
checkable proof from the ground up, including the operating system kernel, at the level of …

Despite growing efforts and encouraging successes in the last decades, fully formally-
verified projects are still rare in the industrial landscape. The industry often lacks the tools …

Context: Recent projects such as L4. verified (the verification of the seL4 microkernel) have
demonstrated that large-scale formal program verification is now becoming practical …