Comprehensive formal verification of an OS microkernel
We present an in-depth coverage of the comprehensive machine-checked formal verification
of seL4, a general-purpose operating system microkernel. We discuss the kernel design we …
of seL4, a general-purpose operating system microkernel. We discuss the kernel design we …
seL4: from general purpose to a proof of information flow enforcement
T Murray, D Matichuk, M Brassil… - … IEEE Symposium on …, 2013 - ieeexplore.ieee.org
In contrast to testing, mathematical reasoning and formal verification can show the absence
of whole classes of security vulnerabilities. We present the, to our knowledge, first complete …
of whole classes of security vulnerabilities. We present the, to our knowledge, first complete …
Formally verified memory protection for a commodity multiprocessor hypervisor
Hypervisors are widely deployed by cloud computing providers to support virtual machines,
but their growing complexity poses a security risk, as large codebases contain many …
but their growing complexity poses a security risk, as large codebases contain many …
End-to-end verification of information-flow security for C and assembly programs
Protecting the confidentiality of information manipulated by a computing system is one of the
most important challenges facing today's cybersecurity community. A promising step toward …
most important challenges facing today's cybersecurity community. A promising step toward …
Confidential Computing—a brave new world
DP Mulligan, G Petri, N Spinale… - … on secure and …, 2021 - ieeexplore.ieee.org
The semiconductor industry is witnessing a nascent security paradigm shift in the rise of
Confidential Computing. Driven by the need to protect computations delegated to co …
Confidential Computing. Driven by the need to protect computations delegated to co …
Formal verification of information flow security for a simple ARM-based separation kernel
A separation kernel simulates a distributed environment using a single physical machine by
executing partitions in isolation and appropriately controlling communication among them …
executing partitions in isolation and appropriately controlling communication among them …
A verified information-flow architecture
A Azevedo de Amorim, N Collins, A DeHon… - Proceedings of the 41st …, 2014 - dl.acm.org
SAFE is a clean-slate design for a highly secure computer system, with pervasive
mechanisms for tracking and limiting information flows. At the lowest level, the SAFE …
mechanisms for tracking and limiting information flows. At the lowest level, the SAFE …
A survey on formal specification and verification of separation kernels
Y Zhao, Z Yang, D Ma - Frontiers of Computer Science, 2017 - Springer
Separation kernels are fundamental software of safety and security-critical systems, which
provide their hosted applications with spatial and temporal separation as well as controlled …
provide their hosted applications with spatial and temporal separation as well as controlled …
Modular Verification of Secure and Leakage-Free Systems: From Application Specification to Circuit-Level Implementation
Parfait is a framework for proving that an implementation of a hardware security module
(HSM) leaks nothing more than what is mandated by an application specification. Parfait …
(HSM) leaks nothing more than what is mandated by an application specification. Parfait …
Nickel: A framework for design and verification of information flow control systems
H Sigurbjarnarson, L Nelson, B Castro-Karney… - … USENIX Symposium on …, 2018 - usenix.org
Nickel is a framework that helps developers design and verify information flow control
systems by systematically eliminating covert channels inherent in the interface, which can be …
systems by systematically eliminating covert channels inherent in the interface, which can be …