3 research outputs found
Formally Verified Implementation of an Idealized Model of Virtualization
VirtualCert is a machine-checked model of virtualization that can be
used to reason about isolation between operating systems in presence
of cache-based side-channels. In contrast to most prominent projects
on operating systems verification, where such guarantees are proved
directly on concrete implementations of hypervisors, VirtualCert
abstracts away most implementations issues and specifies the effects
of hypervisor actions axiomatically, in terms of preconditions and
postconditions. Unfortunately, seemingly innocuous implementation
issues are often relevant for security. Incorporating the treatment of
errors into VirtualCert is therefore an important step towards
strengthening the isolation theorems proved in earlier work. In this
paper, we extend our earlier model with errors, and prove that
isolation theorems still apply. In addition, we provide an executable specification of the hypervisor, and prove that it correctly implements the axiomatic model. The executable specification constitutes a first step towards a more realistic implementation of a hypervisor, and provides a useful tool for validating the axiomatic semantics developed in previous work
Principles of Security and Trust: 7th International Conference, POST 2018, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2018, Thessaloniki, Greece, April 14-20, 2018, Proceedings
authentication; computer science; computer software selection and evaluation; cryptography; data privacy; formal logic; formal methods; formal specification; internet; privacy; program compilers; programming languages; security analysis; security systems; semantics; separation logic; software engineering; specifications; verification; world wide we