2 research outputs found
A survey on formal specification and verification of separation kernels
Separation kernels are fundamental software of safety and security-critical
systems, which provide to their hosted applications spatial and temporal
separation as well as controlled information flows among partitions. The
application of separation kernels in critical domain demands the correctness of
the kernel by formal verification. To the best of our knowledge, there is no
survey paper on this topic. This paper presents an overview of formal
specification and verification of separation kernels. We first present the
background including the concept of separation kernel and the comparisons among
different kernels. Then, we survey the state of the art on this topic since
2000. Finally, we summarize research work by detailed comparison and
discussion
Secure System Virtualization: End-to-End Verification of Memory Isolation
Over the last years, security kernels have played a promising role in
reshaping the landscape of platform security on today's ubiquitous embedded
devices. Security kernels, such as separation kernels, enable constructing
high-assurance mixed-criticality execution platforms. They reduce the software
portion of the system's trusted computing base to a thin layer, which enforces
isolation between low- and high-criticality components. The reduced trusted
computing base minimizes the system attack surface and facilitates the use of
formal methods to ensure functional correctness and security of the kernel.
In this thesis, we explore various aspects of building a provably secure
separation kernel using virtualization technology. In particular, we examine
techniques related to the appropriate management of the memory subsystem. Once
these techniques were implemented and functionally verified, they provide
reliable a foundation for application scenarios that require strong guarantees
of isolation and facilitate formal reasoning about the system's overall
security