Using Isabelle/HOL to develop and maintain separation invariants for an operating system

We describe work on an Isabelle/HOL model for the specification of a separation kernel done within the EURO-MILS (http://www.euromils.eu/) project. We chose to extensible records to specify the state. By an example of a theory specifying a group of "event" API calls, it is shown how lemmas on local state are used for obtaining proof obligations for a global separation property

Formal Specification of a Generic Separation Kernel

Item does not contain fulltextIntransitive noninterference has been a widely studied topic in the last few decades. Several well-established methodologies apply interactive theorem proving to formulate a noninterference theorem over abstract academic models. In joint work with several industrial and academic partners throughout Europe, we are helping in the certification process of PikeOS, an industrial separation kernel developed at SYSGO. In this process, established theories could not be applied. We present a new generic model of separation kernels and a new theory of intransitive noninterference. The model is rich in detail, making it suitable for formal verification of realistic and industrial systems such as PikeOS. Using a refinement-based theorem proving approach, we ensure that proofs remain manageable

Dopant effect on NiGe texture during nickel germanide growth

International audienc

Formal API Specification of the PikeOS Separation Kernel

PikeOS is an industrial operating system for safety and security critical applications in, for example, avionics and automotive contexts. A consortium of several European partners from industry and academia works on the certification of PikeOS up to at least Common Criteria EAL5+, with "+" being applying formal methods compliant up to EAL7. We have formalized the hardware independent security-relevant part of PikeOS that is to be used in a certification context. Over this model, intransitive noninterference has been proven. We present the model and the methodology used to create the model. All results have been formalized in the Isabelle/HOL theorem prover

L'indice de gestion et d'efficacité en natation (IGEN)

Un exemple d'évaluation simultanée de la performance et de la maîtrise technique en natatio

Considerations on Fermi-depinning, dipoles and oxide tunneling for oxygen-based dielectric insertions in advanced CMOS contacts

International audienceWe present experimental and simulated J-V characteristics of Metal/Insulator/Semiconductor (MIS) junctions aiming at improving the contact resistivity for advanced CMOS nodes. We show that an Atomic Layer Deposition (ALD)-based Al2O3 process may induce a native silicon oxide regrowth leading to an additional tunneling resistance in series. A modelling-based analysis of Metal/Insulator/Insulator/Metal (MIIS) contacts, including the potentially beneficial interfacial dipole, provides a new outlook on high-kappa/SiO2 bilayers for low resistivity contacts