A Formally Verified Static Hypervisor with Hardware Support for a Many-Core Chip

International audienceThis work presents a co-hosting approach of multiple software stacks within a many-core system-on-chip.We present a many-core virtual machine monitor executing software stacks in virtual machines.We confine the virtual machines from each others to prevent a malicious virtual machine user to compromise an other virtual machine or the virtual machine monitor (or hypervisor). We have made a formally verified many-core hypervisor that relies on our own hardware protection mechanism

Practical Probability: Applying pGCL to Lattice Scheduling

Abstract. Building on our published mechanisation of the probabilistic program logic pGCL we present a verified lattice scheduler, a standard covert-channel mitigation technique, employing randomisation as an elegant means of ensuring starvation-freeness. We show that this scheduler enforces probabilistic non-leakage, in addition to non-starvation. The refinement framework employed is compatible with that used in the L4.verified project, supporting our argument that full-scale verification of probabilistic security properties for realistic systems software is feasible.