5 research outputs found
Security Analysis of Separation Kernels Specifications and a Framework for the Verification of Concurrent Implementations
Due to the new trend of integrating safe and secure
functionalities into one separation kernel, security analysis of ARINC
653 as well as a formal specification with security proofs are thus
significant for the development and certification of Separation Kernels
(SKs). In this talk we present a specification development and security
analysis method for ARINC SKs based on refinement. We present a security
model for event-based non-Interference and a stepwise refinement
framework that will allow us to check security on sequential SKs
specifications. Moreover to be able to reason on SKs implementations
running on top of multi-core architectures it is essential to deal with
the interference of the environment between SKs instances running on
different cores. Concurrent program reasoning techniques such as
rely-guarantee can be leveraged to reason on multi-core SKs
implementations. However the source code of the programs to be verified
often involves language features such as exceptions and procedures which
are not supported by the existing mechanizations of those concurrent
reasoning techniques. CSimpl, is a rich specification language with
concurrency-oriented language features and verification techniques that
will allow reasoning on multi-core SKs implementations.Universidad de Málaga. Campus de Excelencia Internacional AndalucÃa Tech
On-the-fly model checking for C programs with extended CADP in FMICS-jETI ∗
A current trend in the software engineering community is to integrate different tools in a friendly and powerful development environment for use by final users. This is also the case for tools based on formal methods, which are very valuable for increasing confidence in the reliability of software. This paper contributes to one promising approach to make this integration possible, the project FMICS-JETI. This project aims to obtain an active repository of tools based on formal methods in such a way that users can access and combine all the tools simply by defining a graph with the tools and the files they manage. In particular, the paper explains how two new modules of the well known toolset CADP are added to FMICS-JETI. These new modules, named C.OPEN and ANNOTATOR extend CADP with functions to manage C programs in this toolset. 1
Towards formal verification of separation microkernel
The best approach to verifying an IMA separation
kernel is to use a (fixed) time-space partitioning
kernel with a multiple independent levels
of separation (MILS) architecture. We describe
an activity that explores the cost and feasibility
of doing a formal verification of such a kernel to
the Common Criteria (CC) levels mandated by
the Separation Kernel Protection Profile (SKPP).
We are developing a Reference Specification of
such a kernel, and are using higher-order logic
(HOL) to construct formal models of this specification
and key separation properties. We then
plan to do a dry run of part of a formal proof of
those properties using the Isabelle/HOL theorem
prover
C.OPEN and ANNOTATOR: Tools for On-the-Fly Model Checking C Programs ⋆
Abstract. This paper describes a set of verification components that open the way to perform on-the-fly software model checking with the Cadp toolbox, originally designed for verifying the functional correctness of Lotos specifications. Two new tools (named C.Open and Annotator) have been added to the toolbox. The approach taken fits well within the existing architecture of Cadp which doesn’t need to be altered to enable C program verification.