Abstract
We present our formal verification of the persistent memory manager in IBM’s 4765 secure coprocessor. Its task is to achieve a transactional semantics of memory updates in the face of restarts and hardware failures and to provide resilience against the latter. The inclusion of hardware failures is novel in this area and incurs a significant jump in system complexity. We tackle the resulting verification challenge by a combination of a monad-based model, an abstraction that reduces the system’s non-determinism, and stepwise refinement. We propose novel proof rules for handling repeated restarts and nested metadata transactions. Our entire development is formalized in Isabelle/HOL.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Arnold, T.W., Buscaglia, C., Chan, F., Condorelli, V., Dayka, J., Santiago-Fernandez, W., Hadzic, N., Hocker, M.D., Jordan, M., Morris, T., Werner, K.: IBM 4765 cryptographic coprocessor. IBM Journal of Research and Development 56(1.2), 10:1–10:13 (2012)
Sabatier, D., Lartigue, P.: The use of the B formal method for the design and the validation of the transaction mechanism for smart card applications. Formal Methods in System Design, 245–272 (2000)
Hartel, P., Butler, M., de Jong, E., Longley, M.: Transacted memory for smart cards. In: Oliveira, J.N., Zave, P. (eds.) FME 2001. LNCS, vol. 2021, pp. 478–499. Springer, Heidelberg (2001)
Poll, E., Hartel, P., de Jong, E.: A Java reference model of transacted memory for smart cards. In: Proceedings of the 5th conference on Smart Card Research and Advanced Application Conference (CARDIS 2002), pp. 1–14 (2002)
Nipkow, T., Paulson, L.C., Wenzel, M.: Isabelle/HOL. LNCS, vol. 2283. Springer, Heidelberg (2002)
Klein, G., Elphinstone, K., Heiser, G., Andronick, J., Cock, D., Derrin, P., Elkaduwe, D., Engelhardt, K., Kolanski, R., Norrish, M., Sewell, T., Tuch, H., Winwood, S.: seL4: Formal verification of an OS kernel. In: Proc. 22nd ACM Symposium on Operating Systems Principles (SOSP), pp. 207–220 (2009)
Abadi, M., Lamport, L.: The existence of refinement mappings. Theor. Comput. Sci. 82(2), 253–284 (1991)
Sprenger, C., Basin, D.: Refining key establishment. In: Proceedings of Computer Security Foundations Symposium (CSF), pp. 230–246. IEEE (2012)
Moggi, E.: Notions of computation and monads. Information and Computation 93(1), 55–92 (1991)
Andronick, J.: Formally proved anti-tearing properties of embedded C code. In: 2nd International Symposium on Leveraging Applications of Formal Methods, Verification and Validation (ISoLA 2006), pp. 129–136 (November 2006)
Sprenger, C., Basin, D.: A monad-based modeling and verification toolbox with application to security protocols. In: Schneider, K., Brandt, J. (eds.) TPHOLs 2007. LNCS, vol. 4732, pp. 302–318. Springer, Heidelberg (2007)
Benton, N.: Simple relational correctness proofs for static analyses and program transformations. In: Proc. Principles of Programming Languages (POPL), pp. 14–25. ACM (2004)
Joshi, R., Holzmann, G.J.: A mini challenge: build a verifiable filesystem. Formal Aspects of Computing 19(2), 269–272 (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Marić, O., Sprenger, C. (2014). Verification of a Transactional Memory Manager under Hardware Failures and Restarts. In: Jones, C., Pihlajasaari, P., Sun, J. (eds) FM 2014: Formal Methods. FM 2014. Lecture Notes in Computer Science, vol 8442. Springer, Cham. https://doi.org/10.1007/978-3-319-06410-9_31
Download citation
DOI: https://doi.org/10.1007/978-3-319-06410-9_31
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-06409-3
Online ISBN: 978-3-319-06410-9
eBook Packages: Computer ScienceComputer Science (R0)