Skip to main content
SpringerLink
Log in

Formally Verified System Initialisation

  • Conference paper
Formal Methods and Software Engineering (ICFEM 2013)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 8144))

Included in the following conference series:

Abstract

The safety and security of software systems depends on how they are initially configured. Manually writing program code that establishes such an initial configuration is a tedious and error-prone engineering process. In this paper we present an automatic and formally verified initialiser for component-based systems built on the general-purpose microkernel seL4. The construction principles of this tool apply to capability systems in general and the proof ideas are not specific to seL4. The initialiser takes a declarative formal description of the desired initialised state and uses seL4-provided services to create all necessary components, setup their communication channels, and distribute the required access rights. We provide a formal model of the initialiser and prove, in the theorem prover Isabelle/HOL, that the resulting state is the desired one. Our proof formally connects to the existing functional correctness proof of the seL4 microkernel. This tool does not only provide automation, but also unprecedented assurance for reaching a desired system state. In addition to the engineering advantages, this result is a key prerequisite for reasoning about system-wide security and safety properties.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Alves-Foss, J., Oman, P.W., Taylor, C., Harrison, S.: The MILS architecture for high-assurance embedded systems. Int. J. Emb. Syst. 2, 239–247 (2006)

    Article  Google Scholar 

  2. Hicks, B., Rueda, S., Clair, L.S., Jaeger, T., McDaniel, P.D.: A logical specification and analysis for SELinux MLS policy. In: Lotz, V., Thuraisingham, B.M. (eds.) SACMAT, pp. 91–100. ACM Press, New York (2007)

    Chapter  Google Scholar 

  3. Klein, G.: From a verified kernel towards verified systems. In: Ueda, K. (ed.) APLAS 2010. LNCS, vol. 6461, pp. 21–33. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  4. Klein, G., Elphinstone, K., Heiser, G., Andronick, J., Cock, D., Derrin, P., Elkaduwe, D., Engelhardt, K., Kolanski, R., Norrish, M., Sewell, T., Tuch, H., Winwood, S.: seL4: Formal verification of an OS kernel. In: 22nd SOSP, pp. 207–220. ACM (2009)

    Google Scholar 

  5. Klein, G., Kolanski, R., Boyton, A.: Mechanised separation algebra. In: Beringer, L., Felty, A. (eds.) ITP 2012. LNCS, vol. 7406, pp. 332–337. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  6. Kuz, I., Klein, G., Lewis, C., Walker, A.: capDL: A language for describing capability-based systems. In: 1st APSys, New Delhi, India, pp. 31–36 (August 2010)

    Google Scholar 

  7. Murray, T., Matichuk, D., Brassil, M., Gammie, P., Bourke, T., Seefried, S., Lewis, C., Gao, X., Klein, G.: seL4: from general purpose to a proof of information flow enforcement. In: IEEE Symp. Security & Privacy, Oakland, CA (May 2013)

    Google Scholar 

  8. National Security Agency. U.S. government protection profile for separation kernels in environments requiring high robustness, version 1.3 (June 2007)

    Google Scholar 

  9. Open Kernel Labs. OKL4 microkernel, reference manual (September 2008), http://wiki.ok-labs.com/downloads/release-3.0/okl4-ref-manual-3.0.pdf

  10. Reynolds, J.C.: Separation logic: A logic for shared mutable data structures. In: Proc. 17th IEEE Symposium on Logic in Computer Science, pp. 55–74 (2002)

    Google Scholar 

  11. Sewell, T., Myreen, M., Klein, G.: Translation validation for a verified OS kernel. In: Proc. 34th PLDI, pp. 471–481. ACM (June 2013)

    Google Scholar 

  12. Sewell, T., Winwood, S., Gammie, P., Murray, T., Andronick, J., Klein, G.: seL4 enforces integrity. In: van Eekelen, M., Geuvers, H., Schmaltz, J., Wiedijk, F. (eds.) ITP 2011. LNCS, vol. 6898, pp. 325–340. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  13. Shapiro, J.S., Weber, S.: Verifying the EROS confinement mechanism. In: IEEE Symposium on Security and Privacy, pp. 166–176. IEEE Computer Society (2000)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. NICTA, Sydney, Australia

    Andrew Boyton, June Andronick, Callum Bannister, Matthew Fernandez, Xin Gao, David Greenaway, Gerwin Klein, Corey Lewis & Thomas Sewell

  2. School of Computer Science and Engineering, UNSW, Sydney, Australia

    Andrew Boyton, June Andronick, Callum Bannister, Matthew Fernandez, David Greenaway, Gerwin Klein & Thomas Sewell

Authors
  1. Andrew Boyton
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. June Andronick
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Callum Bannister
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Matthew Fernandez
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Xin Gao
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. David Greenaway
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Gerwin Klein
    View author publications

    You can also search for this author in PubMed Google Scholar

  8. Corey Lewis
    View author publications

    You can also search for this author in PubMed Google Scholar

  9. Thomas Sewell
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Engineering and Computer Science, Victoria University of Wellington, P.O. Box 600, 6140, Wellington, New Zealand

    Lindsay Groves

  2. Department of Computer Science, The University of Auckland, Private Bag 92019, 1142, Auckland, New Zealand

    Jing Sun

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Boyton, A. et al. (2013). Formally Verified System Initialisation. In: Groves, L., Sun, J. (eds) Formal Methods and Software Engineering. ICFEM 2013. Lecture Notes in Computer Science, vol 8144. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-41202-8_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-41202-8_6

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-41201-1

  • Online ISBN: 978-3-642-41202-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation