Static analysis of device drivers: we can do better!

Authors

Sidney Amani, Leonid Ryzhyk, Alastair Donaldson, Gernot Heiser, Alexander Legg and Yanjin Zhu

    School of Computer Science and Engineering
    University of New South Wales
    Sydney 2052 Australia
    
    NICTA, Sydney, Australia

Abstract

We argue that the device driver architecture enforced by current operating systems complicates both manual and automatic reasoning about driver behaviour. In particular, it makes it hard and in some cases impossible to statically verify that the driver correctly interacts with the rest of the kernel. This limitation cannot be addressed solely via better verification tools. We maintain that qualitative improvement in the effectiveness of static driver verification must rely on an improved driver architecture, leading to drivers that are easier to write, understand, and verify.

To support our claims, we present a device driver architecture, called active drivers, that satisfies these requirements. We outline our methodology for specifying and verifying active driver protocols using existing model checking tools and describe initial experimental results.

BibTeX Entry

  @inproceedings{Amani_RDHLZ_11,
    doi              = {10.1145/2103799.2103809},
    author           = {Sidney Amani and Leonid Ryzhyk and Alastair Donaldson and Gernot Heiser and Alexander Legg and
                        Yanjin Zhu},
    title            = {Static Analysis of Device Drivers: We Can Do Better!},
    booktitle        = {2nd APSys},
    year             = {2011},
    month            = {Jul},
    address          = {Shanghai, China},
    pages            = {8:1--8:5}
  }

Download

• Amani_RDHLZ_11.pdf
• Slides