Refinement in the formal verification of seL4

Authors

Gerwin Klein, Thomas Sewell and Simon Winwood

    School of Computer Science and Engineering
    University of New South Wales
    Sydney 2052 Australia
    
    NICTA, Sydney, Australia

Abstract

We present an overview of the different refinement frameworks used in the L4.verified project to formally prove the functional correctness of the seL4 microkernel. The verification is conducted in the interactive theorem prover Isabelle/HOL and proceeds in two large refinement steps: one proof between two monadic, functional specifications in HOL and one proof between such a monadic specification and a C program. To connect these proofs into one overall theorem, we map both refinement statements into a common overall framework.

BibTeX Entry

  @inbook{Klein_SW_10,
    publisher        = {Springer},
    doi              = {10.1007/978-1-4419-1539-9_11},
    title            = {Refinement in the formal verification of {seL4}},
    booktitle        = {Design and Verification of Microprocessor Systems for High-Assurance Applications},
    author           = {Gerwin Klein and Thomas Sewell and Simon Winwood},
    month            = {Mar},
    editor           = {David S. Hardin},
    year             = {2010},
    pages            = {323--339}
  }