Filters








927 Hits in 2.7 sec

Clean-Slate Development of Certified OS Kernels

Zhong Shao
2015 Proceedings of the 2015 Conference on Certified Programs and Proofs - CPP '15  
Programming languages for building end-to-end certified kernels. OS kernels must address a multitude of abstraction layers and programming concerns.  ...  With certified components as building blocks, we propose to design and develop new kernel structures that generalize and unify traditional OS abstractions in microkernels, recursive virtual machines [41  ...  Figure 3 : 3 A DSL-centric view for building certified OS kernels these different features (possibly at different abstraction levels) Figure 4 : 4 An open framework for building certified software  ... 
doi:10.1145/2676724.2693180 dblp:conf/cpp/Shao15 fatcat:ffiwrhqsdnbcflselj27eevbre

A Practical Verification Framework for Preemptive OS Kernels [chapter]

Fengwei Xu, Ming Fu, Xinyu Feng, Xiaoran Zhang, Hui Zhang, Zhaohui Li
2016 Lecture Notes in Computer Science  
It provides a specification language for defining the high-level abstract model of OS kernels, a program logic for refinement verification of concurrent kernel code with multi-level hardware interrupts  ...  We propose a practical verification framework for preemptive OS kernels.  ...  Their kernel is sequential. Recently, Chen et al. [8] propose a framework for building certified interruptible OS kernels (based on mCertiKOS) with device drivers.  ... 
doi:10.1007/978-3-319-41540-6_4 fatcat:c35dgsvqvraq7gqzwewkooyf6e

CertiKOS

Liang Gu, Alexander Vaynberg, Bryan Ford, Zhong Shao, David Costanzo
2011 Proceedings of the Second Asia-Pacific Workshop on Systems - APSys '11  
CertiKOS represents an effort to apply recent advances in certified software design to a ground-up design of a modular and evolvable certified kernel.  ...  We introduce CertiKOS (Certified Kit Operating System), a hypervisor architecture that leverages formal certification to ensure correctness and counter information leakage in cloud computing.  ...  Implementation The CertiKOS design presented here is just a first step in a larger project to develop a fully-certified, practical OS kernel.  ... 
doi:10.1145/2103799.2103803 dblp:conf/apsys/GuVFSC11 fatcat:5rn3be34rbf2ra2ybaokvlmceu

Towards Proving Optimistic Multicore Schedulers

Baptiste Lepers, Willy Zwaenepoel, Jean-Pierre Lozi, Nicolas Palix, Redha Gouicem, Julien Sopena, Julia Lawall, Gilles Muller
2017 Proceedings of the 16th Workshop on Hot Topics in Operating Systems - HotOS '17  
Recently, a full multicore micro-kernel has been certified functionally correct (Gu et al. 2016) .  ...  We plan to build upon this work to prove latency limits on the work-conserving property of our scheduler. DSLs have been proposed to make OSes more robust .  ... 
doi:10.1145/3102980.3102984 dblp:conf/hotos/LepersZLPGSLM17 fatcat:yz7brmznubdixkuugegk4k4q7e

High-confidence operating systems

Radu Grosu, Erez Zadok, Scott A. Smolka, Rance Cleaveland, Yanhong A. Liu
2002 Proceedings of the 10th workshop on ACM SIGOPS European workshop: beyond the PC - EW10  
The CCM model builds on our previous work in the formal modeling of hierarchic reactive systems, e.g.  ...  In cases where the man pages are insufficiently detailed or known to be inaccurate, we inspect the actual kernel sources at or near the entry point of that given system call into the kernel.  ... 
doi:10.1145/1133373.1133415 dblp:conf/sigopsE/GrosuZSCL02 fatcat:ahmhidz5bjctjld6tntbyw44be

Position paper: the science of deep specification

Andrew W. Appel, Lennart Beringer, Adam Chlipala, Benjamin C. Pierce, Zhong Shao, Stephanie Weirich, Steve Zdancewic
2017 Philosophical Transactions of the Royal Society A: Mathematical, Physical and Engineering Sciences  
The CertiKOS team has also adopted the abstraction-layer-based approach for expressing interrupts, which made it possible to build certified interruptible OS kernels and device drivers [14] .  ...  Our first example concerns the structuring mechanisms that allowed us to develop CertiKOS [13] [14] [15] [16] , a highly extensible certified OS kernel with support for multicore and multithreaded concurrency  ... 
doi:10.1098/rsta.2016.0331 pmid:28871056 fatcat:ztgho4isajbchi4bghlegxns7m

New methodology to develop certified safe and secure aeronautical software — An embedded router case study

A. Varet, N. Larrieu
2011 2011 IEEE/AIAA 30th Digital Avionics Systems Conference  
A separation kernel running on an embedded target enforces the segregation of computations done on the data.  ...  This methodology permits us to rapidly transform verifiable models into a safe and secure byte-code certifiable at DO-178B highest levels with reduced costs.  ...  Most of time, a "real" OS called "host OS" runs the different partitions, the "virtual" OS running in virtual machines are then called "guest OS".  ... 
doi:10.1109/dasc.2011.6096284 fatcat:qo3fvfi3dve3ldywzekvv4shpq

New methodology to develop certified safe and secure aeronautical software — An embedded router case study

Antoine Varet, Nicolas Larrieu
2011 2011 IEEE/AIAA 30th Digital Avionics Systems Conference  
A separation kernel running on an embedded target enforces the segregation of computations done on the data.  ...  This methodology permits us to rapidly transform verifiable models into a safe and secure byte-code certifiable at DO-178B highest levels with reduced costs.  ...  Most of time, a "real" OS called "host OS" runs the different partitions, the "virtual" OS running in virtual machines are then called "guest OS".  ... 
doi:10.1109/dasc.2011.6096126 fatcat:lblkrzynxjb3dl6oagl5q7gwli

Virtualizing mixed-criticality systems: A survey on industrial trends and issues

Marcello Cinque, Domenico Cotroneo, Luigi De Simone, Stefano Rosiello
2021 Future generations computer systems  
The key idea is to enhance the abstractions of OS processes (called containers), by extending the (host) OS kernel.  ...  Recently, Xen was used as a building block for Xilinx embedded systems [90] .  ... 
doi:10.1016/j.future.2021.12.002 fatcat:4q277etxfjewlpmkjcn7by42pm

Report on the NSF Workshop on Formal Methods for Security [article]

Stephen Chong, Joshua Guttman, Anupam Datta, Andrew Myers, Benjamin Pierce, Patrick Schaumont, Tim Sherwood, Nickolai Zeldovich
2016 arXiv   pre-print
Concurrency. Concurrency is a key concern for OS kernels, which are typically in charge of running multiple processes on a single computer.  ...  concurrency memory model is a good fit for an OS kernel that fundamentally operates on shared memory.  ... 
arXiv:1608.00678v2 fatcat:rfbhpa6plbggzj6hn6p72p4cnu

Process-oriented device driver development

F. R. M. Barnes, C. G. Ritson
2009 Concurrency and Computation  
Concurrency is inescapable for OS designers, necessary at the simplest level for handling interrupt-driven operation and supporting multiple tasks, but increasingly often for exploiting multi-core processors  ...  system scalability, reliability and efficiency. operating systems fail to meet one or more of these goals, due in a large part to the nature of the programming languages used to build them -typically  ...  The Plan9 OS [28] uses a concurrent variant of C ("Alef"). However, we take the view that the concurrent process-oriented approach of occam-pi seems to be more suitable.  ... 
doi:10.1002/cpe.1428 fatcat:iz2mho5azravpjaqqw2mppuf6m

Operating system verification—An overview

Gerwin Klein
2009 Sadhana (Bangalore)  
The project was an early proponent of separating OS policy from kernel mechanism: It was argued that, building on formally verified kernel mechanisms, it would be significantly easier to prove properties  ...  An important factor in the success of the seL4 kernel design was the tight integration of the two teams: While the design was mainly driven by the NICTA OS group in the seL4 project, the concurrent verification  ... 
doi:10.1007/s12046-009-0002-4 fatcat:pl7j3msbsncnhmwg5w34r2uee4

From multilevel security to multiple independent levels of security/safety: the evolution illustrated through a novel cross-domain architecture

Angelo Liguori
2017 International Journal of Mobile Network Design and Innovation  
The current marketplace offers many common criteria certified OSes.  ...  Concurrently with the DoD's efforts, the National Bureau of Standards (NBS) focused its attention on the definition of problems and solutions for building, evaluating, and auditing secure computer systems  ...  the EAL, that is the realisation of security objectives not required by the corresponding EAL. 3 Currently the version 7 is under certification at EAL4+ according to the common criteria scheme. 4 STOP OS  ... 
doi:10.1504/ijmndi.2017.082802 fatcat:jihunjqyr5fotmvsymol4j5u3e

Deep Specifications and Certified Abstraction Layers

Ronghui Gu, Jérémie Koenig, Tahina Ramananandro, Zhong Shao, Xiongnan (Newman) Wu, Shu-Chun Weng, Haozhong Zhang, Yu Guo
2015 SIGPLAN notices  
OS kernels in Coq (see Sec. 7).  ...  OS kernel verification The seL4 team [17] were the first to build a proof of functional correctness for a realistic microkernel.  ... 
doi:10.1145/2775051.2676975 fatcat:yfqgugovpvf5dpbfmtjrib7rue

Avoiding Pitfalls when Using NVIDIA GPUs for Real-Time Tasks in Autonomous Systems

Ming Yang, Nathan Otterness, Tanya Amert, Joshua Bakita, James H. Anderson, F. Donelson Smith, Marc Herbstritt
2018 Euromicro Conference on Real-Time Systems  
Unfortunately, GPUs present many challenges, so modeling, analyzing, and certifying a safety-critical autonomous system using GPUs is currently beyond the state-of-the-art.  ...  A conventional choice is to write and execute the task program as an operating system (OS) process in its own non-shared address space. This provides cross-task memory isolation.  ...  Execution of K3 must wait for the first two kernels to complete, and, in contrast to explicit synchronization, K4 is also prevented from running concurrently.  ... 
doi:10.4230/lipics.ecrts.2018.20 dblp:conf/ecrts/YangOABAS18 fatcat:6lqgpiohqrcvdcif47x54mdmr4
« Previous Showing results 1 — 15 out of 927 results