A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Filters
vTRUST: A Formal Modeling and Verification Framework for Virtualization Systems
[chapter]
2013
Lecture Notes in Computer Science
Preserved Fulltext
However, the complexity of the virtualization system makes the formal analysis a difficult task, e.g., sophisticated programs to manipulate low-level technologies, paged memory management, memory mapped ...
In this paper, we propose a formal framework, vTRUST, to formally describe virtualization systems with a carefully designed abstraction. vTRUST includes a library to model configurable hardware components ...
One of the most famous works is the formal verification of seL4 [8] , making it the only hypervisor verified at source code level so far. ...
doi:10.1007/978-3-642-41202-8_22
fatcat:znxpeyay5jh2rdurmptymgzqbu
High-Assurance Separation Kernels: A Survey on Formal Methods
[article]
2017
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Based on the proposed analytical framework, a taxonomy is designed according to formal methods application, functionalities, and properties of separation kernels. ...
However, this field lacks a survey to systematically study, compare, and analyze related work. On the other hand, high-assurance separation kernels by formal methods still face big challenges. ...
Management of hardware (e.g. clock, timer, interrupt, and memory) are necessary for hypervisor-based separation kernels. ...
arXiv:1701.01535v1
fatcat:wivlgaqkmffc5nb2kalmpy77sy
Position paper: the science of deep specification
2017
Philosophical Transactions of the Royal Society A: Mathematical, Physical and Engineering Sciences
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
One contribution of 8 to a discussion meeting issue 'Verified trustworthy software systems' . Modern hardware and software are monstrously complex. ...
(iv) The proof scripts yield formal proof objects in a variant of the calculus of inductive constructions (CiC) for which checking of proofs amounts to type checking and is fully automatic and independent ...
We thank the graduate students and post-doctoral researchers of our research groups for their contributions, and our external academic and industrial collaborators for their participation. ...
doi:10.1098/rsta.2016.0331
pmid:28871056
fatcat:ztgho4isajbchi4bghlegxns7m
The semantics of power and ARM multiprocessor machine code
2008
Proceedings of the 4th workshop on Declarative aspects of multicore programming - DAMP '09
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
We develop a rigorous semantics for Power and ARM multiprocessor programs, including their relaxed memory model and the behaviour of reasonable fragments of their instruction sets. ...
This should provide a good basis for informal reasoning and formal verification of low-level code for these weakly consistent architectures, and, together with our x86 semantics, for the design and compilation ...
Acknowledgements We thank Nathan Chong for discussions about the ARM, and Luc Maranget for comments on a draft, Paul McKenney and Raul Silvera for comments on the PowerPC, and Doug Lea. ...
doi:10.1145/1481839.1481842
dblp:conf/popl/AlglaveFIMSSN09
fatcat:h4dlhsfd4zcbfkuggpyfrj7nkm
Synchronising C/C++ and POWER
2012
Proceedings of the 33rd ACM SIGPLAN conference on Programming Language Design and Implementation - PLDI '12
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
But in the very relaxed settings of IBM R POWER R , ARM, or C/C++, it remains surprisingly unclear exactly what the programmer can depend on. This paper studies relaxed-memory synchronisation. ...
On the hardware side, we give a clear semantic characterisation of the load-reserve/store-conditional primitives as provided by POWER multiprocessors, for the first time since they were introduced 20 years ...
A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/ copytrade.shtml. ...
doi:10.1145/2254064.2254102
dblp:conf/pldi/SarkarMOBSMAW12
fatcat:wif4n2azwre25csayorry3xamy
Synchronising C/C++ and POWER
2012
SIGPLAN notices
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
But in the very relaxed settings of IBM R POWER R , ARM, or C/C++, it remains surprisingly unclear exactly what the programmer can depend on. This paper studies relaxed-memory synchronisation. ...
On the hardware side, we give a clear semantic characterisation of the load-reserve/store-conditional primitives as provided by POWER multiprocessors, for the first time since they were introduced 20 years ...
A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/ copytrade.shtml. ...
doi:10.1145/2345156.2254102
fatcat:ukxlu6v2gzdajkg2aaz3zgpuyu
ISA semantics for ARMv8-a, RISC-v, and CHERI-MIPS
2019
Proceedings of the ACM on Programming Languages (PACMPL)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
We moreover integrate the RISC-V model into the RMEM tool for (user-mode) relaxed-memory concurrency exploration. We prove (on paper) the soundness of the core Sail type system. ...
Our ARMv8-A models are automatically translated from authoritative ARM-internal definitions, and (in one variant) tested against the ARM Architecture Validation Suite. ...
ACKNOWLEDGMENTS The ARMv8-A modelling work would not have been possible without generous technical assistance from ARM. ...
doi:10.1145/3290384
fatcat:v4zdb5cq7nbzzetgkitndrlcia
Scalable validation of binary lifters
2020
Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Also, I illustrated potential applications of the semantics in different formal analyses, and discuss how it can be useful for processor verification. ...
Unfortunately, existing approaches focus on validating the correctness of lifting a single instruction and do not scale to full programs. ...
We begin with a discussion of a use case for hardware verification. ...
doi:10.1145/3385412.3385964
dblp:conf/pldi/DasguptaDVAF20
fatcat:3khjl5gbmnetjay23fk3sc2ktu
Microkernel Mechanisms for Improving the Trustworthiness of Commodity Hardware
2015
2015 11th European Dependable Computing Conference (EDCC)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
We take advantage of the functional correctness and isolation guarantee provided by the formally verified seL4 microkernel and hardware redundancy provided by multicore processors, design the redundant ...
The effectiveness of the error detection mechanisms is assessed by conducting fault injection campaigns on real hardware, and the results demonstrate compelling improvement. ...
The seL4 adopts a single-kernel-stack and non-preemptible kernel execution model to tackle the limitations of formal verification. ...
doi:10.1109/edcc.2015.16
dblp:conf/edcc/ShenE15
fatcat:xq65e72x7zcnjbbmrwpgebqnxa
Scale-out NUMA
2014
Proceedings of the 19th international conference on Architectural support for programming languages and operating systems - ASPLOS '14
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
directly on top of a NUMA memory fabric via a stateless messaging protocol. ...
To facilitate interactions between the application, OS, and the fabric, soNUMA relies on the remote memory controller -a new architecturally-exposed hardware block integrated into the node's local coherence ...
This work has been partially funded by the EuroCloud project of the 7th Framework Program of the European Commission, and by the Workloads and Server Architectures for Green Datacenters project of the ...
doi:10.1145/2541940.2541965
dblp:conf/asplos/NovakovicDBFG14
fatcat:buiufe62bvfohpvti5gsq3cyoa
A Secure and Formally Verified Commodity Multiprocessor Hypervisor
2021
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
Commodity hypervisors are widely deployed to support virtual machines on multiprocessor server hardware. ...
However, it remains unknown how one might feasibly verify the entire codebase of a complex, multiprocessor commodity system. ...
In other words, the use of locks in verified KVM to protect shared memory accesses and make its proofs tractable do not adversely affect its multiprocessor VM performance on Arm relaxed memory hardware ...
doi:10.7916/d8-s2kz-e886
fatcat:blauq4tv55gl5bhnshrnoxrebq
Fault Resilient Real-Time Design for NoC Architectures
2012
2012 IEEE/ACM Third International Conference on Cyber-Physical Systems
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
and to lower jitter in systems via utilizing message passing instead of shared memory as the means for intra-processor communication. ...
To our knowledge, this work is the first to systematically map real-time tasks onto massive multi-core processors with support for fault tolerance that considers NoC effects on scalability on an real hardware ...
Notice that this is a virtual L3 cache implemented through a hypervisor by distributing memory references over the L2 caches of all cores. ...
doi:10.1109/iccps.2012.16
dblp:conf/iccps/ZimmerM12
fatcat:2hnpfqjjn5dpzgch7moi4u7cbe
System Software
[chapter]
2021
Embedded Systems
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
AbstractIn order to cope with the complexity of applications of embedded systems, reuse of components is a key technique. ...
This chapter starts with a description of general requirements for embedded operating systems. ...
The lack of memory management hardware in uClinux-supported platforms comes with a number of disadvantages. ...
doi:10.1007/978-3-030-60910-8_4
fatcat:xtc64f3zqfd53e7ybwtfoe4dla
Report from Dagstuhl Seminar 11011 Multi-Core Memory Models and Concurrency Theory Creative Commons BY-NC-ND 3.0 Unported license
Dagstuhl Reports
unpublished
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
Hardware specifications are so informal that it is very hard to know whether we have a correct implementation of the language specs (if we knew how to specify those fully). ...
This report documents the programme and the outcomes of Dagstuhl Seminar 11011 "Multi-Core Memory Models and Concurrency Theory". ...
Hardware Verification Multiprocessor relaxed memory model behaviour is an emergent property of an entire multiprocessor design, involving both core behaviour (especially speculation) and memory communication ...
fatcat:dc7ohu5wwfd2tozg4h7tldjjv4
Operating System Security
2008
Synthesis Lectures on Information Security Privacy and Trust
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
He designed Sun's multilevel desktops based on Open Look, CDE, and GNOME; he holds a patent for the underlying X11 security policy. ...
He is an associate editor with ACM TOIT and has been a guest editor of ACM TISSEC. ...
Xen is a Type 1 VMM consisting of two major components: (1) a hypervisor that runs directly on the hardware and (2) a privileged VM that provides I/O and VM configuration support. ...
doi:10.2200/s00126ed1v01y200808spt001
fatcat:o7qgtis6zffr3disdujoq4izaa
« Previous
Showing results 1 — 15 out of 41 results