Filters








61 Hits in 5.2 sec

Specification and verification of the UCLA Unix security kernel (Extended Abstract)

Bruce J. Walker, Richard A. Kemmerer, Gerald J. Popek
1979 Proceedings of the seventh symposium on Operating systems principles - SOSP '79  
Introduction Data Secure Unix, a kernel structured operating system, was constructed as part of an ongoing effort at UCLA to develop procedures by which operating systems can be produced and shown secure  ...  The General Verification Approach The proof that the kernel is secure has two parts: a) developing four levels of specifications, ranging from Pascal code to the top-level security criterion, and b) verifying  ...  Introduction Data Secure Unix, a kernel structured operating system, was constructed as part of an ongoing effort at UCLA to develop procedures by which operating systems can be produced and shown secure  ... 
doi:10.1145/800215.806571 dblp:conf/sosp/WalkerKP79 fatcat:eeb6ofwjevgabkjxj2wctwnrea

OS Verification- A Survey as a Source of Future Challenges

Kushal Anjaria, Arun Mishra
2015 International Journal of Computer Science & Engineering Survey  
Formal verification of an operating system kernel manifests absence of errors in the kernel and establishes trust in it.  ...  This paper evaluates various projects on operating system kernel verification and presents indepth survey of them.  ...  The UCLA project managed to finish 90% of their specification and 20% of their proofs in 5 person-year. Figure-3 shows the detail of implementation of UCLA secure unix project.  ... 
doi:10.5121/ijcses.2015.6401 fatcat:kmf3kdtarja7fduluaq5qxx4we

Operating system verification—An overview

Gerwin Klein
2009 Sadhana (Bangalore)  
We survey the state of the art, the advantages and limitations of machinechecked code proofs, and describe two specific ongoing larger-scale verification projects in more detail.  ...  This paper gives a high-level introduction to the topic of formal, interactive, machine-checked software verification in general, and the verification of operating systems code in particular.  ...  Acknowledgements The author would like to thank Elisabeth Meister, Timothy Bourke, Mark Hillebrand, Tom in der Rieden, Norbert Schirmer, and Hendrik Tews for their feedback and for reading drafts of this  ... 
doi:10.1007/s12046-009-0002-4 fatcat:pl7j3msbsncnhmwg5w34r2uee4

CVM – A Verified Framework for Microkernel Programmers

Tom In der Rieden, Alexandra Tsyban
2008 Electronical Notes in Theoretical Computer Science  
An endeavor like this is tedious and of a considerable complexity. Thus, we do not try to present all details, but provide references to publications covering specific aspects.  ...  Furthermore, we describe how CVM can be implemented by means of a concrete kernel, thus providing a trustworthy platform for microkernel programmers.  ...  Related Work First attempts to use theorem provers to specify and even prove correct operating systems were made as early as the seventies in PSOS [20] and UCLA Secure Unix [32] .  ... 
doi:10.1016/j.entcs.2008.06.047 fatcat:fhivayrqb5aj7nmrgam33uc4be

Issues in kernel design [chapter]

G. J. Popek, C. S. Kline
1978 Lecture Notes in Computer Science  
A good example of such a trusted process appears both in the Multics system at M.I.T. as well as in the UCLA Secure Unix development.  ...  We also wish to thank Evelyn Walton, who largely built the UCLA kernel, and all the members of the UCLA Security Research Group who participated in discussions that helped form and refine these ideas.  ... 
doi:10.1007/3-540-08755-9_5 fatcat:y43endaxqvhs3emjwyqyyrrby4

Reflections on the verification of the security of an operating system kernel

Jonathan M. Silverman
1983 Proceedings of the ninth ACM symposium on Operating systems principles - SOSP '83  
The kernel implements multiple protection structures to support both discretionary and nondiscretionary security policies. The design of the kernel was formally specified.  ...  This paper discusses the formal verification of the design of an operating system kernel's conformance to the multilevel security property.  ...  ., "Preliminary Notes on the Design of Secure Military [WALK80] B. Walker, et al., "Specification and Verification of the UCLA Unix Security Kernel," CACM, 23, 2 (February 1980).  ... 
doi:10.1145/800217.806623 dblp:conf/sosp/Silverman83 fatcat:vdjp2feqdfanrfy4syvuprbl7i

Reflections on the verification of the security of an operating system kernel

Jonathan M. Silverman
1983 ACM SIGOPS Operating Systems Review  
The kernel implements multiple protection structures to support both discretionary and nondiscretionary security policies. The design of the kernel was formally specified.  ...  This paper discusses the formal verification of the design of an operating system kernel's conformance to the multilevel security property.  ...  ., "Preliminary Notes on the Design of Secure Military [WALK80] B. Walker, et al., "Specification and Verification of the UCLA Unix Security Kernel," CACM, 23, 2 (February 1980).  ... 
doi:10.1145/773379.806623 fatcat:ztlv4o26rvdenfp7fkhmuwyxxu

From a Verified Kernel towards Verified Systems [chapter]

Gerwin Klein
2010 Lecture Notes in Computer Science  
verified kernel may be used for gaining formal, code-level assurance about safety and security properties of systems on the order of a million lines of code.  ...  This paper briefly summarises the proof, its main implications and assumptions, reports on the experience in conducting such a large-scale verification, and finally lays out a vision how this formally  ...  The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of the  ... 
doi:10.1007/978-3-642-17164-2_3 fatcat:askysutvofghzk2ajojawwmmgu

Verifying security invariants in ExpressOS

Haohui Mai, Edgar Pek, Hui Xue, Samuel Talmadge King, Parthasarathy Madhusudan
2013 Proceedings of the eighteenth international conference on Architectural support for programming languages and operating systems - ASPLOS '13  
effort while still proving the security relevant aspects of our system.  ...  We built ExpressOS, analyzed its security, and tested its performance. Our evaluation shows that the performance of ExpressOS is comparable to an Android-based system.  ...  We also thank Shuo Tang for implementing an earlier version of the system.  ... 
doi:10.1145/2451116.2451148 dblp:conf/asplos/MaiPXKM13 fatcat:e6sxytmbrbd2dmgs2aq4qb53py

Verifying security invariants in ExpressOS

Haohui Mai, Edgar Pek, Hui Xue, Samuel Talmadge King, Parthasarathy Madhusudan
2013 SIGPLAN notices  
effort while still proving the security relevant aspects of our system.  ...  We built ExpressOS, analyzed its security, and tested its performance. Our evaluation shows that the performance of ExpressOS is comparable to an Android-based system.  ...  We also thank Shuo Tang for implementing an earlier version of the system.  ... 
doi:10.1145/2499368.2451148 fatcat:e3kqzgbohrf2bbtuirtb6nmngy

Design and verification of secure systems

J. M. Rushby
1981 ACM SIGOPS Operating Systems Review  
This paper reviews some of the difficulties that arise in the verification of kernelized secure systems and suggests new techniques for their resolution.  ...  This approach decouples verification of components which perform trusted functions from verification of the security kernel.  ...  These are the formal statements of the six conditions for Proof of Separability.  ... 
doi:10.1145/1067627.806586 fatcat:y3t5ocwsyrdodcyjmgnvavyiuy

Design and verification of secure systems

J. M. Rushby
1981 Proceedings of the eighth symposium on Operating systems principles - SOSP '81  
This paper reviews some of the difficulties that arise in the verification of kernelized secure systems and suggests new techniques for their resolution.  ...  This approach decouples verification of components which perform trusted functions from verification of the security kernel.  ...  These are the formal statements of the six conditions for Proof of Separability.  ... 
doi:10.1145/800216.806586 dblp:conf/sosp/Rushby81 fatcat:cdv2zrboojhirjd5kkmjitxqge

seL4

Gerwin Klein, Michael Norrish, Thomas Sewell, Harvey Tuch, Simon Winwood, Kevin Elphinstone, Gernot Heiser, June Andronick, David Cock, Philip Derrin, Dhammika Elkaduwe, Kai Engelhardt (+1 others)
2009 Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles - SOSP '09  
We present our experience in performing the formal, machine-checked verification of the seL4 microkernel from an abstract specification down to its C implementation.  ...  Functional correctness means here that the implementation always strictly follows our high-level abstract specification of kernel behaviour.  ...  We also would like to acknowledge the contribution of the former team members on this verification project: Jeremy Dawson, Jia Meng, Catherine Menon, and David Tsai.  ... 
doi:10.1145/1629575.1629596 dblp:conf/sosp/KleinEHACDEEKNSTW09 fatcat:cidf7z4awnhyfljpznijerhee4

Operating System Security

Trent Jaeger
2008 Synthesis Lectures on Information Security Privacy and Trust  
He is active in the security research community, having been a member of the program committees of all the major security conferences, and the program chair of the ACM CCS Government and Industry Track  ...  , and the Xen security architecture.  ...  The original idea was to build a security kernel and an emulator to enable execution of an ordinary operating system (UNIX), as was done by KSOS [198] and the UCLA Secure Data UNIX system [248] .  ... 
doi:10.2200/s00126ed1v01y200808spt001 fatcat:o7qgtis6zffr3disdujoq4izaa

Kit: a study in operating system verification

W.R. Bevier
1989 IEEE Transactions on Software Engineering  
Kemmerer [Kemmerer 82 ] acknowledges a debt to Milner and Hoare in the verification of a portion of the security kernel of UCLA Secure Unix.  ...  kernel projects are reported in the literature: PSOS [Feiertag 79, Neumann 77], KSOS [McCauley 79, Berson 79], UCLA Secure Unix project [Popek 79, Walker 80], KVM/370 [Gold 79], and SCOMP [Fraim 83].  ...  The result is an abstract operational specification for a kernel implementation. AK is abstract in the following ways. • The private state spaces of tasks are transparently isolated.  ... 
doi:10.1109/32.41331 fatcat:sumcri2ukvazxgdyccrcbd56la
« Previous Showing results 1 — 15 out of 61 results