563 Hits in 5.6 sec

Self-stabilizing device drivers

Shlomi Dolev, Reuven Yagel
2008 ACM Transactions on Autonomous and Adaptive Systems  
The first uses leases in order to guarantee progress from the i/o device side. The second assumes stabilization of the i/o device, and uses snapshots to perform consistency checks.  ...  As an example, we demonstrate the non-stability of the ata standard protocol for storage devices.  ...  Thus, based on the idea of fair composition [9] , once the microprocessor stabilizes and starts fetching and executing instructions, the system's kernel converges to a legal behavior, in which other programs  ... 
doi:10.1145/1452001.1452007 fatcat:snujgv5ttjgrfj4wxdwsurfzgy

Self-stabilizing Device Drivers [chapter]

Shlomi Dolev, Reuven Yagel
2006 Lecture Notes in Computer Science  
The first uses leases in order to guarantee progress from the i/o device side. The second assumes stabilization of the i/o device, and uses snapshots to perform consistency checks.  ...  As an example, we demonstrate the non-stability of the ata standard protocol for storage devices.  ...  Thus, based on the idea of fair composition [9] , once the microprocessor stabilizes and starts fetching and executing instructions, the system's kernel converges to a legal behavior, in which other programs  ... 
doi:10.1007/978-3-540-49823-0_19 fatcat:uezwfhtujjbcnhobua25234gdm

Clean-Slate Development of Certified OS Kernels

Zhong Shao
2015 Proceedings of the 2015 Conference on Certified Programs and Proofs - CPP '15  
Programming languages for building end-to-end certified kernels. OS kernels must address a multitude of abstraction layers and programming concerns.  ...  Operating System (OS) kernels form the bedrock of all system software-they can have the greatest impact on the resilience, extensibility, and security of today's computing hosts.  ...  Code at Level B involves both hardware interrupts and threads; synchronization primitives, input/output operations, device drivers, and interrupt handlers are all implemented at this level.  ... 
doi:10.1145/2676724.2693180 dblp:conf/cpp/Shao15 fatcat:ffiwrhqsdnbcflselj27eevbre

Theory of Multi Core Hypervisor Verification [chapter]

Ernie Cohen, Wolfgang Paul, Sabine Schmaltz
2013 Lecture Notes in Computer Science  
However, there is a significant gap between code verification of a kernel (such as a hypervisor) and a proof of correctness of a real system running the code.  ...  For example, the kernel code itself has to set up low-level facilities such as its call stack and virtual memory map, and must continue to use memory in a way that justifies the memory model assumed by  ...  There have been a number of verification projects targetting such code, particularly operating system (OS) kernels.  ... 
doi:10.1007/978-3-642-35843-2_1 fatcat:fe62ercjczcxrkl7te7ifyc56e

Towards a DEVS-based Operating System

Daniella Niyonkuru, Gabriel Wainer
2015 Proceedings of the 3rd ACM Conference on SIGSIM-Principles of Advanced Discrete Simulation - SIGSIM-PADS '15  
Modeling and Simulation (M&S)-based methods, on the other hand, deal effectively with scalability issues and provide the benefits of a risk-free testing environment.  ...  To address the above challenges, we present a formal M&S-based kernel that runs on bare-metal and execute the original simulation models on the target hardware.  ...  Interfacing with passive devices requires the implementation of a periodic timer interrupt that requests the state of the device.  ... 
doi:10.1145/2769458.2769465 dblp:conf/pads/NiyonkuruW15 fatcat:ufeyeh3c7reqzlf6q4yn62e33y

Smart mobility of the future – a challenge for embedded automotive systems

Marcel Baunach, Renata Martins Gomes, Maja Malenko, Fabian Mauroner, Leandro Batista Ribeiro, Tobias Scheipel
2018 e & i Elektrotechnik und Informationstechnik  
However, most of the related services and technological features will be implemented in millions of lines of code running on hundreds of computers, embedded into each car.  ...  This article discusses specific challenges on embedded operating systems and processor architectures for highly dependable and compositional computing platforms in future vehicles.  ...  The endowed professorship and working group "Embedded Automotive Systems" is partially funded by AVL List GmbH, the Austrian Federal Ministry of Sciences, Research and Economy (bmwfw), and Graz University  ... 
doi:10.1007/s00502-018-0623-6 fatcat:vb34jllbkfeyjjhbfqls3osw5q

Security testing framework: strategy and approach

Thorsten Schulz, Andreas Hohenegger, Staffan Persson, Alvaro Ortega, Reinhard Hametner, Michael Paulitsch, Caspar Gries, Sergey Tverdyshev, Holger Blasum, Kertis Tomáš
2017 Zenodo  
This is also brought into context with the certMILS application pilots and the applicability to testing of compositions as the fundamental architecture of a MILS system.  ...  The research starts with a survey of non-industrial security frameworks and general identification of security vulnerabilities.  ...  Kernel device driver API See the previous chapter 2.4.3 Separation kernel I-composition: kernel device driver API.  ... 
doi:10.5281/zenodo.2586591 fatcat:lz4li6fdwfhnnktbfdtjlsnlzu

Composite Enclaves: Towards Disaggregated Trusted Execution

Moritz Schneider, Aritra Dhar, Ivan Puddu, Kari Kostiainen, Srdjan Čapkun
2021 Transactions on Cryptographic Hardware and Embedded Systems  
Finally, we present two case studies of composite enclaves: i) an FPGA platform based on RISC-V Keystone connected to emulated peripherals and sensors, and ii) a large-scale accelerator.  ...  the feasibility of our approach and showing that it can work with a wide range of specialized hardware.  ...  Thanks to Kaveh Razavi and Shwetha Shinde for feedback on early versions of this paper.  ... 
doi:10.46586/tches.v2022.i1.630-656 fatcat:rzbybefahvfind6cbbkjibshqa

Operating system verification—An overview

Gerwin Klein
2009 Sadhana (Bangalore)  
This paper gives a high-level introduction to the topic of formal, interactive, machine-checked software verification in general, and the verification of operating systems code in particular.  ...  We survey the state of the art, the advantages and limitations of machinechecked code proofs, and describe two specific ongoing larger-scale verification projects in more detail.  ...  Acknowledgements The author would like to thank Elisabeth Meister, Timothy Bourke, Mark Hillebrand, Tom in der Rieden, Norbert Schirmer, and Hendrik Tews for their feedback and for reading drafts of this  ... 
doi:10.1007/s12046-009-0002-4 fatcat:pl7j3msbsncnhmwg5w34r2uee4

Proving Fairness and Implementation Correctness of a Microkernel Scheduler

Matthias Daum, Jan Dörrenbächer, Burkhart Wolff
2009 Journal of automated reasoning  
The kernel establishes process switches according to IPCs and timer-events; the scheduling of process switches, however, follows a hierarchy of priorities, favoring, e. g., system processes over application  ...  Our microkernel provides an infrastructure for memory virtualization, for communication with hardware devices, for processes (represented as a sequence of assembly instructions, which are executed concurrently  ...  Acknowledgements We thank Andrew Baumann, Sebastian Bogan, Christian Hennrich, Sarah Hoffmann, and the anonymous reviewers during the publication process for reviewing, constructive criticism and helpful  ... 
doi:10.1007/s10817-009-9119-8 fatcat:rodaqypf2nb6dnhhoycw5j3jb4

This page intentionally left blank

2003 Third International Conference on Quality Software, 2003. Proceedings.  
In his paper, Rushby also proposed the separation kernel as a possible solution for addressing the difficulties and problems faced in the development and verification of large, complex security kernels  ...  The composition of Function, Device and Bus number will uniquely identify a specific function within a specific PCI device on a specific PCI bus.  ...  It is the responsibility of the driver to convert pointers to physical addresses, and vice versa, when interacting with a device.  ... 
doi:10.1109/qsic.2003.1319069 fatcat:u3g7li52lvfppey3jon66wl7eq

Virtualizing mixed-criticality systems: A survey on industrial trends and issues

Marcello Cinque, Domenico Cotroneo, Luigi De Simone, Stefano Rosiello
2021 Future generations computer systems  
This work surveys the state-of-the-practice of real-time virtualization technologies by discussing common issues in the industry.  ...  In particular, we analyze how different virtualization approaches and solutions can impact isolation guarantees and testing/certification activities, and how they deal with dependability challenges.  ...  in user-mode the other kernel functionalities (device drivers, filesystem, networking, paging, etc.).  ... 
doi:10.1016/j.future.2021.12.002 fatcat:4q277etxfjewlpmkjcn7by42pm

Self-stabilizing operating systems

Shlomi Dolev, Reuven Yagel
2005 Proceedings of the twentieth ACM symposium on Operating systems principles - SOSP '05  
First of all my advisor Professor Shlomi Dolev who introduced me to the worlds of self-stabilization, distributed computing and academic research in general.  ...  We spent many hours together suggesting and validating ideas, and also having enjoyable moments of friendship. Whenever I thought I reached a dead end, he was there to patiently find the way out.  ...  The interrupt status of the device controller must also be checked to ensure that the device controller will inform the OS driver upon completion.  ... 
doi:10.1145/1095810.1118590 fatcat:pybth2w65jh5hjzqfn6j675osa

Guidelines to use and apply PP for all involved stakeholders

Jan Rollo, Helmut Kurth, Andreas Hohenegger, Amelia Álvarez de Sotomayor, Benito Caracuel, Alvaro Ortega, Sergey Tverdyshev, Holger Blasum, Tomáš Kertis
2018 Zenodo  
We explain how to read a generic document used in the certification of separation-kernel-based systems, the certMILS protection profile (PP), and how to write new PP-conformant security targets for specific  ...  We explain how separation kernels are useful for building and certifying medium-and high-assurance systems.  ...  ST authors would have to argue for the absence of interrupts and devices.  ... 
doi:10.5281/zenodo.2586574 fatcat:wmht3s7bfrcsfnojrdecq2iyda

Formal co-validation of low-level hardware/software interfaces

Alex Horn, Michael Tautschnig, Celina Val, Lihao Liang, Tom Melham, Jim Grundy, Daniel Kroening
2013 2013 Formal Methods in Computer-Aided Design  
Today's microelectronics industry is increasingly confronted with the challenge of developing and validating software that closely interacts with hardware.  ...  We provide experimental results that show our approach is both feasible as a bug-finding technique and scales to handle a significant degree of concurrency in the combined hardware/software model.  ...  ACKNOWLEDGEMENTS This work is funded by a donation from Intel Corporation for research on Effective Validation of Firmware.  ... 
doi:10.1109/fmcad.2013.6679400 fatcat:ghkb7mhcirdidaxerfmtvfo7va
« Previous Showing results 1 — 15 out of 563 results