Refinement in the Formal Verification of the seL4 Microkernel [chapter]

Gerwin Klein, Thomas Sewell, Simon Winwood
2010 Design and Verification of Microprocessor Systems for High-Assurance Applications  
We present an overview of the different refinement frameworks used in the L4.verified project to formally prove the functional correctness of the seL4 microkernel. The verification is conducted in the interactive theorem prover Isabelle/HOL and proceeds in two large refinement steps: one proof between two monadic, functional specifications in HOL and one proof between such a monadic specification and a C program. To connect these proofs into one overall theorem, we map both refinement
more » ... into a common overall framework. 2 Gerwin Klein, Thomas Sewell, and Simon Winwood It formally derives everything else. The verified version of the seL4 kernel runs on the ARMv6 architecture and the Freescale i.MX31 platform. This article gives an overview of the main proof technique and the proof framework that was used in this verification project: refinement. Abstract Specification Executable Specification High-Performance C Implementation
doi:10.1007/978-1-4419-1539-9_11 fatcat:2ytrxjfjf5f7hfez7pk2653rei