Skip to Main content Skip to Navigation
Journal articles

Formal proof of dynamic memory isolation based on MMU

Narjes Jomaa 1, 2 David Nowak 1, 2 Gilles Grimaud 1, 2 Samuel Hym 1, 2 
2 2XS - Extra Small Extra Safe
CRIStAL - Centre de Recherche en Informatique, Signal et Automatique de Lille - UMR 9189
Abstract : For security and safety reasons, it is essential to ensure memory isolation between processes. The memory manager is thus a critical part of the kernel of an operating system. It is common for kernels to ensure memory isolation through a piece of hardware called memory management unit (MMU). However an MMU by itself does not provide memory isolation. It is only a tool the kernel can use to ensure this property. In this paper we show how a proof assistant such as Coq can be used to model a hardware architecture with an MMU, and an abstract model of microkernel supporting preemptive scheduling and memory management. We proceed by making formally explicit the consistency properties that must be preserved in order for memory isolation to be preserved.
Complete list of metadata

Cited literature [18 references]  Display  Hide  Download
Contributor : David Nowak Connect in order to contact the contributor
Submitted on : Friday, July 13, 2018 - 4:20:29 PM
Last modification on : Wednesday, September 7, 2022 - 8:14:05 AM
Long-term archiving on: : Monday, October 15, 2018 - 9:47:34 AM


Files produced by the author(s)




Narjes Jomaa, David Nowak, Gilles Grimaud, Samuel Hym. Formal proof of dynamic memory isolation based on MMU. Science of Computer Programming, Elsevier, 2018, 162, pp.76-92. ⟨10.1016/j.scico.2017.06.012⟩. ⟨hal-01712347⟩



Record views


Files downloads