Proof-Oriented Design of a Separation Kernel with Minimal Trusted Computing Base

Abstract : The development of provably secure OS kernels represents a fundamental step in the creation of safe and secure systems. To this aim, we propose the notion of protokernel and an implementation --- the Pip protokernel --- as a separation kernel whose trusted computing base is reduced to its bare bones, essentially providing separation of tasks in memory, on top of which non-influence can be proved. This proof-oriented design allows us to formally prove separation properties on a concrete executable model very close to its automatically extracted C implementation. Our design is shown to be realistic as it can execute isolated instances of a real-time embedded system that has moreover been modified to isolate its own processes through the Pip services.
Type de document :
Communication dans un congrès
18th International Workshop on Automated Verification of Critical Systems (AVOCS 2018), Jul 2018, Oxford, United Kingdom. Electronic Communications of the EASST Open Access Journal
Liste complète des métadonnées

Littérature citée [10 références]  Voir  Masquer  Télécharger

https://hal.archives-ouvertes.fr/hal-01816830
Contributeur : David Nowak <>
Soumis le : mercredi 3 octobre 2018 - 12:00:46
Dernière modification le : vendredi 5 octobre 2018 - 01:16:32
Document(s) archivé(s) le : vendredi 4 janvier 2019 - 13:56:58

Fichier

pip.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : hal-01816830, version 2

Citation

Narjes Jomaa, Paolo Torrini, David Nowak, Gilles Grimaud, Samuel Hym. Proof-Oriented Design of a Separation Kernel with Minimal Trusted Computing Base. 18th International Workshop on Automated Verification of Critical Systems (AVOCS 2018), Jul 2018, Oxford, United Kingdom. Electronic Communications of the EASST Open Access Journal. 〈hal-01816830v2〉

Partager

Métriques

Consultations de la notice

91

Téléchargements de fichiers

55