Conference Proceedings

seL4: From general purpose to a proof of information flow enforcement

T Murray, D Matichuk, M Brassil, P Gammie, T Bourke, S Seefried, C Lewis, X Gao, G Klein

IEEE Symposium on Security and Privacy: Proceedings | IEEE | Published : 2013

DOI: 10.1109/SP.2013.35

Open access

Abstract

In contrast to testing, mathematical reasoning and formal verification can show the absence of whole classes of security vulnerabilities. We present the, to our knowledge, first complete, formal, machine-checked verification of information flow security for the implementation of a general-purpose microkernel; namely seL4. Unlike previous proofs of information flow security for operating system kernels, ours applies to the actual 8, 830 lines of C code that implement seL4, and so rules out the possibility of invalidation by implementation errors in this code. We assume correctness of compiler, assembly code, hardware, and boot code. We prove everything else. This proof is strong evidence of s..

View full abstract

University of Melbourne Researchers

Citation metrics

175Scopus
115Web of Science
163Dimensions

Keywords

Engineering, Electrical & Electronic
Computer Science, Theory & Methods
4612 Software Engineering
Technology
Noninterference
Time
46 Information and Computing Sciences
Engineering
4604 Cybersecurity and Privacy
Science & Technology
Computer Science
Verification
4613 Theory of Computation