Verified protection model of the seL4 microkernel

Authors

Dhammika Elkaduwe, Gerwin Klein and Kevin Elphinstone

    School of Computer Science and Engineering
    University of New South Wales
    Sydney 2052 Australia
    
    NICTA, Sydney, Australia

Abstract

This paper presents a machine-checked high-level security analysis of seL4 --- an evolution of the L4 kernel series targeted to secure, embedded devices. We provide an abstract specification of the seL4 access control system in terms of a classical take-grant model together with a formal proof of its decidability. Using the decidability property we show how confined subsystems can be enforced. All proofs and specifications in this paper are machine-checked and developed in the interactive theorem prover Isabelle/HOL.

BibTeX Entry

  @techreport{Elkaduwe_GE_07,
    title            = {Verified Protection Model of the {seL4} Microkernel},
    author           = {Dhammika Elkaduwe and Gerwin Klein and Kevin Elphinstone},
    number           = {NRL-1474},
    month            = {Oct},
    note             = {Available from \url{http://ertos.nicta.com.au/publications/papers/Elkaduwe_GE_07.pdf}},
    year             = {2007},
    institution      = {NICTA}
  }

Download

• Elkaduwe_GE_07.pdf