Mind the gap: A verification framework for low-level C
Authors
Simon Winwood, Gerwin Klein, Thomas Sewell, June Andronick, David Cock and Michael Norrish
School of Computer Science and Engineering
University of NSW
Sydney 2052
Australia
NICTA
Sydney
Australia
Abstract
This paper presents the formal Isabelle/HOL framework we use to prove refinement between an executable, monadic specification and the C implementation of the seL4 microkernel. We describe the refinement framework itself, the automated tactics it supports, and the connection to our previous C verification framework. We also report on our experience in applying the framework to seL4. The characteristics of this microkernel verification are the size of the target (8,700 lines of C code), the treatment of low-level programming constructs, the focus on high performance, and the large subset of the C programming language addressed, which includes pointer arithmetic and type-unsafe code.
BibTeX Entry
@inproceedings{Winwood_KSACN_09,
publisher = {Springer-Verlag},
title = {Mind the Gap: A Verification Framework for Low-Level {C}},
series = {Lecture Notes in Computer Science},
booktitle = {Proceedings of the 22nd International Conference on Theorem Proving in Higher Order Logics},
author = {Simon Winwood and Gerwin Klein and Thomas Sewell and June Andronick and David Cock and Michael
Norrish},
year = {2009},
month = {Aug},
volume = {5674},
editor = {Stefan Berghofer and Tobias Nipkow and Christian Urban and Makarius Wenzel},
address = {Munich, Germany},
pages = {500--515}
}