Machine Assisted Proof of ARMv7 Instruction Level Isolation Properties
Number of Authors: 3
2013 (English)Conference paper (Refereed)
In this paper, we formally verify security properties of the ARMv7 Instruction Set Architecture (ISA) for user mode executions. To obtain guarantees that arbitrary (and unknown) user processes are able to run isolated from privileged software and other user processes, instruction level noninterference and integrity properties are provided, along with proofs that transitions to privileged modes can only occur in a controlled manner. This work establishes a main requirement for operating system and hypervisor verification, as demonstrated for the PROSPER separation kernel. The proof is performed in the HOL4 theorem prover, taking the Cambridge model of ARM as basis. To this end, a proof tool has been developed, which assists the verification of relational state predicates semi-automatically.
Place, publisher, year, edition, pages
2013, 9. 276-291 p.
ARM instruction set, noninterference, user mode execution, kernel security, theorem proving
Computer and Information Science
IdentifiersURN: urn:nbn:se:ri:diva-24275OAI: oai:DiVA.org:ri-24275DiVA: diva2:1043355
Certified Programs and Proofs (CPP)
This is the author version of the correspondent paper published in the proceedings of Certified Programs and Proofs 2013 (CPP; editors: G. Gonthier and M. Norrish), Springer LNCS 8307. The publisher is Springer International Publishing Switzerland . The final publication is available at http://link.springer.com/10.1007/978-3-319-03545-1_18.2016-10-312016-10-31