SeL4

Klein, Gerwin; Elphinstone, Kevin; Heiser, Gernot; Andronick, June; Cock, David; Derrin, Philip; Elkaduwe, Dhammika; Engelhardt, Kai; Kolanski, Rafal; Norrish, Michael; Sewell, Thomas; Tuch, Harvey; Winwood, Simon

SeL4

dc.contributor.author	Klein, Gerwin	en
dc.contributor.author	Elphinstone, Kevin	en
dc.contributor.author	Heiser, Gernot	en
dc.contributor.author	Andronick, June	en
dc.contributor.author	Cock, David	en
dc.contributor.author	Derrin, Philip	en
dc.contributor.author	Elkaduwe, Dhammika	en
dc.contributor.author	Engelhardt, Kai	en
dc.contributor.author	Kolanski, Rafal	en
dc.contributor.author	Norrish, Michael	en
dc.contributor.author	Sewell, Thomas	en
dc.contributor.author	Tuch, Harvey	en
dc.contributor.author	Winwood, Simon	en
dc.date.accessioned	2025-02-25T06:45:33Z
dc.date.available	2025-02-25T06:45:33Z
dc.date.issued	2009	en
dc.description.abstract	Complete formal verification is the only known way to guarantee that a system is free of programming errors. We present our experience in performing the formal, machine-checked verification of the seL4 microkernel from an abstract specification down to its C implementation. We assume correctness of compiler, assembly code, and hardware, and we used a unique design approach that fuses formal and operating systems techniques. To our knowledge, this is the first formal proof of functional correctness of a complete, general-purpose operating-system kernel. Functional correctness means here that the implementation always strictly follows our high-level abstract specification of kernel behaviour. This encompasses traditional design and implementation safety properties such as the kernel will never crash, and it will never perform an unsafe operation. It also proves much more: we can predict precisely how the kernel will behave in every possible situation. seL4, a third-generation microkernel of L4 provenance, comprises 8,700 lines of C code and 600 lines of assembler. Its performance is comparable to other high-performance L4 kernels.	en
dc.description.status	true	en
dc.format.extent	14	en
dc.identifier.isbn	9781605587523	en
dc.identifier.other	researchoutputwizard:u4607519xPUB25	en
dc.identifier.other	Scopus:72249120603	en
dc.identifier.uri	https://dspace-test.anu.edu.au/handle/1885/733714256
dc.identifier.url	http://www.scopus.com/inward/record.url?scp=72249120603&partnerID=8YFLogxK	en
dc.language.iso	English	en
dc.relation.ispartofseries	SOSP'09 - Proceedings of the 22nd ACM SIGOPS Symposium on Operating Systems Principles	en
dc.subject	Isabelle/HOL	en
dc.subject	L4	en
dc.subject	Microkernel	en
dc.subject	seL4	en
dc.title	SeL4	en
dc.type	Conference contribution	en
local.bibliographicCitation.lastpage	220	en
local.bibliographicCitation.startpage	207	en
local.contributor.affiliation	Klein, Gerwin; CSIRO	en
local.contributor.affiliation	Elphinstone, Kevin; CSIRO	en
local.contributor.affiliation	Heiser, Gernot; CSIRO	en
local.contributor.affiliation	Andronick, June; CSIRO	en
local.contributor.affiliation	Cock, David; CSIRO	en
local.contributor.affiliation	Derrin, Philip; CSIRO	en
local.contributor.affiliation	Elkaduwe, Dhammika; CSIRO	en
local.contributor.affiliation	Engelhardt, Kai; CSIRO	en
local.contributor.affiliation	Kolanski, Rafal; CSIRO	en
local.contributor.affiliation	Norrish, Michael; School of Computing, ANU College of Systems and Society, The Australian National University	en
local.contributor.affiliation	Sewell, Thomas; CSIRO	en
local.contributor.affiliation	Tuch, Harvey; CSIRO	en
local.contributor.affiliation	Winwood, Simon; CSIRO	en
local.identifier.doi	10.1145/1629575.1629596	en
local.identifier.pure	3f6ac547-422e-4a27-9a8b-c0cb7e2ff1ea	en
local.type.status	Published	en

Collections

DevOps Pure Testing

Cultural advice

SeL4

Downloads

Collections