Formal Verification Method of Secure Operating System Based on Isabelle/HOL

doi:10.3969/j.issn.1006-2475.2017.04.0020

Abstract

Abstract: As the cornerstone of the information age, the importance of operating system security is self-evident. Conventional methods of software testing are not enough to guarantee the safety of the operating system, so we need to use more rigorous formal verification methods based on mathematical logic. This paper puts forward a new idea of formal verification of software: constructing a simulation running environment in Isabelle, and running the assembly code in it, recording the changes of the system state, and finally according to the changes of system state before and after run of the program, determining the correctness and safety of the program. It emphatically introduces the prove method of sequential, conditional and iterative structure, uses them on to a sample program, and gets the state changes under any preconditions.


Key words: secure operating system, formal verification, Isabelle/HOL, Hoare logic

CLC Number:

TP309.2

GUO Yi, YANG Wei-yong, LIU Wei. Formal Verification Method of Secure Operating System Based on Isabelle/HOL[J]. Computer and Modernization, doi: 10.3969/j.issn.1006-2475.2017.04.0020.

References

［1］钱振江,刘苇,黄皓. 操作系统形式化设计与验证综述［J］. 计算机工程, 2012,38(11):234-238.
［2］钱振江. 安全操作系统形式化设计与验证方法研究［D］. 南京:南京大学, 2013.
［3］ Elphinstone K, Klein G, Derrin P, et al. Towards a practial, verified kernel［C］// Proceedings of the 11th Workshop on Hot Topics in Operating Systems. 2007:Article No. 20.
［4］ Berier W R, Hunt W A, Moore J S, et al. An approach to systems verification［J］. Journal of Automated Reasoning, 1989,5(4):411-428.
［5］ Shao Zhong. Certified software［J］. Communications of the ACM, 2010,53(12):56-66.
［6］ Reason J. Human Error［M］. Combridge University Press, 1990.
［7］ Paulson L C. The foundation of a generic theorem prover［J］. Journal of Automated Reasoning, 1989,5(3):363-397.
［8］ Paulson L C. Isabelle: A Generic Theorem Prover［M］. Springer, 1994.
［9］ Hoare C A R. An axiomatic basis for computer programming［J］. Communications of the ACM, 1969,12(10):576-580.
［10］顾伟灏. 基于Isabelle的汇编指令模拟系统及其自动化翻译辅助验证工具［D］. 南京:南京大学， 2014.
［11］Intel Corporation. Inter 64 and IA-32 Architectures Software Developers Manual Vol.1［R］. Intel Corporation, 2004.
［12］Intel Corporation. Inter 64 and IA-32 Architectures Software Developers Manual Vol.2B［R］. Intel Corporation, 2012.
［13］Doron P, Patrizio P, Paola S. Model Checking［M］. Wiley Encyclopedia of Computer Science and Engineering, 2009.
［14］黄达明. 基于循环分析的程序验证技术研究［D］. 南京:南京大学， 2013.
［15］Cormen T H, Leiserson C E, 等. 算法导论［M］. 2版. 潘金贵,顾铁成，等译. 北京:机械工业出版社, 2006.
［16］Wenzel M. The Languages of Isabelle: Isar, ML, and Scala［EB/OL］. http://www4.in.tum.de/~wenzelm/papers/lausanne2009.pdf, 2009-09-01.
［17］Wenzel M. Isar: A Generic Interpretative Approach to Readable Formal Proof Documents［M］. Springer Berlin Heidelberg, 1999.

[1]	GUAN Jin-ping, YANG Jin-ji, YANG Cheng-long. Formal Verification of Raft Protocol Based on Probabilistic Model [J]. Computer and Modernization, 2023, 0(09): 77-81.
[2]	XU Liang;. Modeling of Improved BLP Model and Its Applications [J]. Computer and Modernization, 2013, 1(4): 193-197.
[3]	LIU Gang;HU Kai-ping;SONG Fa-xing. An Approach for Analysis of Pointer Programs [J]. Computer and Modernization, 2012, 1(200): 82-04.
[4]	LIN Ji-yan. Parallel and Active Defense Model of Trust Transfer on Windows [J]. Computer and Modernization, 2012, 1(200): 1-05.
[5]	SONG Yong;QIN Zheng. Design and Verification of Secure Communication Protocol for  Network Intrusion Detection System [J]. Computer and Modernization, 2010, 1(7): 51-55.