Advertisement

Automated Verification of a Small Hypervisor

  • Eyad Alkassar
  • Mark A. Hillebrand
  • Wolfgang Paul
  • Elena Petrova
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6217)

Abstract

Hypervisors are system software programs that virtualize the architecture they run on. They are typically small, safety-critical, and hard to debug, which makes them a feasible and interesting target for formal verification. Previous functional verifications of system software were all based on interactive theorem proving, requiring substantial human effort complemented by expert prover knowledge. In this paper we present the first functional verification of a small hypervisor using VCC, an automatic verifier for (suitably annotated) C developed at Microsoft. To achieve this goal we introduce necessary system verification techniques, such as accurate modeling of software/hardware interaction and simulation proofs in a first-order logic setting.

Keywords

Memory Model Data Segment Program Counter Page Fault Address Translation 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Alkassar, E., Hillebrand, M.A., Leinenbach, D.C., Schirmer, N.W., Starostin, A., Tsyban, A.: Balancing the load: Leveraging a semantics stack for systems verification. JAR 42(2-4), 389–454 (2009)MATHCrossRefGoogle Scholar
  2. 2.
    Alkassar, E., Paul, W., Starostin, A., Tsyban, A.: Pervasive verification of an OS microkernel: Inline assembly, memory consumption, concurrent devices. In: Leavens, G.T., O’Hearn, P., Rajamani, S. (eds.) VSTTE 2010. LNCS, vol. 6217, pp. 71–85. Springer, Heidelberg (2010)Google Scholar
  3. 3.
    Barnett, M., Chang, B.-Y.E., DeLine, R., Jacobs, B., Leino, K.R.M.: Boogie: A modular reusable verifier for object-oriented programs. In: de Boer, F.S., Bonsangue, M.M., Graf, S., de Roever, W.-P. (eds.) FMCO 2005. LNCS, vol. 4111, pp. 364–387. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  4. 4.
    Bevier, W.R.: Kit and the short stack. JAR 5(4), 519–530 (1989)Google Scholar
  5. 5.
    Cohen, E., Dahlweid, M., Hillebrand, M., Leinenbach, D., Moskal, M., Santen, T., Schulte, W., Tobies, S.: VCC: A practical system for verifying concurrent C. In: Urban, C. (ed.) TPHOLs 2009. LNCS, vol. 5674, pp. 1–22. Springer, Heidelberg (2009)Google Scholar
  6. 6.
    Cohen, E., Moskal, M., Schulte, W., Tobies, S.: A precise yet efficient memory model for C. In: SSV 2009. ENTCS, vol. 254, pp. 85–103. Elsevier, Amsterdam (2009)Google Scholar
  7. 7.
    de Moura, L., Bjørner, N.: Z3: An efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  8. 8.
    Feng, X., Shao, Z., Guo, Y., Dong, Y.: Certifying low-level programs with hardware interrupts and preemptive threads. JAR 42(2-4), 301–347 (2009)MATHCrossRefGoogle Scholar
  9. 9.
    Klein, G., Elphinstone, K., Heiser, G., et al.: seL4: Formal verification of an OS kernel. In: SOSP 2009, pp. 207–220. ACM, New York (2009)CrossRefGoogle Scholar
  10. 10.
    Leinenbach, D., Santen, T.: Verifying the Microsoft Hyper-V Hypervisor with VCC. In: Cavalcanti, A., Dams, D.R. (eds.) FM 2009. LNCS, vol. 5850, pp. 806–809. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  11. 11.
    Microsoft Corp. VCC: A C Verifier, http://vcc.codeplex.com/
  12. 12.
    Tews, H., Völp, M., Weber, T.: Formal memory models for the verification of low-level operating-system code. JAR 42(2-4), 189–227 (2009)MATHCrossRefGoogle Scholar
  13. 13.
    The Verisoft Project (2003), http://www.verisoft.de/
  14. 14.
    The Verisoft XT Project (2007), http://www.verisoftxt.de/

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Eyad Alkassar
    • 1
  • Mark A. Hillebrand
    • 2
  • Wolfgang Paul
    • 1
  • Elena Petrova
    • 1
  1. 1.Computer Science Dept.Saarland UniversitySaarbrückenGermany
  2. 2.German Research Center for Artificial Intelligence (DFKI)SaarbrückenGermany

Personalised recommendations