Parametric Verification of Address Space Separation

  • Jason Franklin
  • Sagar Chaki
  • Anupam Datta
  • Jonathan M. McCune
  • Amit Vasudevan
Conference paper

DOI: 10.1007/978-3-642-28641-4_4

Part of the Lecture Notes in Computer Science book series (LNCS, volume 7215)
Cite this paper as:
Franklin J., Chaki S., Datta A., McCune J.M., Vasudevan A. (2012) Parametric Verification of Address Space Separation. In: Degano P., Guttman J.D. (eds) Principles of Security and Trust. POST 2012. Lecture Notes in Computer Science, vol 7215. Springer, Berlin, Heidelberg

Abstract

The address translation subsystem of operating systems, hypervisors, and virtual machine monitors must correctly enforce address space separation in the presence of adversaries. The size, and hierarchical nesting, of the data structures over which such systems operate raise challenges for automated model checking techniques to be fruitfully applied to them. We address this problem by developing a sound and complete parametric verification technique that achieves the best possible reduction in model size. Our results significantly generalize prior work on this topic, and bring interesting systems within the scope of analysis. We demonstrate the applicability of our approach by modeling shadow paging mechanisms of Xen version 3.0.3 and ShadowVisor, a research hypervisor developed for the x86 platform.

Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Jason Franklin
    • 1
  • Sagar Chaki
    • 1
  • Anupam Datta
    • 1
  • Jonathan M. McCune
    • 1
  • Amit Vasudevan
    • 1
  1. 1.Carnegie Mellon UniversityUSA

Personalised recommendations