Verified systems by composition from verified components

From a Verified Kernel towards Verified Systems

The L4.verified project has produced a formal, machinechecked Isabelle/HOL proof that the C code of the seL4 OS microkernel correctly implements its abstract implementation. This paper briefly summarises the proof, its main implications and assumptions, reports on the experience in conducting such a large-scale verification, and finally lays out a vision how this formally verified kernel may be...

Totally Verified Systems: Linking Verified Software to Verified Hardware

Pervasive Compiler Verification - From Verified Programs to Verified Systems

We report in this paper on the formal verification of a simple compiler for the C-like programming language C0. The compiler correctness proof meets the special requirements of pervasive system verification and allows to transfer correctness properties from the C0 layer to the assembler and hardware layers. The compiler verification is split into two parts: the correctness of the compiling spec...

Verified trustworthy software systems.

Modern society is faced with a fundamental problem: the reliability of complex, evolving software systems on which society critically depends cannot be guaranteed by the established, non-mathematical computer engineering techniques such as informal prose specification and ad hoc testing. The situation is worsening: modern companies are moving fast, leaving little time for code analysis and test...

A Language for Building Verified Software Components

Safe and secure reuse demands construction and use of verified reusable software components. Such verified components need much more than typical code for components in popular languages, such as C++ or Java. The components need to have formal specifications of behavior against which their implementations are verified. To be trusted, such verification must go beyond extensive testing and argume...