Skip to Main content Skip to Navigation
Preprints, Working Papers, ...

Deductive Verification of a Hypervisor Model

Vlad Rusu 1 Gilles Grimaud 2 Michaël Hauspie 2 François Serman 2 
1 DREAMPAL - Dynamic Reconfigurable Massively Parallel Architectures and Languages
Inria Lille - Nord Europe, CRIStAL - Centre de Recherche en Informatique, Signal et Automatique de Lille - UMR 9189
Abstract : We propose a deductive-verification approach for proving partial-correctness and invariance properties on arbitrary transition systems, and demonstrate it on a security hypervisor model for machine code. Regarding partial correctness, we generalise the recently-introduced formalism of Reachability Logic, currently used as a language-parametric program logic, to arbitrary transition systems. We propose a sound and relatively-complete proof system for the resulting logic. The soundness of the proof system is formally established in the Coq proof assistant, and the mechanised proof provides us with a generic Reachability-Logic prover within Coq for transition-system specifications. The relative completeness of the proof system, although theoretical in nature, also has a practical value, as it induces a proof strategy that is guaranteed to prove all valid formulas on a given transition system. The strategy reduces partial-correctness verification to invariant verification; for the latter we propose an incremental technique in order to deal with the case-explosion problem. All these various techniques were instrumental in enabling us to deal with a nontrivial case study: proving that a Coq model of a security hypervisor meets its expected requirements, expressed as invariants and partial-correctness properties, within reasonable time and effort limits. We also report on some experiments with a C+ARM assembly implementation of our hypervisor in order to confirm the fact that it introduces a limited amount of execution-time overhead to operating-system calls.
Document type :
Preprints, Working Papers, ...
Complete list of metadata

Cited literature [31 references]  Display  Hide  Download
Contributor : Pal Dream Connect in order to contact the contributor
Submitted on : Tuesday, October 17, 2017 - 12:27:13 PM
Last modification on : Wednesday, March 23, 2022 - 3:51:22 PM
Long-term archiving on: : Thursday, January 18, 2018 - 1:58:48 PM


Files produced by the author(s)


  • HAL Id : hal-01614509, version 2


Vlad Rusu, Gilles Grimaud, Michaël Hauspie, François Serman. Deductive Verification of a Hypervisor Model. 2017. ⟨hal-01614509v2⟩



Record views


Files downloads