Abstract
Assurance of information flow security by formal methods is mandated in security certification of separation kernels. As an industrial standard for separation kernels, ARINC 653 has been complied with by mainstream separation kernels. Security of functionalities defined in ARINC 653 is thus very important for the development and certification of separation kernels. This paper presents the first effort to formally specify and verify separation kernels with ARINC 653 channel-based communication. We provide a reusable formal specification and security proofs for separation kernels in Isabelle/HOL. During reasoning about information flow security, we find some security flaws in the ARINC 653 standard, which can cause information leakage, and fix them in our specification. We also validate the existence of the security flaws in two open-source ARINC 653 compliant separation kernels.
Cite
CITATION STYLE
Zhao, Y., Sanán, D., Zhang, F., & Liu, Y. (2016). Reasoning about information flow security of separation kernels with channel-based communication. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 9636, pp. 791–810). Springer Verlag. https://doi.org/10.1007/978-3-662-49674-9_50
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
