Sequoll: A framework for model checking binaries

Author

Blackham, Bernard ; Heiser, Gernot

Author_Institution

NICTA, Univ. of New South Wales Sydney, Sydney, NSW, Australia

fYear

2013

fDate

9-11 April 2013

Firstpage

97

Lastpage

106

Abstract

Multi-criticality real-time systems require protected-mode operating systems with bounded interrupt latencies and guaranteed isolation between components. A tight WCET analysis of such systems requires trustworthy information about loop bounds and infeasible paths. We propose sequoll, a framework for employing model checking of binary code to determine loop counts and infeasible paths, as well as validating manual infeasible path annotations which are often error-prone. We show that sequoll automatically determines many of the loop counts in the Malardalen WCET benchmarks. We also show that sequoll computes loop bounds and validates several infeasible path annotations used to reduce the computed WCET bound of seL4, a high-assurance protected microkernel for multi-criticality systems.

Keywords

formal verification; operating system kernels; program control structures; real-time systems; security of data; Malardalen WCET benchmarks; Sequoll; WCET analysis; binary code; bounded interrupt latencies; guaranteed isolation; high-assurance protected microkernel; infeasible path annotations; loop bounds; loop counts; model checking binaries; multicriticality real-time systems; protected-mode operating systems; trustworthy information; Computer architecture; Kernel; Manuals; Model checking; Optimization; Real-time systems; Semantics; Operating system kernels; Real time systems; Software verification and validation;

fLanguage

English

Publisher

ieee

Conference_Titel

Real-Time and Embedded Technology and Applications Symposium (RTAS), 2013 IEEE 19th

Conference_Location

Philadelphia, PA

ISSN

1080-1812

Print_ISBN

978-1-4799-0186-9

Electronic_ISBN

1080-1812

Type

conf

DOI

10.1109/RTAS.2013.6531083

Filename

6531083