Title :
Model Checking a Secure Hypervisor
Author :
Wang, Sunlv ; Liu, Jian ; Yi, Qiuping ; Zhang, Xian
Author_Institution :
Inst. of Software, Chinese Acad. of Sci., Beijing, China
Abstract :
Hypervisor is a piece of platform-virtualization software that allows multiple operating systems to run on a host computer concurrently. CAS Monitor, short for CAS Virtual Monitor, is a secure, high-assurance hypervisor prototype, which aims to level B3 or higher of TCSEC standard. This paper reports our experience of employing model checking method to verify some design properties of CAS Monitor, such as isolation, mediated sharing, communication between separated virtual machines and source control policy. We show how to specify design architecture of CAS Monitor with Spin PROMELA language and verify the above important properties to meet system security request.
Keywords :
formal verification; operating systems (computers); security of data; virtual machines; CAS monitor; Spin PROMELA language; model checking; platform-virtualization software; secure hypervisor; Arrays; Computational modeling; Memory management; Operating systems; Security; Virtual machine monitors; Chinese-Wall policy; Hypervisor; Model checking; Secure operating system;
Conference_Titel :
Software Engineering (WCSE), 2010 Second World Congress on
Conference_Location :
Wuhan
Print_ISBN :
978-1-4244-9287-9
DOI :
10.1109/WCSE.2010.115
