lh-l4v/sys-init/README.md

<!--
     Copyright 2020, Data61, CSIRO (ABN 41 687 119 230)

     SPDX-License-Identifier: CC-BY-SA-4.0
-->

CapDL User-level system initialiser
===================================

This contains a formalised algorithm and the proof of correctness of
a user-level system initialiser that uses [capDL](../spec/capDL/) to
specify the state of the resultant system.

It builds on the [CapDL API Proofs](../proof/capDL-api/), and uses
a [separation logic defined for capDL](../proof/sep-capDL/).

The system initialiser and the proof are described in the
[ICFEM '13 paper][Boyton_13] and Andrew Boyton's PhD thesis.

  [Boyton_13]: https://trustworthy.systems/publications/nictaabstracts/Boyton_ABFGGKLS_13.abstract "Formally Verified System Initialisation"

Building
--------

To build from the `l4v/` directory for the ARM architecture, run:

    L4V_ARCH=ARM ./run_tests SysInit

To build the example capDL specifications, from the `l4v/` directory, run:

    L4V_ARCH=ARM ./run_tests SysInitExamples


Important Theories
------------------

* The specification for the algorithm of the system initialiser is in
  [`SysInit_SI`](SysInit_SI.thy).

* The top-level statement of the correctness of the system-initialiser
  is found in [`Proof_SI`](Proof_SI.thy).

* The definition of what it means for an object to be initialised
  (`object_initialised` and (`irq_initialised`) is found in
  [`ObjectInitialised_SI`](ObjectInitialised_SI.thy).

* Only "well-formed" capDL specifications can be initialised. The
  definition of well-formed is located in
  [`WellFormed_SI`](WellFormed_SI.thy).

* Two example capDL specifications that are "well-formed" are found in
  [`ExampleSpec_SI`](examples/ExampleSpec_SI.thy) and
  [`ExampleSpecIRQ_SI`](examples/ExampleSpecIRQ_SI.thy). The former is a simple
  capDL spec, and the latter a more complicated specifications with IRQ
  support.
licenses: convert license tags to SPDX 2020-03-09 06:18:30 +00:00			`<!--`
			`Copyright 2020, Data61, CSIRO (ABN 41 687 119 230)`

license: provide documentation under CC-BY-SA-4.0 Datat61 provides all docs under CC-BY-SA-4.0. 2020-03-14 12:13:16 +00:00			`SPDX-License-Identifier: CC-BY-SA-4.0`
licenses: convert license tags to SPDX 2020-03-09 06:18:30 +00:00			`-->`
licenses: tag .md and document file 2020-03-02 08:20:30 +00:00
misc: Proofing and formatting of README.md files. Attempt to improve readability of the files when viewed as plain ASCII; proof-read and fix minor issues. 2014-07-28 01:59:57 +00:00			`CapDL User-level system initialiser`
			`===================================`
Updated READMEs for capDL-api and sep-capDL, and added one for sys-init. 2014-07-26 02:28:38 +00:00
misc: Proofing and formatting of README.md files. Attempt to improve readability of the files when viewed as plain ASCII; proof-read and fix minor issues. 2014-07-28 01:59:57 +00:00			`This contains a formalised algorithm and the proof of correctness of`
			`a user-level system initialiser that uses [capDL](../spec/capDL/) to`
			`specify the state of the resultant system.`
Updated READMEs for capDL-api and sep-capDL, and added one for sys-init. 2014-07-26 02:28:38 +00:00
trivial: fix broken links Signed-off-by: Gerwin Klein <gerwin.klein@data61.csiro.au> 2020-08-08 13:00:53 +00:00			`It builds on the [CapDL API Proofs](../proof/capDL-api/), and uses`
			`a [separation logic defined for capDL](../proof/sep-capDL/).`
Updated READMEs for capDL-api and sep-capDL, and added one for sys-init. 2014-07-26 02:28:38 +00:00
misc: Proofing and formatting of README.md files. Attempt to improve readability of the files when viewed as plain ASCII; proof-read and fix minor issues. 2014-07-28 01:59:57 +00:00			`The system initialiser and the proof are described in the`
			`[ICFEM '13 paper][Boyton_13] and Andrew Boyton's PhD thesis.`
Updated READMEs for capDL-api and sep-capDL, and added one for sys-init. 2014-07-26 02:28:38 +00:00
READMEs: fix publication links PDFs and abstracts have moved to trustworthy.systems/ Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems> 2021-08-25 00:50:38 +00:00			`[Boyton_13]: https://trustworthy.systems/publications/nictaabstracts/Boyton_ABFGGKLS_13.abstract "Formally Verified System Initialisation"`
Updated READMEs for capDL-api and sep-capDL, and added one for sys-init. 2014-07-26 02:28:38 +00:00
misc: Proofing and formatting of README.md files. Attempt to improve readability of the files when viewed as plain ASCII; proof-read and fix minor issues. 2014-07-28 01:59:57 +00:00			`Building`
			`--------`
Updated READMEs for capDL-api and sep-capDL, and added one for sys-init. 2014-07-26 02:28:38 +00:00
READMEs: use run_tests consistently in READMEs (#622) Avoid mixing `isabelle`, `make`, and `run_tests` invocations. Standardise on `run_tests` and mention `L4V_ARCH` each time to indicate that you can and should set `L4V_ARCH`. Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems> 2023-03-30 02:59:18 +00:00			To build from the `l4v/` directory for the ARM architecture, run:
Updated READMEs for capDL-api and sep-capDL, and added one for sys-init. 2014-07-26 02:28:38 +00:00
READMEs: use run_tests consistently in READMEs (#622) Avoid mixing `isabelle`, `make`, and `run_tests` invocations. Standardise on `run_tests` and mention `L4V_ARCH` each time to indicate that you can and should set `L4V_ARCH`. Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems> 2023-03-30 02:59:18 +00:00			`L4V_ARCH=ARM ./run_tests SysInit`
misc: Proofing and formatting of README.md files. Attempt to improve readability of the files when viewed as plain ASCII; proof-read and fix minor issues. 2014-07-28 01:59:57 +00:00
Updated READMEs for capDL-api and sep-capDL, and added one for sys-init. 2014-07-26 02:28:38 +00:00			To build the example capDL specifications, from the `l4v/` directory, run:

READMEs: use run_tests consistently in READMEs (#622) Avoid mixing `isabelle`, `make`, and `run_tests` invocations. Standardise on `run_tests` and mention `L4V_ARCH` each time to indicate that you can and should set `L4V_ARCH`. Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems> 2023-03-30 02:59:18 +00:00			`L4V_ARCH=ARM ./run_tests SysInitExamples`
Updated READMEs for capDL-api and sep-capDL, and added one for sys-init. 2014-07-26 02:28:38 +00:00

misc: Proofing and formatting of README.md files. Attempt to improve readability of the files when viewed as plain ASCII; proof-read and fix minor issues. 2014-07-28 01:59:57 +00:00			`Important Theories`
			`------------------`
Updated READMEs for capDL-api and sep-capDL, and added one for sys-init. 2014-07-26 02:28:38 +00:00
			`* The specification for the algorithm of the system initialiser is in`
			[`SysInit_SI`](SysInit_SI.thy).

misc: Proofing and formatting of README.md files. Attempt to improve readability of the files when viewed as plain ASCII; proof-read and fix minor issues. 2014-07-28 01:59:57 +00:00			`* The top-level statement of the correctness of the system-initialiser`
			is found in [`Proof_SI`](Proof_SI.thy).
Updated READMEs for capDL-api and sep-capDL, and added one for sys-init. 2014-07-26 02:28:38 +00:00
misc: Proofing and formatting of README.md files. Attempt to improve readability of the files when viewed as plain ASCII; proof-read and fix minor issues. 2014-07-28 01:59:57 +00:00			`* The definition of what it means for an object to be initialised`
			(`object_initialised` and (`irq_initialised`) is found in
			[`ObjectInitialised_SI`](ObjectInitialised_SI.thy).
Updated READMEs for capDL-api and sep-capDL, and added one for sys-init. 2014-07-26 02:28:38 +00:00
misc: Proofing and formatting of README.md files. Attempt to improve readability of the files when viewed as plain ASCII; proof-read and fix minor issues. 2014-07-28 01:59:57 +00:00			`* Only "well-formed" capDL specifications can be initialised. The`
			`definition of well-formed is located in`
			[`WellFormed_SI`](WellFormed_SI.thy).
Updated READMEs for capDL-api and sep-capDL, and added one for sys-init. 2014-07-26 02:28:38 +00:00
			`* Two example capDL specifications that are "well-formed" are found in`
update links in README files Some of linked theory files have moved to different directories. Signed-off-by: Gerwin Klein <gerwin.klein@data61.csiro.au> 2020-10-23 04:27:35 +00:00			[`ExampleSpec_SI`](examples/ExampleSpec_SI.thy) and
			[`ExampleSpecIRQ_SI`](examples/ExampleSpecIRQ_SI.thy). The former is a simple
misc: Proofing and formatting of README.md files. Attempt to improve readability of the files when viewed as plain ASCII; proof-read and fix minor issues. 2014-07-28 01:59:57 +00:00			`capDL spec, and the latter a more complicated specifications with IRQ`
			`support.`
Updated READMEs for capDL-api and sep-capDL, and added one for sys-init. 2014-07-26 02:28:38 +00:00