adbrucker
/
lh-l4v
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
lh-l4v/proof/drefine
History
Victor Phan b9c285400d remove diminished (VER-1158) 
diminished takes two caps and asserts that one is equal to the other
except that one may have fewer rights. We remove this definition and all
references to it, replacing diminished with equality.
 		2019-11-16 01:03:36 +11:00
..
Arch_DR.thy remove diminished (VER-1158) 2019-11-16 01:03:36 +11:00
CNode_DR.thy drefine: update for new definition of set_object 2019-04-18 14:32:08 +10:00
Corres_D.thy drefine: update for new definition of set_object 2019-04-18 14:32:08 +10:00
Finalise_DR.thy proofs: adjustments for word_lib changes 2019-11-15 12:08:22 +11:00
Include_D.thy reduce DRefine dependencies from Refine to AInvs 2018-10-22 13:21:11 +11:00
Intent_DR.thy proof: update for wp changes 2019-10-14 17:12:18 +11:00
Interrupt_DR.thy proof: update for wp changes 2019-10-14 17:12:18 +11:00
Ipc_DR.thy proof: update for crunch changes 2019-10-14 17:23:41 +11:00
KHeap_DR.thy proof: update for wp changes 2019-10-14 17:12:18 +11:00
Lemmas_D.thy reduce DRefine dependencies from Refine to AInvs 2018-10-22 13:21:11 +11:00
MoreCorres.thy globally use session-qualified imports; add Lib session 2018-08-20 09:06:34 +10:00
MoreHOL.thy globally use session-qualified imports; add Lib session 2018-08-20 09:06:34 +10:00
README.md misc: Proofing and formatting of README.md files. 2014-07-28 13:15:48 +10:00
Refine_D.thy global: isabelle update_cartouches 2019-06-14 11:41:21 +10:00
Schedule_DR.thy SELFOUR-1198: update proofs for correct restart PC 2019-06-13 11:43:50 +10:00
StateTranslationProofs_DR.thy global: isabelle update_cartouches 2019-06-14 11:41:21 +10:00
StateTranslation_D.thy drefine: update for PageMap replacing PageRemap (SELFOUR-161) 2019-10-10 11:27:28 +11:00
Syscall_DR.thy remove diminished (VER-1158) 2019-11-16 01:03:36 +11:00
Tcb_DR.thy proof: update for crunch changes 2019-10-14 17:23:41 +11:00
Untyped_DR.thy remove diminished (VER-1158) 2019-11-16 01:03:36 +11:00

README.md

CapDL Refinement Proof

This proof establishes that seL4's abstract specification is a formal refinement (i.e. a correct implementation) of its capDL specification. It is described as part of an ICFEM '13 paper.

Building

To build from the l4v/ directory, run:

./isabelle/bin/isabelle build -d . -v -b DRefine

Important Theories

The top-level theory where the refinement statement is established over the entire kernel is Refine_D; the state-relation that relates the state-spaces of the two specifications is defined in StateTranslation_D and the basic correspondence property proved over each kernel function is defined in Corres_D.