adbrucker
/
lh-l4v
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
lh-l4v/proof/drefine
History
Gerwin Klein 314158480a
proof: update to Isabelle2023 mapsto syntax 
Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
 		2023-10-06 14:41:41 +11:00
..
base ROOT files: file reorg for new ROOT requirements 2020-10-27 15:52:31 +10:00
Arch_DR.thy proof: update to Isabelle2023 mapsto syntax 2023-10-06 14:41:41 +11:00
CNode_DR.thy proof: update to Isabelle2023 mapsto syntax 2023-10-06 14:41:41 +11:00
Corres_D.thy proof: update to Isabelle2023 mapsto syntax 2023-10-06 14:41:41 +11:00
Finalise_DR.thy proof: update to Isabelle2023 mapsto syntax 2023-10-06 14:41:41 +11:00
Intent_DR.thy proofs: updates for monad refactor 2023-02-09 11:46:55 +11:00
Interrupt_DR.thy lib+proof+autocorres: consolidate when[E]/unless[E]_wp naming 2023-01-25 11:48:39 +11:00
Ipc_DR.thy proof: update for changes to nondet monad 2023-10-05 11:24:05 +11:00
KHeap_DR.thy proof: update to Isabelle2023 mapsto syntax 2023-10-06 14:41:41 +11:00
Lemmas_D.thy licenses: convert license tags to SPDX 2020-03-13 14:38:24 +08:00
MoreCorres.thy licenses: convert license tags to SPDX 2020-03-13 14:38:24 +08:00
MoreHOL.thy licenses: convert license tags to SPDX 2020-03-13 14:38:24 +08:00
README.md READMEs: use run_tests consistently in READMEs (#622) 2023-03-30 13:59:18 +11:00
Refine_D.thy drefine: update for changed corres split rules 2022-10-20 08:59:52 +11:00
Schedule_DR.thy proof+autocorres: update for select_wp and alternative_wp 2023-08-09 16:42:01 +10:00
StateTranslationProofs_DR.thy proof: update to Isabelle2023 mapsto syntax 2023-10-06 14:41:41 +11:00
StateTranslation_D.thy drefine: adjust for object_type enum reorder 2023-08-14 15:51:34 +02:00
Syscall_DR.thy drefine: update for changed corres split rules 2022-10-20 08:59:52 +11:00
Tcb_DR.thy proof: update to Isabelle2023 mapsto syntax 2023-10-06 14:41:41 +11:00
Untyped_DR.thy proof: update to Isabelle2023 mapsto syntax 2023-10-06 14:41:41 +11:00

README.md

CapDL Refinement Proof

This proof establishes that seL4's abstract specification is a formal refinement (i.e. a correct implementation) of its capDL specification. It is described as part of an ICFEM '13 paper.

Building

To build for the ARM architecture from the l4v/ directory, run:

L4V_ARCH=ARM ./run_tests DRefine

Important Theories

The top-level theory where the refinement statement is established over the entire kernel is Refine_D; the state-relation that relates the state-spaces of the two specifications is defined in StateTranslation_D and the basic correspondence property proved over each kernel function is defined in Corres_D.