History

Gerwin Klein 0758ff13c1 isabelle-2021 arm: update SimplExportAndRefine Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>		2021-09-30 16:53:17 +10:00
..
export	riscv: fix CLZ and CTZ for riscv32 builds (#257 )	2021-03-30 13:17:41 +11:00
README.md	READMEs: fix publication links	2021-08-25 11:22:05 +10:00
SEL4GlobalsSwap.thy	asmrefine: add `heap_update` identity rule	2020-09-07 14:10:04 +10:00
SEL4GraphRefine.thy	isabelle-2021 arm: update SimplExportAndRefine	2021-09-30 16:53:17 +10:00
TestGraphRefine.thy	proof/ROOT: more Isabelle2020 session structure	2020-10-27 15:52:31 +10:00

README.md

Assembly Refinement Proof

This proof contributes to a larger proof that seL4's compiled binary correctly implements the semantics of its C code. This component of the proof generates (exports) an external version of the C semantics into the SydTV-GL language, and proves that the exported version refines the starting C semantics. A SydTV-GL representation of the binary is created (with proof) by a decompilation tool based on HOL4, and the two representations are compared by the SydTV tool.

An overview of the full proof is given with the SydTV tool. It is also described in the PLDI '13 paper.

These theories are specific to seL4, and build on the more general apparatus in the tools directory.

Important Theories

The SEL4SimplExport theory, when executed, exports the kernel's C semantics into the graph refinement language used by the external graph refinement toolset. The SEL4GraphRefine theory establishes that this exported graph semantics is a formal refinement of the kernel's C semantics.