| 嵌入式实时操作系统内核混合代码的自动化验证框架 |
| |
| 引用本文: | 郭建,丁继政,朱晓冉.嵌入式实时操作系统内核混合代码的自动化验证框架[J].软件学报,2020,31(5):1353-1373. |
| |
| 作者姓名: | 郭建 丁继政 朱晓冉 |
| |
| 作者单位: | 华东师范大学软件工程学院,上海200062;软硬件协同设计技术与应用教育部工程研究中心(华东师范大学),上海200062;软硬件协同设计技术与应用教育部工程研究中心(华东师范大学),上海200062;上海市高可信计算重点实验室(华东师范大学),上海200062 |
| |
| 基金项目: | 国家自然科学基金(61532019);上海市重点项目(19511103602) |
| |
| 摘 要: | "如何构造高可信的软件系统"已成为学术界和工业界的研究热点.操作系统内核作为软件系统的基础组件,其安全可靠是构造高可信软件系统的重要环节.为了确保操作系统内核的安全可靠,将形式化方法引入到操作系统内核验证中,提出了一个自动化验证操作系统内核的框架.该验证框架包括:(1)分别对C语言程序和混合语言程序(C语言和汇编语言)进行验证;(2)在混合语言程序验证中,为汇编程序建立抽象模型,并将C语言程序和抽象模型粘合形成基于C语言验证工具可接收的验证模型;(3)从规范中提取性质,基于该自动验证工具,对性质完成自动验证;(4)该框架不限于特定的硬件架构.成功地运用该验证框架对两种不同硬件平台的嵌入式实时操作系统内核μC/OS-Ⅱ进行了验证.结果显示,利用该框架在对两个不同的硬件平台上内核验证时,框架的可重复利用率很高,高达83.8%,虽然其抽象模型需要根据不同的硬件平台进行重构.在对基于这两种平台的操作系统内核验证中,分别发现了10处~12处缺陷.其中,在ARM平台上两处与硬件相关的问题被发现.实验结果表明,该方法对不同硬件平台的同一个操作系统分析验证具有一定的通用性.
|
| 关 键 词: | 实时操作系统 VCC 混合程序验证 自动验证 Z3求解器 |
| 收稿时间: | 2019/9/4 0:00:00 |
| 修稿时间: | 2019/12/24 0:00:00 |
Automated Verification Framework for Mixed Code in Embedded Real Time Operating System Kernel |
| |
| GUO Jian,DING Ji-Zheng,ZHU Xiao-Ran.Automated Verification Framework for Mixed Code in Embedded Real Time Operating System Kernel[J].Journal of Software,2020,31(5):1353-1373. |
| |
| Authors: | GUO Jian DING Ji-Zheng ZHU Xiao-Ran |
| |
| Affiliation: | School of Software Engineer, East China Normal University, Shanghai 200062, China;Software/Hardware Co-design Technology and Application Engineering Research Center, MOE, Shanghai 200062, China; Shanghai Key Lab. for Trustworthy Computing, Shanghai 200062, China |
| |
| Abstract: | "How to construct a trustworthy software system" has become an important research area in academia and industry. As a basic component of the software system, the operating system kernel is an important component of constructing a trustworthy software system. In order to ensure the safety and reliability of an operating system kernel, this study introduces formal method into OS kernel verification, and proposes an automatically verifying framework. The verification framework includes following factors.(1) Separate C language programs and mixed language programs(for example, mixed language programs written by C and assembly language) for verification.(2) In the mixed language program verification, establish an abstract model for the assemble program, and then glue the C language program and the abstract model to form a verification model received by a C language verification tool.(3) Extract properties from the OS specification, and automatically verify properties based on a verification tool.(4) Do not limit to a specific hardware architecture. This study successfully applies the verification framework to verify a commercial real-time operating system kernel μC/OS-Ⅱ of two different hardware platforms. The results show that when kernels on two different hardware platforms are verified, the reusability of the verification framework is very high, up to 83.8%. Of course, the abstract model needs to be reconstructed according to different hardware. During verification of operating system kernels based on two kinds of hardware, 10~12 defaults are found respectively. Among them, two hardware-related defaults on the ARM platform are discovered. This method has certain versatility for analysis and verification of the same operating system on different hardware architectures. |
| |
| Keywords: | real-time operating system VCC mix laguages program verification automatical verification Z3 solver |
| 本文献已被 维普 万方数据 等数据库收录! |
| 点击此处可从《软件学报》浏览原始摘要信息 |
|
点击此处可从《软件学报》下载全文 |
|
