Provable Security: how feasible is it?
HotOS, pp. 28-28, 2011.
Strong, machine-checked security proofs of operating systems have been in the too hard basket long enough. They will still be too hard for large mainstream operating systems, but even for systems designed from the ground up for security they have been counted as infeasible. There are high-level formal models, nice security properties, way...More
PPT (Upload PPT)