We present an in-depth coverage of the comprehensive machine-checked formal verification
of seL4, a general-purpose operating system microkernel. We discuss the kernel design we …

In contrast to testing, mathematical reasoning and formal verification can show the absence
of whole classes of security vulnerabilities. We present the, to our knowledge, first complete …

The semiconductor industry is witnessing a nascent security paradigm shift in the rise of
Confidential Computing. Driven by the need to protect computations delegated to co …

Protecting the confidentiality of information manipulated by a computing system is one of the
most important challenges facing today's cybersecurity community. A promising step toward …

Hypervisors are widely deployed by cloud computing providers to support virtual machines,
but their growing complexity poses a security risk, as large codebases contain many …

A separation kernel simulates a distributed environment using a single physical machine by
executing partitions in isolation and appropriately controlling communication among them …

SAFE is a clean-slate design for a highly secure computer system, with pervasive
mechanisms for tracking and limiting information flows. At the lowest level, the SAFE …

Nickel is a framework that helps developers design and verify information flow control
systems by systematically eliminating covert channels inherent in the interface, which can be …

Separation kernels are fundamental software of safety and security-critical systems, which
provide their hosted applications with spatial and temporal separation as well as controlled …

Value-dependent noninterference allows the classification of program variables to depend
on the contents of other variables, and therefore is able to express a range of data …