secc
/
seL4-L4.verified
mirror of https://github.com/seL4/l4v.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
seL4-L4.verified/proof/drefine
History
Gerwin Klein a690fd7288 drefine+dpolicy: SGISignalCap proofs 
Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
 		2025-07-07 08:53:07 +10:00
..
base ROOT files: file reorg for new ROOT requirements 2020-10-27 15:52:31 +10:00
Arch_DR.thy drefine+dpolicy: SGISignalCap proofs 2025-07-07 08:53:07 +10:00
CNode_DR.thy drefine+dpolicy: SGISignalCap proofs 2025-07-07 08:53:07 +10:00
Corres_D.thy arm+arm_hyp spec+proof: add GICv3 support 2025-03-28 10:54:58 +11:00
Finalise_DR.thy arm proof: update for det_ext refactor 2025-05-01 10:55:20 +10:00
Intent_DR.thy arm proof: update for det_ext refactor 2025-05-01 10:55:20 +10:00
Interrupt_DR.thy drefine+dpolicy: SGISignalCap proofs 2025-07-07 08:53:07 +10:00
Ipc_DR.thy arm proof: update for det_ext refactor 2025-05-01 10:55:20 +10:00
KHeap_DR.thy drefine+dpolicy: SGISignalCap proofs 2025-07-07 08:53:07 +10:00
Lemmas_D.thy licenses: convert license tags to SPDX 2020-03-13 14:38:24 +08:00
MoreCorres.thy licenses: convert license tags to SPDX 2020-03-13 14:38:24 +08:00
MoreHOL.thy licenses: convert license tags to SPDX 2020-03-13 14:38:24 +08:00
README.md READMEs: use run_tests consistently in READMEs (#622) 2023-03-30 13:59:18 +11:00
Refine_D.thy arm proof: update for det_ext refactor 2025-05-01 10:55:20 +10:00
Schedule_DR.thy arm proof: update for det_ext refactor 2025-05-01 10:55:20 +10:00
StateTranslationProofs_DR.thy arm proof: update for det_ext refactor 2025-05-01 10:55:20 +10:00
StateTranslation_D.thy drefine+dpolicy: SGISignalCap proofs 2025-07-07 08:53:07 +10:00
Syscall_DR.thy drefine+dpolicy: SGISignalCap proofs 2025-07-07 08:53:07 +10:00
Tcb_DR.thy drefine+dpolicy: SGISignalCap proofs 2025-07-07 08:53:07 +10:00
Untyped_DR.thy drefine: update to Isabelle 2025 2025-06-13 13:20:24 +10:00

README.md

CapDL Refinement Proof

This proof establishes that seL4's abstract specification is a formal refinement (i.e. a correct implementation) of its capDL specification. It is described as part of an ICFEM '13 paper.

Building

To build for the ARM architecture from the l4v/ directory, run:

L4V_ARCH=ARM ./run_tests DRefine

Important Theories

The top-level theory where the refinement statement is established over the entire kernel is Refine_D; the state-relation that relates the state-spaces of the two specifications is defined in StateTranslation_D and the basic correspondence property proved over each kernel function is defined in Corres_D.