The Linux Foundation reveals that formal verification may be introduced in the future Linux kernel

Others 2022-04-28 08:31:08 views: 0
Abstract: The LC3 conference (LinuxCon + ContainerCon + CloudOpen) held in Beijing on the 19th of this month should be the top open source conference in the world, and this two-day open source event has been held in North America, Europe and Japan in the past few years. , and this is his first visit to China.

The LC3 conference (LinuxCon + ContainerCon + CloudOpen) held in Beijing on the 19th of this month should be the top open source conference in the world, and this two-day open source event has been held in North America, Europe and Japan in the past few years. This is his first visit to China. On the same day, Linux released the 4.12-rc6 release, and the Linux Foundation exclusively revealed some new features for future Linux kernel development at this conference.

image

Linux Foundation Executive Director Jim Zemblin is the host of this conference. He also attended the conference's press conference and accepted an exclusive interview with Chinese media. In the interview of Linux Story reporter Wen Qixiang on the morning of the 19th, Jim revealed that formal verification (Wikipedia link) may be introduced into the Linux kernel in the future to obtain better security. If formal verification is completed, it will greatly increase the reliability of Linux in kernel security, and it will also be beneficial for Linux to be more secure. Support for many new features and long-term development in the future. But formal verification is a daunting task, and we estimate that Linux should first complete formal verification for some relatively independent core modules.

It is reported that Formal Verification means the use of mathematical methods to prove its correctness or inaccuracy according to one or some formal norms or attributes. At the same time, logical formal verification is a systematic verification process, which uses mathematical methods to verify whether the design is implemented in the implementation. At present, the main commonly used formal verification software includes Coq / Isabelle / Metamath / TLA+ and so on.

The formal verification process can prove that a system does not have a certain bug or conforms to certain specifications. The limitation of traditional software testing methods is that limited test cases cannot cover an almost infinite state space, and exceptions that are not considered by the test environment often become hidden dangers and cause losses in the production environment. No matter how many test cases there are, there is no guarantee that the system will not have bugs. However, for some key application scenarios, we need a bug-free system very much. "No bugs" is a difficult concept to define strictly, a more realistic approach is to try to exclude "specific types of bugs". Formal verification methods can perform mathematical proofs for business logic or code logic, proving that a system complies with specific design specifications, proving that the system does not have any known types of bugs, and proving that the system satisfies specific functional properties.

Formal verification methods are more than 30 years old. At present, formal verification has applications in chip design [1], cloud computing [2], operating system [3], compiler [4], blockchain [5] and other fields.

If the plan disclosed by Jim can be successfully implemented, perhaps in the future, lightweight isolation such as Docker can be expected to achieve a level of security comparable to traditional virtualization, which will be of great benefit to the future development of Linux in cloud computing and containers, and Docker also Benefit from enhanced Linux kernel security, which may also be part of the future direction of Linux. However, Jim also said that this is a very difficult process, and there is no guarantee of a specific timetable for the work related to formal verification.

[1] https://www.cl.cam.ac.uk/~jrh13/slides/nasa-14apr10/slides.pdf

[2] http://lamport.azurewebsites.net/tla/formal-methods-amazon. pdf

[3] https://github.com/seL4/seL4[4

] http://compcert.inria.fr/compcert-C.html

[5] https://github.com/pirapira/eth-isabelle

The article is reproduced from the open source Chinese community [http://www.oschina.net]

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=326205523&siteId=291194637
Recommended
Ranking
#2019110700005
What materials and procedures are required for patent transfer
What is the blockchain Ethereum triplet state root transaction root receipt root
Front-end study notes 04 --- About the insertion of html pictures and videos
Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries
2017 Qingdao-site tournament I The Squared Mosquito Coil
[BZOJ3165][HEOI2013]Segment (line segment tree without marking)
Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju
The latest tutorial on making framework for iOS
DAX Section 6: Statistical Functions
Daily
More
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)

Code World

© 2018 codetd.com