|
19
|
Running the manual: An approach to high-assurance microkernel development
– Philip Derrin, Kevin Elphinstone, Gerwin Klein, David Cock, Manuel M. T. Chakravarty
- 2006
|
|
100
|
Noninterference, transitivity and channel-control security policies
– John Rushby
- 1992
|
|
309
|
On µ-kernel construction
– Jochen Liedtke
- 1995
|
|
17
|
Secure microkernels, state monads and scalable refinement
– David Cock, Gerwin Klein, Thomas Sewell
- 2008
|
|
19
|
Towards a practical, verified kernel
– Kevin Elphinstone, Gerwin Klein, Philip Derrin, Timothy Roscoe
- 2007
|
|
585
|
Isabelle/HOL: A Proof Assistant for Higher-Order Logic
– T Nipkow, L C Paulson, M Wenzel
- 2002
|
|
34
|
A principled approach to operating system construction in Haskell
– Thomas Hallgren, Mark P Jones, Rebekah Leslie, Andrew Tolmach
- 2005
|
|
213
|
Monad Transformers and Modular Interpreters
– Sheng Liang, Paul Hudak, Mark Jones
- 1995
|
|
74
|
98 Language and Libraries. The Revised Report
– S Peyton Jones
- 2003
|
|
619
|
Security policies and security models
– J Goguen, J Meseguer
- 1982
|
|
2
|
The logic of demand in
– W L Harrison, R B Kieburtz
- 2005
|
|
1
|
Dynamic intransitive noninterference
– R Leslie
- 2006
|
|
3
|
Bare Metal: A Programatica model of hardware
– M P Jones
- 2005
|
|
8
|
The Intel Safer Computing Initiative
– D Grawrock
- 2006
|
|
5
|
L4.sec implementation, kernel memory management
– Bernhard Kauer
- 2005
|
|
13
|
Veri of a formal security model for multiapplicative smart cards
– G Schellhorn, W Reif, A Schairer, P Karger, V Austel, D Toll
- 2000
|
|
25
|
OS verification — now
– Harvey Tuch, Gerwin Klein, Gernot Heiser
- 2005
|
|
84
|
Evolving Mach 3.0 to a Migrating Thread Model
– Bryan Ford, Jay Lepreau
- 1994
|
|
27
|
Applying source-code verification to a microkernel -- The VFiasco project
– Michael Hohmuth, Hendrik Tews, Shane G. Stephens
- 2002
|
