Trustworthy Systems

Static analysis of device drivers: we can do better!

Authors

Sidney Amani, Leonid Ryzhyk, Alastair Donaldson, Gernot Heiser, Alexander Legg and Yanjin Zhu

NICTA

UNSW

University of Oxford

University of Sydney

Abstract

We argue that the device driver architecture enforced by current operating systems complicates both manual and automatic reasoning about driver behaviour. In particular, it makes it hard and in some cases impossible to statically verify that the driver correctly interacts with the rest of the kernel. This limitation cannot be addressed solely via better verification tools. We maintain that qualitative improvement in the effectiveness of static driver verification must rely on an improved driver architecture, leading to drivers that are easier to write, understand, and verify. To support our claims, we present a device driver architecture, called active drivers, that satisfies these requirements. We outline our methodology for specifying and verifying active driver protocols using existing model checking tools and describe initial experimental results.

BibTeX Entry

  @inproceedings{Amani_RDHLZ_11,
    address          = {Shanghai, China},
    author           = {Amani, Sidney and Ryzhyk, Leonid and Donaldson, Alastair and Heiser, Gernot and Legg, Alexander and
                        Zhu, Yanjin},
    booktitle        = {Asia-Pacific Workshop on Systems (APSys)},
    keywords         = {device drivers, reliability, static analysis},
    month            = jul,
    pages            = {1--5},
    paperurl         = {https://trustworthy.systems/publications/nicta_full_text/4832.pdf},
    title            = {Static Analysis of Device Drivers: We Can Do Better!},
    year             = {2011}
  }

Download