Trustworthy Systems

Model-driven development for the seL4 microkernel using the HAMR framework

Authors

Jason Belt, John Hatcliff, John Shackleton, Jim Carciofini, Todd Carpenter, Eric Mercer, Isaac Amundson, Junaid Babar, Darren Cofer, David Hardin, Karl Hoech, Konrad Slind, Ihor Kuz and Kent Mcleod

Kansas State University
Adventium Labs
Brigham Young University
Collins Aerospace
Kry10 Limited
UNSW Sydney

Abstract

Verified microkernels such as seL4 provide trustworthy foundations for safety- and security-critical systems. However, their full potential remains unrealized due, in part, to the lack of application development environments that help engineers integrate the microkernel’s configuration and hosting of application code with modeling, analysis, and verification tools that address broader aspects of the development lifecycle.

This paper presents a model-driven tool chain for the seL4 microkernel based on the open source High Assurance Modeling and Rapid engineering (HAMR) code generation framework for the Architecture and Analysis Definition Language (AADL). We describe how the semantics of AADL communication and threading can be realized in terms of the access primitives and strong spatial and temporal partitioning mechanisms provided by seL4. For AADL users, seL4 provides a high-assurance platform with formally verified enforcement of component boundaries and communication pathways. For seL4 users, AADL provides high-level abstractions for developing seL4 applications, along with an ecosystem of system engineering and analysis tools. We illustrate the framework by applying a model-based development environment for increasing resiliency against cyber attacks to an unmanned aircraft flight control system.

BibTeX Entry

  @article{Belt_RHSCCMABCHHSKM_23,
    author           = {Jason Belt and John Hatcliff and John Shackleton and Jim Carciofini and Todd Carpenter and Eric
                        Mercer and Isaac Amundson and Junaid Babar and Darren Cofer and David Hardin and Karl Hoech and
                        Konrad Slind and Ihor Kuz and Kent Mcleod},
    doi              = {10.1016/j.sysarc.2022.102789},
    issn             = {1383-7621},
    journal          = {Journal of Systems Architecture},
    pages            = {102789},
    paperurl         = {https://trustworthy.systems/publications/papers/Belt_RHSCCMABCHHSKM_23.pdf},
    publisher        = {Elsevier},
    title            = {Model-driven development for the {seL4} microkernel using the {HAMR} framework},
    volume           = {134},
    year             = {2023}
  }

Download