Virtualization Technology News and Information
Open Kernel Labs and NICTA to Deliver Verified Microvisor

Open Kernel Labs (OK Labs), the leading global provider of embedded virtualization software for mobile phones and broadband Internet devices, today announced completion of long-term research and development to provide formal mathematical proof of the correctness of the microkernel technology underlying OKL4, the company’s mobile virtualization platform. This groundbreaking project involved NICTA, the company’s incubator and investor, OK Labs staff, researchers from the University of New South Wales (UNSW), and other prestigious institutions. Moreover, as commercialization partner for NICTA, OK Labs will bring the results of the project to market in future generations of mobile virtualization products.

The project centered on the need to assure extremely high levels of reliability and security in mission-critical domains that include aerospace and transportation. By mathematically proving the correctness of underlying kernel functioning, NICTA and OK Labs pave the way for validating and deploying mobile virtualization under certification and security regimes like Common Criteria for business-critical applications in mobile telephony, business intelligence, and mobile financial transactions.

“The close partnership between NICTA and OK Labs energizes research, development, and commercialization of innovative technology,” said Steve Subar, president and CEO, OK Labs. “NICTA's groundbreaking research promises to deliver huge benefits to embedded design. We look forward to bringing a secure and verified Microvisor to market in OK Labs virtualization platforms for mobile OEMs, mobile network operators (MNOs), and IT managers building mobile-to-enterprise applications.”

Formal Verification – Key to Secure and Reliable Software

Existing certification regimes center on software processes and conformance to specifications of models of software. By contrast, the NICTA project actually proves the correctness of the code itself, using formal logic and programmatic theorem-checking. The combination results in unprecedented reliability and security. The verification eliminates a wide range of exploitable errors in the kernel, including design flaws and code-based errors like buffer overflows, null pointer dereference and other point errors, memory leaks and arithmetic overflows, and exceptions.

“The NICTA team has achieved a landmark result which will be a game changer for security- and safety-critical software,” said Gernot Heiser, OK Labs CTO and John Lions Chair of Operating Systems at UNSW. “The verification provides conclusive evidence that bug-free software is possible, and in the future, nothing less should be considered acceptable where critical assets are at stake.”

The project entailed four years of work by NICTA and UNSW researchers. The joint team verified 7,500 lines of source code, proving over 10,000 intermediate theorems in over 200,000 lines of formal proof. The verified code base, the seL4 kernel (“secure embedded L4”), derived from the globally developed and deployed open source L4 project (as did OKL4, the OK Labs mobile virtualization platform).

The outcome of the project – the seL4 code, theorems, and testing framework – will be transferred from NICTA to OK Labs as part of the ongoing relationship between the two entities. For its part, OK Labs plans to use the NICTA intellectual property for comparable verification of OKL4, for a fully-verified future commercial product.

Published Thursday, August 13, 2009 6:19 AM by David Marshall
Filed under:
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<August 2009>