Kernels for Safety?
John Rushby
From Safe and Secure Computing Systems, Chapter 13. Edited by
T. Anderson. Blackwell Scientific Publications. 1989. Pages
210-220.
Abstract
Secure systems are often built around a "security kernel"--a
relatively small and simple component that guarantees the security of
the overall system. In this paper we ask whether this approach can be
used to ensure system properties other than security---in particular,
we are interested in whether "safety" properties can be handled in
this way. Our conclusion is that kernelized system structures can
provide rigorous guarantees that certain faults of commission will not
occur. We give a more precise characterization in terms of the formal
statement that can be asserted for a kernelized system and we outline
an approach to system design that uses these insights and draws on
experience with secure systems in order guarantee certain safety
properties.
gzipped postscript,
or
plain postscript
or
pdf
or
crude ascii (for your Palm Pilot)
BibTeX Entry
@incollection{Rushby86:sss,
AUTHOR = {John Rushby},
TITLE = {Kernels for Safety?},
BOOKTITLE = {Safe and Secure Computing Systems},
PUBLISHER = {Blackwell Scientific Publications},
YEAR = 1989,
EDITOR = {T. Anderson},
CHAPTER = 13,
PAGES = {210--220},
NOTE = {(Proceedings of a Symposium held in Glasgow, October 1986)}
}
Having trouble reading our papers?
Return to the Formal Methods Program home page
Return to the Computer Science Laboratory home page