Keep in mind, these things are only proven to work as specified. There is no guarantee that the specification itself is secure. Or that there is no side channel attack possible. Or other stuff.

[-][anonymous]11y60

Correct. But what it achieves is a massive compression in the size of the attack surface. In as much as you trust the proof system, you know that the code matches the specification, so the only bugs which can exist are those in the specification itself.

[-]Shmi11y90

an end-to-end proof of implementation correctness

Time to take bets on when the first security hole gets discovered.

[-]David_Gerard11y80

Took a few years for OpenBSD, and that relied on mere human software engineering skill.

[-]somervta11y60

You offering?

Moderation Log

Curated and popular this week

9Comments

seL4 is the world's first (and only?) operating-system kernel with an end-to-end proof of implementation correctness and security enforcement. In 34 days it is going open source:

http://sel4.systems/

Now if only we could get a provably-correct implementation of the Amoeba operating system kernel on top of this, it'd be the perfect base for a boxed AI software stack.

LESSWRONG
LW

LESSWRONG
LW

6

[LINK] seL4, secure operating system kernel is being open-sourced

6

6