Compositional verification of system program modules in Rust

Submitted by Jean-Pierre TALPIN on Tue 26/04/2022 - 09:53
Team
Date of the beginning of the PhD (if already known)
dès que possible
Place
Rennes
Laboratory
IRISA - UMR 6074
Description of the subject

Project RIOT-fp https://future-proof-iot.github.io/RIOT-fp is an Inria Challenge with the objective of developing future-proof operating system libraries for application to IoT: RIOT.  Our PhD project is interested in one of the futures of RIOT: RIOT-rs, implemented in Rust. This computing base provides access to a vast ecosystem of analysis, code generation, verification and proof tools. It offers us to rethink a system software validation process that would suit both system programming and verification requirements (as one may expect from using, e.g., a theorem prover).

The notion of contract is one ideal such interface between the development and verification of system programs in Rust.  A contract allows, on one hand, to formally document the hypothesis and guarantees of system modules, functions, artifacts, with respect to global safety ad security requirements.  Contracts can be sufficiantly abstract and comprehensible for system programmers, and adequatly refined to meet the strongest requirements of mechanised verification.

Our project will focus on the development of such a modular validation flow by case-studying the core of RIOT's implementation in Rust [riot-rs-core].  We define and exercise this workflow to characterize and validate global requirements ranging from race-condition, deadlock avoidance, priority management and schedulability, and/or memory isolation, faul isolation, information flow control.

The project will be implemented with teams Tea and Celtique at Inria, Rennes, in close collaboration with teams Tribe and Prosecco at Inria, Paris.  It requires a Master degree with solid background in proof theory and mathematical logic, programming languages and type theory, as well as motivation and interest in both the implementation and verification of operating systems.  Prior knowledge and experiences with both Rust, F*, Coq, Lean will stand out. Last but not least, the project will require weekly multi-center meetings and hence excellent communication and team-working skills in both french and english.

Please visit  https://recrutement.inria.fr/public/classic/fr/offres/2022-04814 for detailed information and for application

Bibliography


 - RIOT: http://www.riot-os.org
 - RIOT-fp: https://future-proof-iot.github.io/RIOT-fp
 - riot-rs-core: https://github.com/future-proof-iot/RIOT-rs/tree/main/src/riot-rs-core/…
 - F*: https://www.fstar-lang.org
 - Lean: https://leanprover.github.io
 - Electrolysis: https://kha.github.io/electrolysis

"Verified Functional Programming of an Abstract Interpreter". Lucas Franceschino, David Pichardie, Jean-Pierre Talpin. Static Analysis Symposium. ACM, 2021.
"Verified Functional Programming of an IoT operating system’s bootloader". Shenghao Yuan, Jean-Pierre Talpin. International Conference on Formal Methods and Models for System Design. ACM, 2021.
"A Mechanically Verified Theory of Contracts". Stéphane Kastenbaum, Benoît Boyer, Jean-Pierre Talpin. International Colloquium on Theoretical Aspects of Computing. Springer, 2021.

Researchers

Lastname, Firstname
Talpin, Jean-Pierre
Type of supervision
Director
Laboratory
Rennes
Team
Contact·s
Nom
Talpin, Jean-Pierre
Email
talpin@irisa.fr
Téléphone
0299847436
Keywords
theorem proving, programming languages, operating systems, verification, dependent types, contracts