Misplaced Pages

Verve (operating system)

Article snapshot taken from[REDACTED] with creative commons attribution-sharealike license. Give it a read and then ask your questions in the chat. We can research this topic together.
Research operating system from Microsoft Research For other uses of "Verve", see Verve (disambiguation). Operating system
Verve
DeveloperMicrosoft Research
Written inBoogiePL, C#; bootloader in assembly language, C++; may use other Common Intermediate Languages (CIL)
OS familyLanguage-based operating systems
Working stateIn development
Source modelSource-available (via Shared Source Initiative)
Initial releaseSeptember 2010; 14 years ago (2010-09)
Latest releaser73999 / November 10, 2013; 11 years ago (2013-11-10)
Platformsx86
Kernel typeMicrokernel, language-based
LicenseMicrosoft Research License

Verve is a research operating system developed by Microsoft Research. Verve is verified end-to-end for type safety and memory safety.

Because of their complexity, a holy grail of software verification has been to verify properties of operating systems. Operating systems are usually written in low-level languages, such as C, that provide very few guarantees. The Singularity Project took the approach of writing an operating system in C#, a type-safe, memory-safe language. A weakness of this approach is that operating systems necessarily need to call lower-level code to, for instance, move the stack pointer. Verve addresses this problem by partitioning the operating system into verified assembly language that is required to be low-level and a trusted interface to rest of the operating system, written in C#. There is a trusted specification that guarantees the low-level assembly code does not modify the heap and that the high-level C# code does not modify the stacks.

Verve consists of a small Nucleus, which acts as a minimal hardware abstraction layer, and a Kernel, which uses primitives provided by the Nucleus to expose a more traditional interface to applications. All components of the system other than the Nucleus are written in managed code C# and compiled by Bartok (originally developed for the Singularity project) into typed assembly language (TAL), which is verified by a TAL checker.

The Nucleus implements a memory allocator and garbage collection, support for stack switching, and managing interrupt handlers. It is written in BoogiePL, which serves as input to MSR's Boogie verifier, which proves the Nucleus correct using the Z3 Theorem Prover satisfiability modulo theories (SMT) automated theorem prover (solver). The Nucleus relies on the Kernel to implement threads, scheduling, synchronization, and to provide most interrupt handlers. Even though the Kernel is not formally verified, so, for example, a bug in scheduling could cause the system to hang, it cannot violate type or memory safety, and thus cannot directly cause undefined behavior. If it attempts to make invalid requests to the Nucleus, formal verification guarantees that the Nucleus handles the situation in a controlled manner.

Verve's trusted computing base (TCB) is limited to: Boogie/Z3 for verifying the Nucleus's correctness; BoogieASM for translating it into x86 assembly; the BoogiePL specification of how the Nucleus should behave; the TAL verifier; the assembler and linker; and the bootloader. Notably, neither the C# compiler/runtime nor the Bartok compiler are part of the TCB.

References

Microsoft Research (MSR)
Main
projects
Languages, compilers
Distributedgrid computing
Internet, networking
Other projects
Operating systems
APIs
Launched as products
MSR Labs
applied
research
Live Labs
Current
Discontinued
FUSE Labs
Other labs
Category
Operating systems by Microsoft
Desktop / Server
Mobile
Embedded / IoT
Network
Others
Microkernels-nanokernels
Kernels
L4 family
Macintosh hosted
Psion
Amiga-type
Operating
systems
POSIX support
Unix-like
  • ARX
  • GNU Hurd°
  • Lites
  • MeikOS
  • Minix°
  • MkLinux°
  • Multi-Environment Real-Time^ (MERTUnix-RT)
  • OS2000
  • QNX^
  • Redox°
  • Spring
  • Tinix
  • UNICOS
  • VSTa
  • Partial
    Capability-based
    L4 kernel
    Java virtual machine
    Macintosh hosted
    Unix-like
    Psion
  • EPOCSymbian OS
  • Amiga-type
    Microsoft
    AIM alliance
    Frameworks, kits
  • Cosmos°
  • Genode°
  • TI-RTOS
  • Developers
    Categories:
    Verve (operating system) Add topic