Ivannikov Institute for System Programming of the RAS

Formal Verification of OS Security Model with Alloy and Event-B.


Petr N. Devyanin, Alexey V. Khoroshilov, Victor V. Kuliamin, Alexander K. Petrenko, Ilya V. Shchepetkov.


The paper presents a work-in-progress on formal verification of operating system security model, which integrates control of confi- dentiality and integrity levels with role-based access control. The main goal is to formalize completely the security model and to prove its consistency and conformance to basic correctness requirements concerning keeping levels of integrity and confidentiality. Additional goal is to perform data flow analysis of the model to check whether it can preserve security in the face of certain attacks. Alloy and Event-B were used for formalization and verification of the model. Alloy was applied to provide quick constraint-based checking and uncover various issues concerning inconsistency or incompleteness of the model. Event-B was applied for full-scale deductive verification. Both tools worked well on first steps of model development, while after certain complexity was reached Alloy began to demonstrate some scalability issues.

Full text of the paper in pdf


formal verification, deductive verification, Alloy, Event-B, OS security model


In A. Yamine and K.-D. Schewe, eds. Abstract State Machines, Alloy, B, TLA, VDM, and Z, LNCS 8477:309-313, Proceedings of ABZ-2014, Toulouse, France, June 2-6, 2014.

DOI: 10.1007/978-3-662-43652-3_30

ISBN: 978-3-662-43651-6

Research Group

All publications during 2014 All publications