
 Isolation with a Very Small TCB - wglb
http://blog.regehr.org/archives/565?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+EmbeddedInAcademia+%28Embedded+in+Academia%29
======
pavpanchekha
Every time it comes up, I am impressed by seL4. From the incredibly small size
of the code to the fact that it's been proven correct, it's just a testament
to the fact that correct code, in the formal sense, can be written. I'm happy
to hear that advances in this area continue to be made.

~~~
sel4throwaway
It has been proven to have certain properties, not to be "correct".

------
eru
Reads the proper HN article. And, like Parkinson forecasted: Since this is a
pretty technical topic, people find it hard to comment. While the more fluffy
topics have tons of discussion.

~~~
mvzink
My hypothesis is in part that people use the arrow buttons more readily in
answer to their emotions. Hence secure microkernels receiving a handful of
upvotes, despite massive potential impact, and "SICP is Under Attack" having
many times more.

------
mvzink
Imagine how much safer you would feel about Native Client if the phrase
"theorem prover" was anywhere on the Google Code page.

------
rdl
Another similar and very interesting technology is the "separation kernel"
(<http://en.wikipedia.org/wiki/Separation_kernel>). There's actually a lot of
cool stuff you can do with virtualization now, even on a system-dedicated
mode.

