High-Assurance Separation Kernels: A Survey on Formal Methods (2017) arxiv.org 23 points by doener 5 years ago