{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2015:HP3XOR3ZPGP7PTVH46CE4NQ6N2","short_pith_number":"pith:HP3XOR3Z","canonical_record":{"source":{"id":"1510.05091","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.SE","submitted_at":"2015-10-17T07:36:20Z","cross_cats_sorted":["cs.CR"],"title_canon_sha256":"905153c53601d9668d95316c2be263213f5945ac97bae693214baf043e870117","abstract_canon_sha256":"09d763598751bd543f4356b0871cfcae95cc00bf2c34fabb3f40393d36c30623"},"schema_version":"1.0"},"canonical_sha256":"3bf7774779799ff7cea7e7844e361e6ea9b28cb497557ba66ca278f5a23d4823","source":{"kind":"arxiv","id":"1510.05091","version":1},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1510.05091","created_at":"2026-05-18T01:29:53Z"},{"alias_kind":"arxiv_version","alias_value":"1510.05091v1","created_at":"2026-05-18T01:29:53Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1510.05091","created_at":"2026-05-18T01:29:53Z"},{"alias_kind":"pith_short_12","alias_value":"HP3XOR3ZPGP7","created_at":"2026-05-18T12:29:25Z"},{"alias_kind":"pith_short_16","alias_value":"HP3XOR3ZPGP7PTVH","created_at":"2026-05-18T12:29:25Z"},{"alias_kind":"pith_short_8","alias_value":"HP3XOR3Z","created_at":"2026-05-18T12:29:25Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2015:HP3XOR3ZPGP7PTVH46CE4NQ6N2","target":"record","payload":{"canonical_record":{"source":{"id":"1510.05091","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.SE","submitted_at":"2015-10-17T07:36:20Z","cross_cats_sorted":["cs.CR"],"title_canon_sha256":"905153c53601d9668d95316c2be263213f5945ac97bae693214baf043e870117","abstract_canon_sha256":"09d763598751bd543f4356b0871cfcae95cc00bf2c34fabb3f40393d36c30623"},"schema_version":"1.0"},"canonical_sha256":"3bf7774779799ff7cea7e7844e361e6ea9b28cb497557ba66ca278f5a23d4823","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-18T01:29:53.209732Z","signature_b64":"xUpYjN9yKbjVjlZH1ISpL9O2piUJJYNe/ByQUVm0F6pXzd6DWXIkjcpY6n1eGnbnSL15iKNhcMBz6pFLGnP9DA==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"3bf7774779799ff7cea7e7844e361e6ea9b28cb497557ba66ca278f5a23d4823","last_reissued_at":"2026-05-18T01:29:53.209039Z","signature_status":"signed_v1","first_computed_at":"2026-05-18T01:29:53.209039Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"1510.05091","source_version":1,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T01:29:53Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"rHYERDyMG9rB3JVTyzciVVGAFMsEvC7BJ18qIHsy3qmdTQPa87Ak7TrkxpYia5XE0RyBgLw+45eUGILR8UYoAA==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-21T23:38:04.016717Z"},"content_sha256":"44e4ff7e6118d3534df346efabc59a2bb588a96ca7d279b8f6dd0d0129ed0503","schema_version":"1.0","event_id":"sha256:44e4ff7e6118d3534df346efabc59a2bb588a96ca7d279b8f6dd0d0129ed0503"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2015:HP3XOR3ZPGP7PTVH46CE4NQ6N2","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"Reasoning About Information Flow Security of Separation Kernels with Channel-based Communication","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":["cs.CR"],"primary_cat":"cs.SE","authors_text":"David Sann, Fuyuan Zhang, Yang Liu, Yongwang Zhao","submitted_at":"2015-10-17T07:36:20Z","abstract_excerpt":"Assurance of information flow security by formal methods is mandated in security certification of separation kernels. As an industrial standard for separation kernels, ARINC 653 has been complied with by mainstream separation kernels. Security of functionalities defined in ARINC 653 is thus very important for the development and certification of separation kernels. This paper presents the first effort to formally specify and verify separation kernels with ARINC 653 channel-based communication. We provide a reusable formal specification and security proofs for separation kernels in Isabelle/HOL"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1510.05091","kind":"arxiv","version":1},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T01:29:53Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"/E8OXhajzW4j97tVXw8HrIfl3yYZ2L3cefKcU6J70qisGmF1qH4tJ3hZ4bwpebMG1ZaU0MPS0pBi0ZIEhy0DBw==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-21T23:38:04.017061Z"},"content_sha256":"f872c8335f273e7dc0ef5896bf98a4680fabbee944cb6e4298835c9ae7049d25","schema_version":"1.0","event_id":"sha256:f872c8335f273e7dc0ef5896bf98a4680fabbee944cb6e4298835c9ae7049d25"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/HP3XOR3ZPGP7PTVH46CE4NQ6N2/bundle.json","state_url":"https://pith.science/pith/HP3XOR3ZPGP7PTVH46CE4NQ6N2/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/HP3XOR3ZPGP7PTVH46CE4NQ6N2/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-06-21T23:38:04Z","links":{"resolver":"https://pith.science/pith/HP3XOR3ZPGP7PTVH46CE4NQ6N2","bundle":"https://pith.science/pith/HP3XOR3ZPGP7PTVH46CE4NQ6N2/bundle.json","state":"https://pith.science/pith/HP3XOR3ZPGP7PTVH46CE4NQ6N2/state.json","well_known_bundle":"https://pith.science/.well-known/pith/HP3XOR3ZPGP7PTVH46CE4NQ6N2/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2015:HP3XOR3ZPGP7PTVH46CE4NQ6N2","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"09d763598751bd543f4356b0871cfcae95cc00bf2c34fabb3f40393d36c30623","cross_cats_sorted":["cs.CR"],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.SE","submitted_at":"2015-10-17T07:36:20Z","title_canon_sha256":"905153c53601d9668d95316c2be263213f5945ac97bae693214baf043e870117"},"schema_version":"1.0","source":{"id":"1510.05091","kind":"arxiv","version":1}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1510.05091","created_at":"2026-05-18T01:29:53Z"},{"alias_kind":"arxiv_version","alias_value":"1510.05091v1","created_at":"2026-05-18T01:29:53Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1510.05091","created_at":"2026-05-18T01:29:53Z"},{"alias_kind":"pith_short_12","alias_value":"HP3XOR3ZPGP7","created_at":"2026-05-18T12:29:25Z"},{"alias_kind":"pith_short_16","alias_value":"HP3XOR3ZPGP7PTVH","created_at":"2026-05-18T12:29:25Z"},{"alias_kind":"pith_short_8","alias_value":"HP3XOR3Z","created_at":"2026-05-18T12:29:25Z"}],"graph_snapshots":[{"event_id":"sha256:f872c8335f273e7dc0ef5896bf98a4680fabbee944cb6e4298835c9ae7049d25","target":"graph","created_at":"2026-05-18T01:29:53Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"Assurance of information flow security by formal methods is mandated in security certification of separation kernels. As an industrial standard for separation kernels, ARINC 653 has been complied with by mainstream separation kernels. Security of functionalities defined in ARINC 653 is thus very important for the development and certification of separation kernels. This paper presents the first effort to formally specify and verify separation kernels with ARINC 653 channel-based communication. We provide a reusable formal specification and security proofs for separation kernels in Isabelle/HOL","authors_text":"David Sann, Fuyuan Zhang, Yang Liu, Yongwang Zhao","cross_cats":["cs.CR"],"headline":"","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.SE","submitted_at":"2015-10-17T07:36:20Z","title":"Reasoning About Information Flow Security of Separation Kernels with Channel-based Communication"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1510.05091","kind":"arxiv","version":1},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:44e4ff7e6118d3534df346efabc59a2bb588a96ca7d279b8f6dd0d0129ed0503","target":"record","created_at":"2026-05-18T01:29:53Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"09d763598751bd543f4356b0871cfcae95cc00bf2c34fabb3f40393d36c30623","cross_cats_sorted":["cs.CR"],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.SE","submitted_at":"2015-10-17T07:36:20Z","title_canon_sha256":"905153c53601d9668d95316c2be263213f5945ac97bae693214baf043e870117"},"schema_version":"1.0","source":{"id":"1510.05091","kind":"arxiv","version":1}},"canonical_sha256":"3bf7774779799ff7cea7e7844e361e6ea9b28cb497557ba66ca278f5a23d4823","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"3bf7774779799ff7cea7e7844e361e6ea9b28cb497557ba66ca278f5a23d4823","first_computed_at":"2026-05-18T01:29:53.209039Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-18T01:29:53.209039Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"xUpYjN9yKbjVjlZH1ISpL9O2piUJJYNe/ByQUVm0F6pXzd6DWXIkjcpY6n1eGnbnSL15iKNhcMBz6pFLGnP9DA==","signature_status":"signed_v1","signed_at":"2026-05-18T01:29:53.209732Z","signed_message":"canonical_sha256_bytes"},"source_id":"1510.05091","source_kind":"arxiv","source_version":1}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:44e4ff7e6118d3534df346efabc59a2bb588a96ca7d279b8f6dd0d0129ed0503","sha256:f872c8335f273e7dc0ef5896bf98a4680fabbee944cb6e4298835c9ae7049d25"],"state_sha256":"e2b3251539ed972ff9be562e5113972a919dc51d5f61b3ab3a188616389030fd"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"YuqCypPr/OpbUoYetjnQaxdM7OG6ffayTp4dEZtGiJ1zLmZskbkcbPYY7BEHtCKpqi8mhqspFSVKOoMMlL+0Cg==","signed_message":"bundle_sha256_bytes","signed_at":"2026-06-21T23:38:04.018982Z","bundle_sha256":"8e223527b22b2141adf09c252a1ef26ba3cd1f02afc987b7216b4933c10fb778"}}