Amazon Science June 10, 2026 · Cloud & Big Tech

EC2’s formally verified “isolation engine” provides mathematical assurance of virtual-machine isolation

Splitting the “separation kernel” off from the rest of the Nitro security system and using only a subset of the Rust programming language to code it enabled its formal verification.