Motivation OS memory safety research Memory safety for OS code: OS designs based on safe languages; Compiler techniques such as SVA-M to enforce memory safety for commodity OSs in unsafe languages; Instrumentation techniques to isolate a kernel from extensions such as device drivers; Singularity, SPIN, JX, JavaOS, SafeDrive, and SVA-M are examples of system that enforce a safe execution environment. Common asumptions of OS memory safety research Unfortunately, all these memory safety techniques (except Verve, which has very limited I/O and no MMU support) make assumptions that are routinely violated by low-level initeractions between an OS kernel and hardware, even if implemented in safe programming language.
Reference1 reference ↩
Reference1
If you could revise
the fundmental principles of
computer system design
to improve security...
... what would you change?