Microkernels and Component-based OS
Demonstration of the Sculpt Operating System
Sculpt OS is a novel general-purpose operating system designed from the ground up and implemented using the building blocks of the Genode OS framework. It started with the vision of a truly trustworthy OS that combines a completely new system structure with microkernels, capability-based security, sandboxed device drivers, and virtual machines. The talk is a live demonstration of the current incarnation of Sculpt.
The Genode OS framework is an operating-system technology created from scratch. Over the past decade, it steadily evolved from a fairly obscure research prototype to a practical day-to-day operating system.
Being a component-based system designed after the principle of least privilege from the very beginning, it breaks with many concepts that we take for granted in traditional operating systems, e.g., the central role of files. Instead, Genode introduces a novel way of composing system scenarios out of building blocks where the building blocks are able to cooperate without ultimately trusting each other. Those building blocks include not only applications but also all classical OS functionalities including kernels, device drivers, file systems, and protocol stacks.
In 2018 - after more than 10 years of developing Genode in a shadowy corner of the open-source community - the project created Sculpt OS, which is a Genode-based general-purpose OS for commodity PC hardware. Since it is not derived from any existing OS, Sculpt re-approaches established concepts like the installation, configuration, and spawning of programs from a new angle. This is reflected by its custom user interface.
Besides presenting the motivation and the fundamental ideas behind Genode, the talk will introduce and demonstrate the current state of Sculpt OS, draw connections to related open-source projects, and give a glimpse on the project's future plans.
Additional information
| Type | devroom |
|---|
More sessions
| 2/2/20 |
I will give an overview of where seL4 stands today in terms of functionality, verification, ecosystem, deployment and community. The focus will be on what has happened in seL4 land over the past 12 months, which is a lot: seL4 Foundation, RISC-V support and introducing time protection.
|
| 2/2/20 |
Current microkernels have shown to provide advantages in terms of security, robustness, and flexibility of systems. However, in recent years, the hardware added new challenges that need to be addressed as well, demanding approaches that include the hardware into the picture. First, hardware is getting more and more heterogeneous and consists not only of general-purpose cores, but contains also various accelerators. Second, system designers need to integrate untrusted third-party components ...
|
| 2/2/20 |
This is going to be an all-encompassing update talk for HelenOS developments that happened in the Year of the Pig (since the last FOSDEM).
|
| 2/2/20 |
LKL (Linux Kernel Library) is aiming to allow reusing the Linux kernel code as extensively as possible with minimal effort and reduced maintenance overhead. It allows us to link the library with any programs (which wish to call as a function call) containing Linux kernel code. There are many use cases: reading/writing files without general system calls, putting experimental protocol implementation without neither of host kernel update nor kernel module installation, using customized kernel in ...
|
| 2/2/20 |
Phantom OS is an Operating system based on the orthogonal persistence. Application does not feel OS shutdown and restart. Even abrupt restart. It is guaranteed that application will be restarted in consistent state.
|
| 2/2/20 |
Gneiss is an abstraction layer for component based environments that aims to provide a foundation for formally provable components. It enables the creation of platform independent, asynchronous components in SPARK and provides function contracts that allow to prove the correct interaction with the underlying platform.
|
| 2/2/20 |
With 2.5 billions of active users Android is the most widely deployed mobile operating system in the world. Its vast complexity paired with a monolithic architecture regularly result in severe security issues like the infamous Stagefright bug. In this presentation we talk about an ongoing research project which aims at running Android applications on top of the component-based Genode OS framework and secure them using formally verified components. We discuss how Android applications interact, ...
|
