Closing the Loop on Secure System Design

Wednesday, February 28, 2018
11:00 AM to 12:00 PM
EER 3.646
Free and open to the public

Despite decades of research building secure operating sys-tems, many deployed systems must still choose between flexible application APIs and security. As a result, the vast majority of programmers are unable to improve these sys-tems. This is not merely a result of poor system building. It is hard to design highly extensible systems that are both secure and useful. Moreover, evaluating novel designs with actual developers is critical in order to make sure system builders can adopt research systems in practice.

Fortunately, in emerging application domains, such as the Internet of Things, there are no entrenched operating systems and application portability is less important. This makes it possible evaluate research techniques for building more secure and extensible systems with developers who are willing to adopt them.

This talk will describe Tock, an operating system for micro-controllers that enables third-party developers to extend the system. Tock uses the Rust type-system to isolate kernel extensions and the hardware to isolate applications. This talk will discuss how we continuously evaluate Tock by engaging with practitioners, and how lessons from practi-tioners have fed back into the system’s design.


Amit Levy

Amit Levy

Stanford University

Amit Levy is a PhD candidate in Computer Science at Stanford University.He builds secure operating system kernels, web platforms, and network systems that help make computers more programmable by third-party application developers.