From 903b6595d736ecede9e6533ec1f945968ad80799 Mon Sep 17 00:00:00 2001 From: Hannes Mehnert Date: Sun, 17 Sep 2017 19:06:05 +0100 Subject: [PATCH] reword + shorten --- Home | 62 ++++++++++++++++++++---------------------------------------- 1 file changed, 20 insertions(+), 42 deletions(-) diff --git a/Home b/Home index a59c0f5..7b85724 100644 --- a/Home +++ b/Home @@ -24,50 +24,28 @@ Critical security updates are rarely deployed on time, because they result in un devices are missing a secure update channel. ====== -Instead of trying to fix these decades-old operating systems, which were -designed based on demands at that time (e.g. time-multiplexed multi-user -computers), we build small services from scratch with security in mind. Each -service is run as a separate virtual machine on any hypervisor with only the +We at robur are building minimal services, called *unikernels*, from scratch with security in mind, +instead of trying to fix these decades-old software, which was +designed based on demands from earlier days. +Each +service is executed as a virtual machine on any major hypervisor, and contains only the strictly necessary code. +The number of lines and the binary size of a unikernel with HTTP +and TLS support is around 4% compared to a virtual machine using a conventional +UNIX / Linux operating system. +The security of a unikernel is improved by the reduction of the attack surface. -This makes our virtual machines much smaller. The binary size of an HTTP server -with TLS support is around 4% compared to one using a conventional Linux -operating system, making the attack surface much smaller. +Our unikernels are implemented in a functional programming language with a static +type system and automated memory management. +Buffer overflows and double frees are no concern to us. +A unikernel avoids these common attack vectors by the choice of the programming language. -Additionally, we use a functional programming language with static -types and automated memory management. This -reduces the attack vectors: temporal and spatial memory corruption are no -concern anymore. The declarative programming style makes it possible to -formally verify the correctness of the entire virtual machine with a theorem +We can prototype rapidly, because the type system detects errors early, and we don't need to manage memory by hand. +Turning a prototype into production is usually a question of fine-tuning its performance. + +Our declarative programming style makes it even possible to +formally verify an entire virtual machine using a theorem prover. -One of our unikernels boots within milliseconds, and has a -minimal memory footprint. For client-side features that run in a webbrowser, we -compile to JavaScript from the same codebase, to ensure consistency. The strong -and static type system helps to detect errors early, and enables rapid -prototyping. For production use the prototype code can be further optimized for -performance. - -## Conclusion - -MirageOS started as a research project, and has matured to a full suite for -building secure operating systems, with libraries that work well in production -and cover a variety of application needs. MirageOS is a game changer for secure -network services, since the attack surface is minimised to 1% of the size of -other contemporary operating systems. In addition, common attack vectors are -avoided by the usage of a programming language with memory safety. A unikernel -boots within tens of milliseconds, and services can be spawned on demand. When a -request (e.g. a DNS request) for a unikernel comes in, the kernel boots up, -handles the request, and is destroyed after an inactivity period. Only the -necessary services need to run, and they can be short-lived to minimize state in -the system. - -The choice of a high-level programming language also allows for rapid -prototyping, new features can be developed quickly. In contrast to scripting -languages, the code does not need to be re-implemented for production use (but -nevertheless can be fine-tuned for performance). - - -WHY YOU NEED THIS! -WHAT ERRORS WE CAN AVOID -HOW WE CAN HELP +The boot time of a unikernel can be measured in a few milliseconds, redeployment +after updates is instantenous. We can create unikernels on demand.