reword + shorten

This commit is contained in:
Hannes Mehnert 2017-09-17 19:06:05 +01:00
parent e9fe693430
commit 903b6595d7

62
Home
View file

@ -24,50 +24,28 @@ Critical security updates are rarely deployed on time, because they result in un
devices are missing a secure update channel. devices are missing a secure update channel.
====== ======
Instead of trying to fix these decades-old operating systems, which were We at robur are building minimal services, called *unikernels*, from scratch with security in mind,
designed based on demands at that time (e.g. time-multiplexed multi-user instead of trying to fix these decades-old software, which was
computers), we build small services from scratch with security in mind. Each designed based on demands from earlier days.
service is run as a separate virtual machine on any hypervisor with only the Each
service is executed as a virtual machine on any major hypervisor, and contains only the
strictly necessary code. strictly necessary code.
The number of lines and the binary size of a unikernel with HTTP
and TLS support is around 4% compared to a virtual machine using a conventional
UNIX / Linux operating system.
The security of a unikernel is improved by the reduction of the attack surface.
This makes our virtual machines much smaller. The binary size of an HTTP server Our unikernels are implemented in a functional programming language with a static
with TLS support is around 4% compared to one using a conventional Linux type system and automated memory management.
operating system, making the attack surface much smaller. Buffer overflows and double frees are no concern to us.
A unikernel avoids these common attack vectors by the choice of the programming language.
Additionally, we use a functional programming language with static We can prototype rapidly, because the type system detects errors early, and we don't need to manage memory by hand.
types and automated memory management. This Turning a prototype into production is usually a question of fine-tuning its performance.
reduces the attack vectors: temporal and spatial memory corruption are no
concern anymore. The declarative programming style makes it possible to Our declarative programming style makes it even possible to
formally verify the correctness of the entire virtual machine with a theorem formally verify an entire virtual machine using a theorem
prover. prover.
One of our unikernels boots within milliseconds, and has a The boot time of a unikernel can be measured in a few milliseconds, redeployment
minimal memory footprint. For client-side features that run in a webbrowser, we after updates is instantenous. We can create unikernels on demand.
compile to JavaScript from the same codebase, to ensure consistency. The strong
and static type system helps to detect errors early, and enables rapid
prototyping. For production use the prototype code can be further optimized for
performance.
## Conclusion
MirageOS started as a research project, and has matured to a full suite for
building secure operating systems, with libraries that work well in production
and cover a variety of application needs. MirageOS is a game changer for secure
network services, since the attack surface is minimised to 1% of the size of
other contemporary operating systems. In addition, common attack vectors are
avoided by the usage of a programming language with memory safety. A unikernel
boots within tens of milliseconds, and services can be spawned on demand. When a
request (e.g. a DNS request) for a unikernel comes in, the kernel boots up,
handles the request, and is destroyed after an inactivity period. Only the
necessary services need to run, and they can be short-lived to minimize state in
the system.
The choice of a high-level programming language also allows for rapid
prototyping, new features can be developed quickly. In contrast to scripting
languages, the code does not need to be re-implemented for production use (but
nevertheless can be fine-tuned for performance).
WHY YOU NEED THIS!
WHAT ERRORS WE CAN AVOID
HOW WE CAN HELP