homepage-data/Home
2017-09-16 17:52:05 +01:00

27 lines
2.1 KiB
Text

---
title: Robust Open Bare Ubiquitous Resilient services
author: someone
abstract: some abstract
---
Computers on the Internet get compromised,
- to access data on the computer (databases, passwords, user accounts) or block access to it (Ransomware),
- to participate in DoS of other services (e.g. the Mirai botnet on SmartTVs) and manipulate opininon (chatbots).
The software stack is often missing critical security updates, most embedded devices (home router, SmartTV, etc.) have no secure update channel, they need a secure system from the start.
Recent security solutions focus on containing compromised software by using virtualisation technology and containers. But the root cause remains: running old systems that are insecure.
Instead of trying to fix these decades-old operating systems, which were designed as multi-user time sharing systems of the past,
we build small services from scratch with security in mind, directly on the virtualization layer.
In our operating system, each service is a separate virtual machine with only the required code (usually no need for process- and user management, or a file system), and no copy of a multi-purpose operating system kernel.
This makes our systems much smaller.
The binary size of an HTTP server with TLS support in our system is around 4% compared to one in a conventional operating system, making the attack surface much smaller.
Additionally, we use a safe programming language: a statically and strongly typed functional programming language with automated memory management.
This reduces the attack vectors: temporal and spatial memory corruption are no concern anymore.
The declarative programming style makes it possible to formally verify the correctness of the entire virtual machine with a theorem prover.
One of our single purpose operating systems boots within milliseconds, and has a tiny memory footprint.
For client-side features that run in a webbrowser, we compile to JavaScript from the same codebase, to ensure consistency. The strong and static type system helps to detect errors early, and enables rapid prototyping. For production use the prototype code can be further optimized for performance.