Computer Engineering Seminar
Voodoo – Architectural support for composing fast/secure software
Add to Google Calendar
Execution monitors (EMs) represent one of a handful of mechanisms that can be used to enforce general systems security policies. In recent times, hardware based, or 'out-of-line', EMs have been largely neglected as a mechanism for enforcing generic security policies. This neglect has resulted from research indicating that address-spaces, commonly used as a basis for out-of-line EMs, are too expensive. Despite research to the contrary, this stigma associated with out-of-line EMs has remained.
In this talk we present the Voodoo architecture, a hardware/software co-design effort to provide memory based out-of-line EMs that can out-perform and replace software based, or 'in-line', EMs.
Voodoo provides efficient support for fine-grained memory access control to facilitate secure sharing of data between isolated software components. It also provides a protected procedure call instruction as a foundation on which to construct fast and secure crossings between isolated domains.
We additionally compare and contrast Voodoo with a similar approach Mondriaan memory protection (MMP). While MMP has provided recent evidence that memory based, out-of-line execution monitors need not perform poorly, we identify several limitations in their approach and outline how Voodoo tries to addresses these limitations.
Adam Wiggins is a PhD student in the School of Computer Science and Engineering at the University of New South Wales, Australia and a member of the Embedded, Real-time, and Operating Systems program in National ICT Australia (http://www.nicta.com.au/ertos).
Adam's research interests include the interaction of operating systems and hardware, fine-grain memory protection, as well as, microkernel design and construction. As part of his undergraduate thesis work, Adam developed a technique for reducing the overheads of address-space context switching on the ARM architecture for both Linux kernel and the L4 microkernel. For more info see