Lecture 23: Verification
- Read the Jitk paper
and answer the following two questions.
- How does Jitk avoid the bugs described in Section 3?
- Can you describe one bug that Jitk cannot prevent?
- (optional) Read the Dune paper.
Compare the sandbox described in §5.1 to Jitk.
- Lab X: if you would like to do a demo
- email us to schedule a project meeting by the end of today
- project meeting: Wednesday in 560
- demo: Friday here
running untrusted extensions
- review what we have learned so far
- context: running extensions in browsers, OS kernels, etc. - examples?
- what can go wrong? - see §3 of the Jitk paper
- safe execution of extensions
- functional correctness of the extension - when do we need this
- approaches - draw a table of the goals & examples
- trust the extensions & hope for the best (examples?)
- testing (e.g., run klee from last lecture - how?)
- virtual machine/process isolation
- software-based fault isolation: NativeClient
- safe languages: Rust, SPIN OS, Singularity
- formal verification: Jitk, proof-carrying code, etc.
- advanced OS topics: take 551 or next spring’s 599
- advanced PL topics: take 505 or 507