Vikram Adve, University of Illinois at Urbana-Champaign Title: Secure Virtual Architecture: A Novel Foundation for Operating System Security Abstract: This talk describes Secure Virtual Architecture (SVA), an efficient and robust approach to provide a safe execution environment for an entire commodity operating system, such as Linux and its hosted applications. SVA defines a simple, but complete, virtual architecture, implemented via a compiler-based virtual machine. The SVA approach is efficient and requires relatively few changes to the guest OS because it is based on a set of novel, and highly efficient, techniques to enforce strong safety properties for *unmodified* C programs. We have ported the Linux kernel to SVA with only minimal changes to the machine-independent part of the kernel. The safety guarantees in SVA are close to, but slightly weaker than, those provided by a safe language like Java, C\#, or Modula-3; these compromises are key to both efficiency and minimal porting changes. The approach is robust because both SVA and the virtual machine are designed to remove the complex, safety-checking compiler from the trusted computing base, and requiring only a simple type checker to be trusted. The SVA design also enables similarly robust implementation of higher-level security properties that can be represented as type systems. The safe execution environment enforced by SVA can provide three benefits for operating system designers and users. First, it can eliminate a large class of vulnerabilities that are by far the most common targets of exploits today. Second, a safe execution environment can foster new avenues for innovation in commodity systems, by incorporating techniques developed in research kernels using safe languages, such as extensibility, type-safe communication, and others. Third, many higher-level security problems could be addressed effectively by a combination of compiler and run-time techniques enabled by a compiler-based virtual machine. The long-term goal of the SVA project is to develop new solutions to higher-level security problems in current systems. Bio: Vikram Adve is an Associate Professor of Computer Science at the University of Illinois at Urbana-Champaign. His research interests include compilers, security, computer architecture, and performance evaluation. His research group has developed the LLVM Compiler Infrastructure, a widely distributed and novel compiler framework for 'lifelong' optimization of programs. LLVM is in production use by several companies including Apple, Cray, Ageia, and others. A broad ongoing project in Adve's group is Secure Virtual Architecture (SVA), a compiler-based virtual-machine for operating system kernels that can be used to enhance system security and reliability. Adve received a B.Tech. from I.I.T. Bombay in 1987, a Ph.D. in Computer Science from the University of Wisconsin-Madison in 1993, and was a Research Scientist at Rice University before joining the University of Illinois. He has received the NSF CAREER award, Best Paper Awards at PLDI 2005 and PADS 2001, and the UIUC Computer Science Department's Outstanding Junior Faculty Award. He is an Associate Editor of the ACM Transactions on Programming Languages and Systems (TOPLAS).