CRI: CRD: A Compiler-Based Virtual Machine Infrastructure for System Software
University Of Illinois At Urbana-Champaign, Urbana IL
Investigators
Abstract
Proposal #: CNS 07-09122 PI(s): Adve, Vikram S. Institution: University of Illinois - Urbana-Champaign Champaign, IL 61820-7406 Title: CRD:A Compiler-Based Virtual Machine Infrastructure for System Software Project Proposed: This project, building and distributing a compiler-based virtual monitor machine (VMM) for system software, combines virtualization and compiler techniques. This infrastructure supports safety and verifiability for both high-level applications and low-level system code and includes a compiler-based virtual machine (LLVA) that can host an entire OS and all its applications, the Linux kernel (ported to the LLVA architecture), and development tools to compile and work with LLVA code. Building on techniques developed in the SAFECode in-house project, this virtual machine will enforce a safe execution environment for applications and even for legacy systems. The flexibility of the infrastructure permits individual components to be used separately and to be integrated into other systems. Important components include the LLVA instruction set, a run-time library implementing the kernel support functions, compiler modules, development tools, a Just-in-Time (JIT) engine for managing JIT compilation and caching, and the SAFECode compiler for enforcing memory safety for C programs and the kernel. The infrastructure also includes examples of course projects pre-packaged for instructor to use. Beginning with the prototype, major developments consist of modifying the compiler and JIT engine to be able to run without system services, assembling the components into a complete usable system, improving the robustness and performance, and adding usability features such as documentation, auto-configuration, automatic testing, bug tracking, and pre-packaged course projects. The infrastructure aims to enable approaches to intrusion detection and prevention, cross-program information flow, compilation certification, and formal verification of system software. Broader Impacts: This work enables research groups to undertake prohibitively difficult research providing new solutions that tackle hard problems such as insider threats, building scalable secure systems, information provenance, and security and privacy. Moreover, in addition to contributing to train students in the area, the infrastructure facilitates development of new and/or more ambitious course projects and education topics in OS, compiler, architecture, embedded and distributed systems
View original record on NSF Award Search →