Catalog Description
Current research and research trends in system-level software such as compilers and operating systems. Forum for presentation and criticism by students of new published research and work in progress. Prerequisites: undergraduate degree in computer science or CS 142 and 143. May be taken for credit four times.
This Edition of the Course
This quarter's course will be quite security centric, because this is where much of the "action" in compilers and operating systems is currently focused. Other major themes will be virtualization and parallelism.
Logistics
Class meets every Wednesday at 3pm in CS 253. All students are expected to attend all seminars (attendance will be taken). Every student is expected to give at least one presentation in class. Students will be graded on (a) their presentation in class and (b) their participation in class discussions.
Preliminary Schedule (will be updated as quarter proceeds)
| Week |
Date |
Topic |
Materials to Read |
| 1 |
October 1st |
Introduction and Organization |
|
| 2 |
October 8th |
Trusted Computing Base Minimization |
Jonathan M. McCune, Adrian Perrig, Arvind Seshadri, and Leendert van Doorn. Turtles All the Way Down: Research Challenges in User-Based Attestation. USENIX Workshop on Hot Topics in Security (HotSec '07)
Jonathan M. McCune, Bryan Parno, Adrian Perrig, Michael K. Reiter, and Hiroshi Isozaki. Flicker: An Execution Infrastructure for TCB Minimization. The European Conference on Computer Systems (EuroSys), April 2008.
Jonathan M. McCune, Bryan Parno, Adrian Perrig, Michael K. Reiter and Arvind Seshadri. How Low Can You Go? Recommendations for Hardware-Supported Minimal TCB Code Execution. Architectural Support for Programming Languages and Operating Systems (ASPLOS), March 2008. |
| 3 |
October 15th |
Virtualization-Based Protection |
Xiaoxin Chen, Tal Garfinkel, E. Christopher Lewis, Pratap Subrahmanyam, Carl A. Waldspurger, Dan Boneh, Jeffrey Dwoskin, Dan R.K. Ports. Overshadow: A Virtualization-Based Approach to Retrofitting Protection in Commodity Operating Systems. Architectural Support for Programming Languages and Operating Systems (ASPLOS 2008), March 2008.
Dan R.K. Ports and Tal Garfinkel. Towards Application Security on Untrusted Operating Systems. USENIX HotSec 2008, July 2008.
Jim Chow, Tal Garfinkel, and Peter M. Chen. Decoupling Dynamic Program Analysis from Execution in Virtual Environments. USENIX 2008 Annual Conference (Best Paper), June 2008. |
| 4 |
October 22nd |
Parallelizing Security Checks |
Milind Chabbi. Efficient Taint Analysis Using Multicore Machines. Master's Thesis, University of Arizona, June 2007. Also see PowerPoint presentation.
Edmund B. Nightingale, Daniel Peek, Peter M. Chen, Jason Flinn. Parallelizing security checks on commodity hardware. Architectural Support for Programming Languages and Operating Systems (ASPLOS 2008), March 2008. |
| 5 |
no class |
|
|
| 6 |
November 5th |
The Asbestos Operating System |
Maxwell Krohn, Petros Efstathopoulos, Cliff Frey, Frans Kaashoek, Eddie Kohler, David Mazières, Robert Morris, Michelle Osborne, Steve VanDeBogart and David Ziegler. Make Least Privilege a Right (Not a Privilege). 10th Workshop on Hot Topics in Operating Systems, June 2005.
Steve VanDeBogart, Petros Efstathopoulos, Eddie Kohler, Maxwell Krohn, Cliff Frey, David Ziegler, Frans Kaashoek, Robert Morris, and David Mazières. Labels and Event Processes in the Asbestos Operating System. ACM Transactions on Computer Systems, December 2007. Also see earlier SOSP 2005 Version.
Petros Efstathopoulos and Eddie Kohler. Manageable Fine-Grained Information Flow. The European Conference on Computer Systems (EuroSys), April 2008. |
| 7a |
November 12th |
The HiStar Operating System |
Nickolai Zeldovich, Silas Boyd-Wickizer, Eddie Kohler, and David Mazières. Making information flow explicit in HiStar. In Proceedings of the 7th Symposium on Operating Systems Design and Implementation, November 2006.
Nickolai Zeldovich, Silas Boyd-Wickizer, and David Mazières. Securing distributed systems with information flow control. 6th USENIX Symposium on Networked Systems Design and Implementation, April 2008. |
| 7b |
|
Process Coloring Approaches |
Xuxian Jiang, Florian Buchholz, Aaron Walters, Dongyan Xu, Yi-Min Wang, and Eugene H. Spafford. Tracing Worm Break-In and Contaminations via Process Coloring: A Provenance-Preserving Approach. IEEE Transactions on Parallel and Distributed Systems, July 2008. |
| 8 |
November 19th |
Java Information Flow Control Based Approaches |
Boniface Hicks, Kiyan Ahmadizadeh, and Patrick McDaniel, Understanding Practical Application Development in Security-typed Languages. 22st Annual Computer Security Applications Conference (ACSAC), December 2006.
Boniface Hicks, Sandra Rueda, Trent Jaeger, and Patrick McDaniel. From Trusted to Secure: Building and Executing Applications that Enforce System Security. Proceedings of the USENIX Annual Technical Conference, June 2007.
Boniface Hicks and Patrick McDaniel. Channels: Runtime System Infrastructure for Security-typed Languages. 23rd Annual Computer Security Applications Conference (ACSAC), December 2007.
William Enck, Patrick McDaniel, and Trent Jaeger. PinUP: Pinning User Files to Known Applications. Proceedings of the 24th Annual Computer Security Applications Conference (ACSAC), December 2008. |
| 9a |
November 26th |
Checkpointing |
Stuart I. Feldman and Channing B. Brown. IGOR: a system for program debugging via reversible execution. 1988 ACM SIGPLAN and SIGOPS workshop on parallel and distributed debugging, pp. 112 - 123.
James S. Plank, Micah Beck, Gerry Kingsley, and Kai Li. Libckpt: Transparent Checkpointing under Unix. Usenix Winter 1995 Technical Conference, New Orleans, LA, January, 1995, pp. 213--223.
Daniel J. Sorin, Milo M. K. Martin, Mark D. Hill, David A. Wood. SafetyNet: improving the availability of shared memory multiprocessors with global checkpoint/recovery. 29th annual international symposium on Computer architecture (ISCA '02), pp.123 - 134. |
| 10 |
December 3rd |
The Singularity Operating System |
Galen C. Hunt, James R. Larus, Martín Abadi, Mark Aiken, Paul Barham, Manuel Fähndrich, Chris Hawblitzel Orion Hodson, Steven Levi, Nick Murphy, Bjarne Steensgaard, David Tarditi, Ted Wobber, and Brian Zill. An Overview of the Singularity Project. Microsoft Research Technical Report MSR-TR-2005-135, Microsoft Corporation, Redmond, WA, October 2005.
Manuel Fähndrich, Mark Aiken, Chris Hawblitzel, Orion Hodson, Galen C. Hunt, James R. Larus, and Steven Levi. Language Support for Fast and Reliable Message-based Communication in Singularity OS. EuroSys2006, pp. 177-190. Leuven, Belgium, April 2006. ACM SIGOPS. Best paper award.
Michael Spear, Tom Roeder, Orion Hodson, Galen Hunt, and Steven Levi. Solving the Starting Problem: Device Drivers as Self-Describing Artifacts. EuroSys2006, pp. 45-58. Leuven, Belgium, April 2006. ACM SIGOPS.
Mark Aiken, Manuel Fähndrich, Chris Hawblitzel Galen C. Hunt, and James R. Larus. Deconstructing Process Isolation. ACM SIGPLAN Workshop on Memory Systems Correctness and Performance (MSPC 2006) at ASPLOS 2006, San Jose, CA, October 2006.
Galen Hunt, Mark Aiken, Fähndrich, Chris Hawblitzel, Orion Hodson, James Larus, Steven Levi, Bjarne Steensgaard, David Tarditi, and Ted Wobber. Sealing OS Processes to Improve Dependability and Safety. EuroSys 2007, pp. 341-354, Lisbon, Portugal, March 2007.
Ted Wobber, Aydan Yumerefendi, Martín Abadi, Andrew Birrell, and Dan Simon. Authorizing Applications in Singularity. EuroSys 2007, pp. 355-368, Lisbon, Portugal, March 2007.
Galen Hunt and James Larus. Singularity: Rethinking the Software Stack. Operating Systems Review, Vol. 41, Iss. 2, pp. 37-49, April 2007. |
|
