Commodity operating system kernels remain monolithic for practical and historical reasons.
All kernel code shares a single address space, executes with elevated processor privileges …

Rust is a promising system programming language that guarantees memory safety at
compile time. To support diverse requirements for system software such as accessing low …

Memory corruption attacks against unsafe programming languages like C/C++ have been a
major threat to computer systems for multiple decades. Various sanitizers and runtime …

Researchers have shown that recent CPU extensions support practical, low-overhead driver
isolation to protect kernels from defects and vulnerabilities in device drivers. With …

Today's software programs are bloating and have become extremely complex. As there is
typically no internal isolation among modules in a program, a vulnerability can be exploited …

The Linux kernel is the backbone of modern society. When a kernel error is discovered, a
quick remediation is needed. Whereas sanitizers greatly facilitate root cause diagnosis …

At design time, modern operating systems are locked in a specific safety and isolation
strategy that mixes one or more hardware/software protection mechanisms (eg user/kernel …

The emergence of verified eBPF bytecode is ushering in a new era of safe kernel
extensions. In this paper, we argue that eBPF's verifier---the source of its safety guarantees …

Robustness is a key concern for Rust library development because Rust promises no risks
of undefined behaviors if developers use safe APIs only. Fuzzing is a practical approach for …

Reasoning about memory aliasing and mutation in software verification is a hard problem.
This is especially true for systems using SMT-based automated theorem provers. Memory …