@inproceedings{hunt2007sealing, author = {Hunt, Galen and Aiken, Mark and Fahndrich, Manuel and Hawblitzel, Chris and Hodson, Orion and Larus, Jim and Levi, Steven and Steensgaard, Bjarne and Tarditi, David and Wobber, Ted}, title = {Sealing OS Processes to Improve Dependability and Safety}, booktitle = {Proceedings of the European Conference on Computer Systems (EuroSys)}, year = {2007}, month = {March}, abstract = {On most modern operating systems, a process is a hardware-protected abstraction for executing potentially mutable code and data. Common features of processes include: dynamic code loading, dynamic code generation, access to cross-process shared memory, and a universal API. This paper argues that many of the dependability and security weaknesses of modern systems are exacerbated by this open process architecture. Moreover, this architecture impairs the ability of tools to analyze code statically, to improve its performance or dependability. By contrast, a sealed process architecture prohibits dynamic code loading, prohibits self-modifying code, prohibits shared memory, and replaces a universal API with a process-limited API. This paper describes an implementation of a sealed process architecture in the Singularity operating system, discusses its merits, and evaluates its impact. Among the benefits are: improved static program analysis, strong security guarantees, elimination of OS redundancies found in language runtimes such as the JVM and CLR, and better software engineering.}, publisher = {Association for Computing Machinery, Inc.}, url = {http://approjects.co.za/?big=en-us/research/publication/sealing-os-processes-to-improve-dependability-and-safety/}, edition = {Proceedings of the European Conference on Computer Systems (EuroSys)}, }