Automated control of hardware and software-based fault isolation
Cashin, Edward Lawrence
MetadataShow full item record
Components are commonly used to rapidly create large software systems. In many such systems, composition of components is done between different groups or vendors. In these cases, reliability of the entire system is threatened by individual components that may not themselves be reliable or trustworthy. In this thesis we present two techniques for protecting trusted applications from the components that extend them, while still maintaining efficient execution. One technique, Memory Access Control Contexts, is our own novel approach to hardware-based fault isolation. We contrast our new technique with a traditional solution, Software Fault Isolation. Recognizing these techniques as complementary, we present an experimental design for the automated selection of the most efficient protection mechanism. Our approach makes the appropriate choice close to 90% of the time on our microbenchmarks.