Amit Levy -- Closing the Loop on Secure Systems Research

Abstract:

Secure system design should be guided by two principles: (1) system security should not impede third-party developers, who are often the main source of innovation, and (2) systems that secure third-party extensions also improve security by reducing the amount of specially-privileged first-party code.

Unfortunately, very few systems today adhere to these principles. This is not merely a result of poor system building. It is hard to design highly extensible systems that are both secure and useful. Moreover, the research community often fails to evaluate novel designs under real-world usage by actual practitioners. As a result, many promising research approaches remain difficult to adopt in practice.

I'll describe Tock, an operating system for microcontrollers we designed with these principles in mind. I'll discuss how we continuously evaluate Tock by engaging with practitioners, and how lessons from practitioners have fed back into the system's design.

Date: 
Tuesday, February 20, 2018 - 4:15pm to 5:15pm
location: 
Gates 463