Lessons from the EROS Experiment
Jonathan Shapiro - Johns Hopkins University
Mar 10, 2004
AbstractEROS is a capability-based operating system that runs on Pentium family processors. Along with the L4 microkernel, EROS is currently one of the two fastest microkernels in the world. EROS is the first high-performance capability system to run on commodity hardware, the first to be based on a decidable formal access model, and the first for which formal verification of higher-level security policies has been successfully completed. Arguably, it is also the first for which enough application code has been built to allow retrospective evaluation of the system's practical strengths and weaknesses.
This talk will give an overview of the EROS architecture, identifying the architectural characteristics that support a high-performance implementation, and discuss how these elements are composed to form applications and system services. The talk then discusses some challenges that the EROS design does *not* overcome, and sketches the intended direction for the success of the EROS system, which is also the successor of L4.
About the SpeakerJonathan Shapiro is an Assistant Professor at Johns Hopkins University.
His research focuses on low-level systems issues, including hypervisors,
operating systems, and supporting tools. In this context, he has also
worked on verifying security properties and checking design rules for
robustness. Before being paroled to academia, he was a recidivist
industrial researcher, serving as a Research Staff Member at IBM\'s T.J.
Watson Laboratories and as a Member of Technical Staff at AT&T Bell
Laboratories. His comments on the state of security assurance practices
have been quoted in the congressional records of both Australia and the
United States, which is either humorous or cause for concern, depending
on your point of view.
Dr. Shapiro is also an entrepreneur. He was a co-founder of HaL computer
systems and served as a turnaround CEO for the Xanadu Operating Company.
He co-created the first commercially deployed compiler for superscalar
microprocessor, and his group at SGI created the PRODEV CASE tool suite
at SGI in the early \'90s, which was the first user-extensible
visualization and performance analysis tool suite and is still in active
The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.