Pierre Olivier
Lecturer in Computer Architecture
What are your research interests?
My research field is systems software, i.e. low-level software that interact closely with the hardware: operating systems, virtual machine monitors, language runtimes, etc. I have been looking at various aspects of systems software including security, performance/scalability, application compatibility, power consumption, and support for heterogeneous hardware.
What is the focus of your current research?
On the security side me and my team are investigating the concept of software compartmentalisation, a form of defensive programming in which an application is broken down into several isolated pieces of software (compartments) communicating through well-defined and sanitised interfaces. The key idea is that an attacker taking over part of the application through a vulnerability will be confined to the relevant compartment, limiting the damage he/she can cause to the rest of the application. Beyond compartmentalisation, I am also looking at other methods to protect systems software with techniques such as privilege reduction, diversification, or the use of safer programming languages.
Set aside security, I am also interested in the issue of application compatibility in custom operating systems (OSes). When building a custom OS from scratch one issue is that it is very hard to provide compatibility with existing applications, which is nonetheless something crucial to show early performance numbers, to attract users, etc. One way to achieve that is to build a compatibility layer so that the custom OS can run applications built for another mainstream OS (e.g. Linux). My and my team have been investigating how to achieve that efficiently and how to help developers build such compatibility layers with as few engineering effort as possible.
What are some projects or breakthroughs you wish to highlight?
All of my published research papers are in open access, and most of my research artifacts are open source and freely available online.
On the topic of compartmentalisation here are 3 recent projects that are worth checking out:
- FlexOS: FlexOS is an OS allowing users to easily specialise the safety and isolation strategy of an OS at compilation/deployment time, instead of design time. Depending on the configuration, the same FlexOS code can mimic a microkernel with multiple address-spaces, a single-address-space OS with Intel MPK compartments, or many other OS isolation approaches. The paper is available here.
- ConfFuzz: In this work, we study the impact of neglecting compartment interfaces. We define and classify Compartment Interface Vulnerabilities (CIVs), and present ConfFuzz a fuzzer specialised to catch them. Having applied it to 25 popular applications and 36 possible compartment APIs, revealing 629 interface vulnerabilities, we present insights into what makes interfaces vulnerable, and how to make them more resilient when compartmentalising. The paper is available here.
- FlexCap: With FlexCap we propose to explore the benefits brought by hardware capabilities to operating systems’ safety, performance and memory consumption. To that aim we propose to port two operating systems, FlexOS and Unikraft, to the ARM Morello platform, and investigate in that context the two main features provided by capabilities: efficient/scalable compartmentalisation, and safe version of legacy programming languages through pure/hybrid capabilities. The paper is available here.
Regarding the topic of application compatibility in custom OSes, another couple of interesting projects:
- HermiTux: HermiTux is a unikernel: a minimal OS with low memory/disk footprint and sub-second boot time, executing an application within a single address space on top of a hypervisor. Moreover, HermiTux is binary-compatible with Linux: it can run native Linux executables. HermiTux supports multiple compiled (C, C++, Fortran) and interpreted (Python, LUA) languages. It provides binary analysis and rewriting techniques to optimise system call latency and modularise a kernel in the presence of unmodified binaries. It supports statically and dynamically linked programs, different compilers and optimisation levels. HermiTux also provides basic support for multithreading, debugging and profiling. The relevant papers are available here and here.
- Loupe: Loupe can collect data about a set of applications' usage of OS features and analyse that data in order to determine how to build an optimised compatibility layer targeting that set of applications. The paper is available here.
What memberships and awards do you hold/have you held in the past?
- Distinguished Artifact Award, ASPLOS'22 (paper)
- Best Paper Award, SEFM'20 (paper)
- Best Paper Award, VEE'19 (paper)
What is the biggest challenge in Digital Trust and Security now?
In my humble opinion I would say the human factor. Most of the vulnerabilities we see in systems software are due to programming mistakes. More generally things like phishing and weak passwords are also responsible for a lot of breaches.
What real world challenges do you see Digital Trust and Security meeting in the next 25 years?
In my field of research, memory-related vulnerabilities are by far the main source of vulnerabilities. I would expect that issue to be solved in 25 years, through the use of memory safe programming languages and formal verification of software.