Although many systems use virtual instruction sets to improve security, portability and productivity, two important classes of software – high performance applications and security-sensitive systems software – are almost universally compiled and shipped as native machine code.
In the VISC project, we are exploring the security, reliability, and performance implications of shipping all such software in virtual instruction set form. We use the LLVM virtual instruction set as the shipping representation of code to enable install-time and run-time compilation of all such software. For operating system security, we have used the VISC approach to develop a system called Secure Virtual Architecture and shown that SVA can be used to provide powerful and novel security guarantees for commodity operating systems such as Linux and FreeBSD. For software reliability, we have shown that we can locate the root causes of software failures in large applications almost fully automatically: we are able to narrow down root causes to just a few (e.g., 2-14) program locations for a wide range of bugs, even in programs with hundreds of thousands of lines of code. We are currently exploring the performance benefits of VISC, focusing on heterogeneous mobile devices and on vector hardware.
In this talk, I will briefly describe the VISC approach and summarize our results on the security and reliability projects. If time permits, I will briefly introduce the ongoing performance research.
The results on Secure Virtual Architecture are from joint work with John Criswell. The results on software fault diagnosis are from joint work with Swarup Sahoo. The ongoing research on performance optimizations is together with Prakalp Srivastava, Maria Kotsifakou, Joshua Cranmer and Will Dietz. This research has been (or is presently) supported by the US National Science Foundation (NSF), the MURI Program of the Department of Defense (DoD), the Office of Naval Research (ONR), the Semiconductor Research Corporation (SRC) and the Defense Advanced Research Projects Agency (DARPA).