|Tock: a secure embedded operating system|
|By Thom Holwerda on 2017-11-08 23:09:21|
Tock is an embedded operating system designed for running multiple concurrent, mutually distrustful applications on Cortex-M based embedded platforms. Tock's design centers around protection, both from potentially malicious applications and from device drivers. Tock uses two mechanisms to protect different components of the operating system. First, the kernel and device drivers are written in Rust, a systems programming language that provides compile-time memory safety, type safety and strict aliasing. Tock uses Rust to protect the kernel (e.g. the scheduler and hardware abstraction layer) from platform specific device drivers as well as isolate device drivers from each other. Second, Tock uses memory protection units to isolate applications from each other and the kernel.
|By The123king on 2017-11-10 08:21:24|
A die shrink will improve performace. you never want to be an early adopter to a new microarchitecture! |
Edited 2017-11-10 08:22 UTC
|- Score: 0|
|RE: I'll wait.|
|By JLF65 on 2017-11-10 18:20:33|
|This isn't about a processor, it's about an OS for the cheap ARM chips that power nearly any embedded device these days.|
|- Score: 3|
|Comment by Megol|
|By Megol on 2017-11-12 19:01:34|
I find it a bit frightening that someone working on an OS can write: |
"Tock’s architecture is unique in providing isolation in the kernel using a language sandbox"
Perhaps even worse when continuing with:
"Kernel components, like drivers and virtualization layers, are protected from each other with no resource overhead"
Protection using secure languages isn't exactly uncommon.
And language based protection (yes, including that of Rust) isn't free from overheads.
Will still check it out but now with the lingering suspicion that it's written by people with little experience.
|- Score: 2|