drawing

I am a Ph.D. candidate at the University of British Columbia in Canada and a member of the Systopia Lab here. My advisor is Prof. Margo Seltzer. I have worked as a software engineer for eight years(Oracle, Arista in Canada and USA) and began my research journey in Jan 2021. In the summer of 2022, I interned at ARM Research, working on seL4 and CHERI capabilities. My primary research interest is in operating systems architecture and security.

Research Projects

If any of this piques your interest, shoot me an email.

Operating Systems have way too many isolation mechanisms, but help is on the way.

After sixty years of operating system evolution, we continue to find new and different isolation mechanisms: threads, processes, containers, virtual machines, lightweight contexts. Even applications provide isolation mechanisms: a JVM is a user-level process that provides isolation units whose API is Java bytecodes; some browsers offer units of isolation between each browser tab.

We ask whether we really need to have N different isolation mechanisms or, instead, we could develop a framework in which all these different mechanisms represent points on a continuum. If we could do that, then perhaps A) we could implement such a unified framework, and B) the framework might allow us to discover new and useful isolation mechanisms (that could be created seamlessly rather than requiring an entirely new implementation).

The project has three main goals:

Below is an example of how we can view threads, processes, and virtual machines as more isolated than the previous one. This is an evolving diagram, as we are still investigating if the “Security and Performance Guarantees” across any two types of protection domains can be compared.

image

I gave a lightning(gong) talk at HPTS2022 based on this work. More details available in our Arxiv submission, and SOSP 2023 Poster

Exciting Hardware Features

CHERI is a new ISA extension to enable capabilities in hardware. And Morello is the first silicon to have this ISA extension. I have been looking at how this hardware capability impacts the design of existing capabilities-based microkernels like seL4. This work was done during my internship at ARM Research in the summer of 2022.

Here is a blog post about the work done over that summer www.

Intra-kernel Compartmentalization

Monolithic kernels like Linux, BSD, and Windows are behemoths that share a single address space. Various techniques have been proposed to improve the reliability of these monolithic kernels. We are looking at the state of the art and where it might go next based on new hardware trends.

Publications

Posters

Talks

Conferences Attended

Coursework

Contact