I am a Ph.D. candidate at the University of British Columbia in Canada and a member of the Systopia Lab here. My advisor is Prof. Margo Seltzer. I have worked as a software engineer for eight years(Oracle, Arista in Canada and USA) and began my research journey in Jan 2021. In the summer of 2022, I interned at ARM Research, working on seL4 and CHERI capabilities. My primary research interest is in operating systems architecture and security.
Research Projects
If any of this piques your interest, shoot me an email.
Operating Systems have way too many isolation mechanisms, but help is on the way.
After sixty years of operating system evolution, we continue to find new and different isolation mechanisms: threads, processes, containers, virtual machines, lightweight contexts. Even applications provide isolation mechanisms: a JVM is a user-level process that provides isolation units whose API is Java bytecodes; some browsers offer units of isolation between each browser tab.
We ask whether we really need to have N different isolation mechanisms or, instead, we could develop a framework in which all these different mechanisms represent points on a continuum. If we could do that, then perhaps A) we could implement such a unified framework, and B) the framework might allow us to discover new and useful isolation mechanisms (that could be created seamlessly rather than requiring an entirely new implementation).
The project has three main goals:
- Develop a theoretical model or framework to
compare
existing isolation mechanisms. - Identify novel points in the model that are useful, and demonstrate that the sharing and isolation has a spectrum.
- Implement the model in seL4, or any other suitable platform.
Below is an example of how we can view threads, processes, and virtual machines as more isolated than the previous one. This is an evolving diagram, as we are still investigating if the “Security and Performance Guarantees” across any two types of protection domains can be compared.
I gave a lightning(gong) talk at HPTS2022 based on this work. More details available in our Arxiv submission, and SOSP 2023 Poster
Exciting Hardware Features
CHERI is a new ISA extension to enable capabilities in hardware. And Morello is the first silicon to have this ISA extension. I have been looking at how this hardware capability impacts the design of existing capabilities-based microkernels like seL4. This work was done during my internship at ARM Research in the summer of 2022.
Here is a blog post about the work done over that summer www.
Intra-kernel Compartmentalization
Monolithic kernels like Linux, BSD, and Windows are behemoths that share a single address space. Various techniques have been proposed to improve the reliability of these monolithic kernels. We are looking at the state of the art and where it might go next based on new hardware trends.
Publications
- Securing Monolithic Kernels using Compartmentalization
- Soo Yee Lim, Sidhartha Agrawal, Xueyuan Han, David Eyers, Dan O’Keeffe, Thomas Pasquier
- ArXiv
- OSmosis: No more Déjà vu in OS isolation
- Sidhartha Agrawal, Reto Achermann, and Margo Seltzer
- ArXiv
- CHERI-picking: Leveraging capability hardware for prefetching.
- Shaurya Patel, Sidhartha Agrawal, Alexandra Fedorova, and Margo Seltzer.
- 12th Workshop on Programming Languages and Operating Systems (PLOS 2023)
Posters
- OSmosis: Modeling & Building Flexible OS Isolation Mechanisms
- Sidhartha Agrawal, Shaurya Patel, Reto Achermann, and Margo Seltzer
- SOSP 2023 Poster Session
- Submission & Poster
- OSmosis: Modeling & Building Flexible OS Isolation Mechanisms
- Sidhartha Agrawal, Reto Achermann, and Margo Seltzer
- Salmon 2023 Poster Session
- Poster
Talks
- Short talk on OSmosis
- Gong Shoow at HPTS 2022
- Slides (scroll to page 64)
Conferences Attended
- SOSP 2023, Coblenz, Germany
Helped with PC meeting logistics
- seL4 Summit 2023, Minneapolis, MI, USA
- OSDI 2023, Boston, MA, USA
- HPTS 2022, Monterey, California, USA:
Gave a lightning talk on OS isolation mechanisms
- OSDI 2022, San Diego, California, USA
- Hot Carbon 2022, San Diego, California, USA
- SOSP 2021: Virtually
- HotOS 2021: Virtually
Coursework
- CPSC 504: Data Management & DBMS Research www
- CPSC 538A: Operating Systems Design and Implementation using Barrelfish(Audit) www
- CPSC 513: Formal Verification www
- CPSC 538M: Security and Privacy in the Era of Side Channels(Audit) www
- EEL 571S: Techniques for Simulating Novel Hardware Architectures in the Context of OS Research www
- CPSC 508: Graduate Operating Systems www
Contact
- sid[at]sid-agrawal[dot]ca