Previous | 
Home
Section: New Results
SouthBound results
L4 micro kernels
As part of our investigations about what software architectures were the best candidates to base our Ambient Middleware Stack upon, we studied different micro-kernel operating systems such as CodeZero [33] , OKL4 , and L4/Fiasco. The objective here is to try and quantify the development effort that would be needed before being able to execute a Java application on top of a micro-kernel. These studies included, in addition to a lot of bibliographic research, several technical experiments such as booting each of these various micro-kernel systems in QEmu, as well as on real hardware. We use a BeagleBoard as a representative example of the kind of hardware platforms typically encountered in Ambient Intelligence scenarios.
Virtual machines
In parallel to our study of micro-kernel architectures, we worked on virtual machines as well, in the perspective of bridging the gap between the two. The basic question here is: what does it takes to to cut down a Java virtual machine into pieces so as to run each of these pieces as a separate software component in the system. We ran two actions in order to investigate this question. First, we ported the JamVM virtual machine to run on top of the Genode operating system framework [37] . This provided us with better understanding of what are the real requirements of a Java virtual machine in terms of underlying operating systems support. Second, we focused on one particular service of the virtual machine, the garbage collector, and we precisely identified and studied the coupling between this component and all other parts of the virtual machine (bytecode interpreter, scheduler, etc). This work was done as part of a student summer internship (Yann Chevalier, INSA-Lyon 3IF). Removing a garbage collector at runtime, and “plugging in” another one dynamically proved to be vastly harder than expected. Still, this work provided us with great insights about the coupling relationships between different OS components.
HiKoB
Antoine Fraboulet (Amazone team), Guillaume Chelius (D-NET team) and Christophe Braillon (INRIA SED) started a new company called HiKob http://openlab.hikob.com/ in July 2011. HiKoB is a development project following several successful research projects completed these last 6 years at INSA Lyon and INRIA. HiKoB hardware and software products help in building complex, large-scale and distributed applications in the domains of: motion capture, biomechanical study, biologging study, building instrumentation and many more applications targeting wireless sensor network solutions for distributed and embedded measurement. HiKoB business model is built on two major directions: complete solutions for industrial applications and software and hardware tools for research and innovation in the fields of sensor networking and embedded wireless measure. HiKoB is supported by IT-Translation and INSAValor.
Service-Oriented Tainted Object Propagation
Many Java technologies allow the execution of code provided by multiple parties. Service-oriented platforms based on components such as OSGi are good examples of such a scenario. Those extensible component-based platforms are service-oriented, as components may directly interact with each other via the services they provide. However, even robust languages such as Java were not designed to handle safely code interaction between trusted and untrusted parties.
In [38] , we show how basic Java interactions can break encapsulation or execution safety and why the Java security layers' threat coverage is incomplete. We also review flaws in the Java access control design that can allow untrusted code to bypass restrictions by exploiting vulnerabilities in trusted code.
As component-based platforms become more and more integrated to our daily life, we improved our Service-Oriented Tainted Object Propagation technique to find such vulnerabilities and used it on several open-source components to further demonstrate the real exposure that those vulnerabilities bring to the fore.