EsseOS: Haskell-based tailored services for the cloud

Cloud computing offers a pay-per-use model and elasticity for hosted applications. The latter demands for decomposing an application into services, where each of them is executed by dedicated virtual machines. Typically, off-the-self operating systems (e.g., Linux) and managed runtime support (e.g., Java) are utilized thereby causing an unnecessary huge code base, resulting in a rather large attack surface. To address these problems, we present EsseOS, a platform for tailoring services as well as their associated runtime environment. EsseOS aims at reducing the attack surface by adapting the entire software stack that runs in a virtual machine to capture only the functionally essentially needed. This is achieved by following a clean-slate approach leveraging the advantages of Haskell, a functional programming language. We structure our software to be reconfigurable to remove unnecessary parts while still ensuring correct interaction between features by relying on Haskell's advanced type system. Initial results indicate an order of magnitude smaller code base for a tailored version of both Memcached and its execution environment compared to the original C-based version running on top of Linux.

[1]  Meng Wang,et al.  Aspect-oriented programming with type classes , 2007, FOAL.

[2]  Wolfgang Schröder-Preikschat,et al.  KESO: an open-source multi-JVM for deeply embedded systems , 2010, JTRES '10.

[3]  Thomas Leich,et al.  FeatureIDE: A tool framework for feature-oriented software development , 2009, 2009 IEEE 31st International Conference on Software Engineering.

[4]  Conor McBride Faking it: Simulating dependent types in Haskell , 2002, J. Funct. Program..

[5]  Jon Crowcroft,et al.  Unikernels: library operating systems for the cloud , 2013, ASPLOS '13.

[6]  Wolfgang Schröder-Preikschat,et al.  Attack Surface Metrics and Automated Compile-Time OS Kernel Tailoring , 2013, NDSS.

[7]  Wolfgang Schröder-Preikschat,et al.  AspectC++: an aspect-oriented extension to the C++ programming language , 2002 .

[8]  James R. Larus,et al.  Singularity: rethinking the software stack , 2007, OPSR.

[9]  Donald E. Porter,et al.  Rethinking the library OS from the top down , 2011, ASPLOS XVI.

[10]  Bruno C. d. S. Oliveira,et al.  EffectiveAdvice: disciplined advice with explicit effects , 2010, AOSD.

[11]  Chiyan Chen,et al.  Combining programming with theorem proving , 2005, ICFP '05.

[12]  Edwin Brady,et al.  IDRIS ---: systems programming meets full dependent types , 2011, PLPV '11.

[13]  Wolfgang Schröder-Preikschat,et al.  The Aspect-Aware Design and Implementation of the CiAO Operating-System Family , 2012, LNCS Trans. Aspect Oriented Softw. Dev..

[14]  João Saraiva,et al.  Designing and Implementing Combinator Languages , 1998, Advanced Functional Programming.

[15]  Wolfgang Schröder-Preikschat,et al.  A quantitative analysis of aspects in the eCos kernel , 2006, EuroSys.

[16]  Wolfgang Schröder-Preikschat,et al.  Revealing and repairing configuration inconsistencies in large-scale system software , 2012, International Journal on Software Tools for Technology Transfer.

[17]  Brad Fitzpatrick,et al.  Distributed caching with memcached , 2004 .

[18]  Michael Norrish,et al.  seL4: formal verification of an OS kernel , 2009, SOSP '09.

[19]  Mark P. Jones,et al.  A principled approach to operating system construction in Haskell , 2005, ICFP '05.

[20]  Werner Vogels,et al.  Dynamo: amazon's highly available key-value store , 2007, SOSP.

[21]  Michael Haupt,et al.  Maxine: An approachable virtual machine for, and in, java , 2013, TACO.