BIB-VERSION:: CS-TR-v2.0 ID:: ncstrl.dartmouthcs//TR96-287 ENTRY:: June 01, 1996 ORGANIZATION:: Dartmouth College, Computer Science TITLE:: Implementation and Analysis of Software Based Fault Isolation TYPE:: Technical Report (paper) REVISION:: 1 AUTHOR:: Silver, Scott M. DATE:: June 1996 RETRIEVAL:: For a paper copy, email RETRIEVAL:: For a paper copy, write to Technical Report Librarian Department of Computer Science Dartmouth College 6211 Sudikoff Laboratory Hanover, NH 03755-3510 USA RETRIEVAL:: Compressed Postscript at http://www.cs.dartmouth.edu/reports/TR96-287.ps.Z RETRIEVAL:: PDF at http://www.cs.dartmouth.edu/reports/TR96-287.pdf ABSTRACT:: Extensible applications rely upon user-supplied, untrusted modules to extend their functionality. To remain reliable, applications must isolate themselves from user modules. One method places each user module in a separate address space (process), which uses hardware virtual memory support to isolate the user process. Costly inter-process communication, however, prohibits frequent communication between the application and the untrusted module. We implemented and analyzed a software method for isolating an application from user modules. The technique uses a single address space. We provide a logical address space and per-module access to system resources for each module. Our software technique is a two-step process. First, we augment a module's code so that it cannot access any address outside of an assigned range. Second, we prevent the module from using system calls to access resources outside of its fault domain. This method for software isolation has two particular advantages over processes. First, for frequently communicating modules, we significantly reduce context switch time. Thus, we demonstrate near-optimal inter-module communication using software fault isolation. Second, our software-based techniques provide an efficient and expedient solution in situations where only one address space is available (e.g., kernel, or a single-address-space operating system). NOTE:: A Senior Undergraduate Honors Thesis in Computer Science. END:: ncstrl.dartmouthcs//TR96-287