Paper Title: Highly Secure OS Kernel for SmartNIC Applications

Paper Abstract: Most SmartNIC applications have simple control structures and do not use the advanced features of today’s popular Linux distributions. The result is that the distributions are much larger than needed and run slowly because of unnecessary background activities. The unused features also often add security gaps that are difficult to uncover. Many developers simply handcraft installation every time, orchestrate the solution, and take care of all the updates. However, there is a better way: use a simpler, faster kernel focused on security. An example is seL4, an open-source, high-performance, and high-assurance kernel developed under a community foundation. It has limited features, but most SmartNIC application developers implement the basics on their own anyways. seL4 lets developers create highly integrated SDN solutions that provide networking for hosted virtual machines. It also reduces resource usage and increases security. Working PoC is available now for x86.

Paper Author: Pawel Duleba, Sr Software Engineer, CodiLime

Author Bio: Paweł Duleba is a Sr Software Engineer at Codilime, where he works on low level and embedded system development. His main focus is on DPDK, Linux kernel drivers, and porting applications between hardware platforms. He has participated in several smartNIC projects including integration of smartNICs with the Tungsten Fabric SDN platform and implementation of hardware offloading for 5G infrastructure. He has over fifteen years experience in the embedded and automotive industries working for companies such Motorola and Aptiv. He earned an MSEE from the AGH University of Science and Technology (Cracow, Poland).