Genode Labs Newsletter - August / September 2015


 1. The Muen Separation Kernel as Genode base platform
 2. Genode OS Framework 15.08 released

 1. The Muen Separation Kernel as Genode base platform

 Separation kernels represent the most extreme form of kernel
 architectures with respect to software complexity. Such kernels
 are designed to partition the underlying hardware platform into a
 static set of domains. In contrast to a microkernel, no dynamic
 management of resources is performed at runtime. Resources like
 memory and CPU time are assigned to the domains at system-
 integration time. On the one hand, the rigidity of this approach
 limits its application areas. On the other hand, it allows the
 kernel to become even less complex than a microkernel, and thereby
 aid its thorough evaluation or even its formal verification.
 This, in turn, makes separation kernels attractive in application
 areas with high-assurance requirements.

 Most separation kernels are proprietary software. However, with
 Muen, there exists an open-source separation kernel for the x86
 architecture. Muen is developed by Codelabs in Switzerland. Apart
 from being open source, it is unique because it is implemented in
 the SPARK programming language, which guarantees the absence of
 implementation bugs like buffer overflows or integer overflows.

 Website of the Muen Separation Kernel:


 Thanks to the close collaboration between the Muen developers and
 our team, the assurance of the Muen separation kernel can now be
 combined with the rich component infrastructure provided by
 Genode. From Genode's perspective, Muen is another architecture
 for our custom base-hw kernel. In fact, with Genode on Muen, a
 microkernel-based system is running within the static boundaries
 of one Muen partition. This way, the component isolation enforced
 by the base-hw kernel and the static isolation boundaries enforced
 by Muen form two lines of defense for protecting security-critical
 system functions from untrusted code sandboxed within a Genode

 2. Genode OS Framework 15.08 released

 Whereby the added support for the Muen separation is the flagship
 feature of Genode 15.08, the August release brings a vast number
 of improvements across the entire framework.

 Motivated by our increasing use of Genode/NOVA as our day-to-day
 OS, we addressed long-standing shortcomings of the NOVA kernel
 with respect to its kernel-memory management. At the user-facing
 side, the GUI stack became more flexible and versatile, improving
 the interactive usability, introducing tools for monitoring the
 system behavior, and optimizing the graphics performance.

 Furthermore, we enhanced the integration of VirtualBox with
 Genode/NOVA by adding audio input and output, enabling the dynamic
 resizing of guest OS windows, and supporting guest-provided mouse
 pointer shapes.

 These and many more improvements are covered by our detailed
 release documentation:


 About the newsletter

 If you have friends or colleagues who might be interested in our
 projects, we would appreciate you to forward this email. If you
 received this newsletter as a forwarded email, you may subscribe
 to the newsletter here:


 In the case of receiving this newsletter unintended, you can
 cancel your subscription at any time by replying to this email
 with the subject set to "unsubscribe".

 Best regards

 Dr.-Ing. Norman Feske
 Genode Labs

 http://www.genode-labs.com · http://genode.org

 Genode Labs GmbH · Amtsgericht Dresden · HRB 28424 · Sitz Dresden
 Geschäftsführer: Dr.-Ing. Norman Feske, Christian Helmuth

postal address:

  Genode Labs GmbH
  Dammweg 2
  D-01097 Dresden

visiting address:

  Genode Labs GmbH
  Friedrichstr. 26
  D-01067 Dresden


  +49 351 3282613