International audienceThis paper presents a framework and implementation guidelines to set up nested compartmentalisation in constrained devices. All memory spaces are protected by the Memory Protection Unit (MPU). Current MPU-based systems offer efficient memory protection but are mostly tied to the fixed permission model provided by their operating system, kernel, hypervisor or by code instrumentation. New use cases evolve with the rise of the Internet of Things (IoT) ecosystems where software components could benefit from locally and dynamically established permissions. This includes a temporary nested subspace with restricted memory access rights. Our framework integrates subspace creation and management for runtime dynamic changes of t...
Pip-MPU is a minimalist separation kernel for constrained devices (scarce memory and power resources...
As computing becomes more pervasive, smart computing devices are increasingly connected. Application...
Small kernels are a promising approach to secure and reliable system construction. These systems red...
International audienceThis paper presents a framework and implementation guidelines to set up nested...
The need to secure software systems is more important than ever. However, while a lot of work exists...
This paper describes Metagap'e, a formally specified family of capability systems capable of re...
Smart devices have spread everywhere in our daily lives, and the capabilities of smart devices equip...
Consumer devices are increasingly being used to perform security and privacy critical tasks. The sof...
Monolithic operating system designs undermine the security of computing systems by allowing single e...
This paper describes a framework that allows fine-grained and flexible access control to connected d...
High-end embedded systems featuring millions of lines of code, with varying degrees of assurance, ar...
International audienceThe Internet of Things (IoT) is here, more than 10 billion units are already c...
Protecting modern computer systems and complex software stacks against the growing range of possible...
With the emergence of the Internet of Things (IoT)technology, devices are becoming more ubiquitous a...
With reference to an embedded system featuring no support for memory management, we present a model ...
Pip-MPU is a minimalist separation kernel for constrained devices (scarce memory and power resources...
As computing becomes more pervasive, smart computing devices are increasingly connected. Application...
Small kernels are a promising approach to secure and reliable system construction. These systems red...
International audienceThis paper presents a framework and implementation guidelines to set up nested...
The need to secure software systems is more important than ever. However, while a lot of work exists...
This paper describes Metagap'e, a formally specified family of capability systems capable of re...
Smart devices have spread everywhere in our daily lives, and the capabilities of smart devices equip...
Consumer devices are increasingly being used to perform security and privacy critical tasks. The sof...
Monolithic operating system designs undermine the security of computing systems by allowing single e...
This paper describes a framework that allows fine-grained and flexible access control to connected d...
High-end embedded systems featuring millions of lines of code, with varying degrees of assurance, ar...
International audienceThe Internet of Things (IoT) is here, more than 10 billion units are already c...
Protecting modern computer systems and complex software stacks against the growing range of possible...
With the emergence of the Internet of Things (IoT)technology, devices are becoming more ubiquitous a...
With reference to an embedded system featuring no support for memory management, we present a model ...
Pip-MPU is a minimalist separation kernel for constrained devices (scarce memory and power resources...
As computing becomes more pervasive, smart computing devices are increasingly connected. Application...
Small kernels are a promising approach to secure and reliable system construction. These systems red...