Title: System isolation by software/hardware co-design
Abstract: Isolation is an effective approach to building reliable systems from unreliable components. It is hard, if possible, to entirely eliminate bugs from software components; a more practical way is to assume the existence of bugs/vulnerabilities and live with them. This talk will present different ways to do system isolation, including software solutions like a hypervisor, nested virtualization, and same-level isolation, as well as hardware solutions like Intel SGX, AMD SEV, and ARM TrustZone. It will also discuss the tradeoff between isolation and performance, and propose software/hardware co-designed systems to optimize the interaction between isolated domains.
BIO: Yubin Xia is an associate professor of IPADS group, Shanghai Jiao Tong University. His research areas include operating systems, hypervisor, TEE (trusted execution environment), and computer architecture. He leads his team to implement T6, a TEE OS running on ARM TrustZone platform, which has been deployed on hundreds of millions of mobile phones over the world. His current main research interests lie in practical design and implementation for better system isolation as well as performance optimization.