BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//CERN//INDICO//EN
BEGIN:VEVENT
SUMMARY:MirageOS: clean-slate library operating system with minimal truste
 d code base
DTSTART;VALUE=DATE-TIME:20190328T130000Z
DTEND;VALUE=DATE-TIME:20190328T140000Z
DTSTAMP;VALUE=DATE-TIME:20190320T122121Z
UID:indico-event-800623@indico.cern.ch
DESCRIPTION:The MirageOS project develops single-purpose operating systems
  targeting hypervisors\, also named a unikernel or library operating syste
 m. Each unikernel is specialised at compile-time by the composition of ava
 ilable libraries. There are multiple advantages of MirageOS\, e.g. its tin
 y attack surface - the binary size of a MirageOS unikernel is 4% compared 
 to a UNIX-based operating systems\; less complexity - avoiding process man
 agement\, scheduler\, virtual memory. MirageOS was started in 2008 at Univ
 ersity of Cambridge\, and is written in the functional statically-typed pr
 ogramming language OCaml\, which avoids common attack vectors (spatial and
  temporal memory safety issues such as buffer overflows and use-after-free
 ). In addition\, we are working on common best security practises: cryptog
 raphically signed supply chain\, reproducible builds.\n\nMirageOS unikerne
 ls can be deployed on commodity hypervisor (Xen\, KVM\, FreeBSD BHyve\, Op
 enBSD VMM)\, virtio\, as Linux processes with strict seccomp rules\, on th
 e separation kernel muen.sk\, or on the operating system framework GenodeO
 S that uses a microkernel. The backends\, apart from Xen\, use Solo5 which
  was initially developed with MirageOS in mind.\n\nApart from core Interne
 t Protocols (TCP/IP\, DHCP\, DNS\, HTTP)\, security protocols (TLS\, OpenP
 GP\, OTR)\, and branchable distributed storage (implementing the git proto
 col) for persistency\, we are developing several applications:\n\n\n	Calen
 dar and address book (CalDAV/CardDAV) storing data in a remote git reposit
 ory\n	EMail (MIME encoding/decoding\, SMTP\, IMAP)\n	Firewall (currently m
 ainly for QubesOS)\n	OpenVPN gateway\n\n\nOther applications and libraries
  are available in various states of development - from unreleased to matur
 e. MirageOS is a collection of OCaml libraries\, currently around 150\, of
  which nearly all MirageOS libraries and tooling is released under MIT/ISC
 /BSD 2 clause licenses\, and freely available.\n\nSome MirageOS libraries 
 (e.g. DNS\, TCP/IP) have been deployed as part of Docker for Mac and Docke
 r for Windows (vpnkit\, etc.) which has millions of users on a daily basis
 .\n\nAbout the speaker\n\nHannes Mehnert researches in several engineering
  areas: from programming languages (such as compiler optimisation visualis
 ation\, type systems) over full functional correctness proofs of object-or
 iented code\, the topic of his PhD dissertation\, development environments
  for dependently typed languages\, to network protocols (TCP/IP) and secur
 ity protocols (TLS\, OTR).\n\nIn his spare time\, Hannes is not only a hac
 ker\, coauthor of a book on indian cuisine and functional programming in J
 avaScript\, but also a barista and likes to travel and repair his recumben
 t bicycle.\n\nSince beginning of 2018\, Hannes works on a non-profit to pu
 t MirageOS into production at robur. He used to be a postdoc at University
  of Cambridge working with the semantics\, systems\, and security group.\n
 \nhttps://indico.cern.ch/event/800623/
LOCATION:CERN 31-3-004 - IT Amphitheatre
URL:https://indico.cern.ch/event/800623/
END:VEVENT
END:VCALENDAR