Title: Safe execution of untrusted applications on embedded network processors

Authors: Herbert Bos, Bart Samwel, Mihai Cristea, Kostas Anagnostakis

Addresses: Vrije Universiteit Amsterdam, The Netherlands. ' Aia Software, The Netherlands. ' Universiteit van Amsterdam, The Netherlands. ' Institute for Infocomm Research, Singapore

Abstract: This paper summarises research conducted in 2002 on the programmability of network processors. Controlling the function of embedded network processor systems has so far been confined to simple configuration languages while full programmability is available only to trusted system-level programmers. In this paper, we enable the safe execution of untrusted code on IXP network processors. We extend techniques used in extensible OS kernels, adapting them to the characteristics of network processing to produce a restricted execution model trading off some flexibility for robustness, yet enabling a wide range of low-level applications not presently possible.

Keywords: network processors; open kernels; embedded systems; security; untrusted applications; programmability.

DOI: 10.1504/IJES.2008.022399

International Journal of Embedded Systems, 2008 Vol.3 No.4, pp.294 - 303

Published online: 03 Jan 2009 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article