Viosoft will prepare a feasibility study for Leros; a capability-based extension to the Linux operating systems which we plan to develop to provide access to embedded system resources via unforgeable capabilities. We will describe the methods Leros uses to establish confinement boundary within the non-trusted Linux operating system, and analyze the feasibility of such methods against the resource constraints of typical embedded systems. We will describe methods to implement the software components required to support the operation of a single Leros application on a typical embedded platform. These components will consist of the Leros Memory Manager that prepares capabilities and translates Leros address space, and a Leros Persistence Manager that provides transparent persistence to objects in the Leros address space. We will provide feasibility study of these components, and analyze the consequences of providing persistence and check-pointing services using flash memory instead of disk. Finally, we will describe the overall impact on the confinement properties of Leros processes when they execute on non-trusted operating systems such as Linux. The proposed work in Phase I of our proposal lends itself well to the requirements of Phase II and beyond, wherein we will propose the implementation of a prototype of Leros components necessary to demonstrate a single Leros application providing services to remote clients over USB port. The underlying efforts, when successfully implemented and commercially deployed, will play significant roles in improving the reliability and security for a wide range of embedded systems in the military domains
