Issue Muen 1.0, open microkerboard to create highly expensive systems

After eight years of development I saw the light Project release muen 1.0 , developing the selection core ( Separation Kernel ), no errors in the source texts which is confirmed by means of mathematical methods for formal verification of reliability. The kernel is available for the X86_64 architecture and can be used in critical systems requiring an increased level of reliability and guarantees of the absence of failures. The initial texts of the project are written in the tongue of hell and its verified dialect Spark 2014 . Code spreads under the GPLv3 license.

The separation core is a microkerreer that provides an environment for performing isolated components from each other, the interaction of which is toughly regulated by the specified rules. Isolation is based on the use of virtualization extensions Intel VT-x and provides for the protection mechanisms for blocking an organization Hidden communication channels. The core of separation is more minimalistically and static compared to other microinders, which reduces the number of situations capable of leading to the failure.

The kernel is performed in root mode VMX by analogy with a hypervisor, and all other components in non-corrosive VMX mode by analogy with guest systems. Access to equipment is made using Intel VT-D DMA and interrupt remaping, which makes it possible to implement secure PCI device binding to components running muen.

From Muen features there is a support for multi-core systems, nested memory pages ( EPT , Extended Page Tables), MSI ( Message SignalD Interrupts), memory page attribute tables ( Pat , Page Attribute Table). Muen also provides a fixed cycle planner based on the Intel VMX displacing Timer, a compact Runtime, which is not affecting performance, the Crakhov audit system, the static assignment mechanism based on rules, the event processing system and the channels of shared memory for interacting inside the components started.

It is supported on top of MUEN components with a 64-bit machine code, 32- or 64-bit virtual machines, 64-bit applications in ADA and SPARK 2014 languages, virtual machines with Linux and self-sufficient “Unikernel” based on Mirageos.

The main innovations proposed in the release of MUEN 1.0:

/Media reports.