October 27, 2020
A guiding research principle of the Department of Computer Science is the idea, put forth by founder Frederick P. Brooks, Jr., that a computer scientist is a toolsmith, creating resources that enhance the work of others. Sometimes, researchers are surprised by the usefulness of the tools that they build. Associate Professor Donald Porter has seen a research project grow far beyond the parameters of its initial paper.
In 2014, Porter, then a faculty member at Stony Brook University, led the effort to build Graphene, a Linux-compatible library operating system (sometimes referred to as a “unikernel”) that seamlessly and efficiently executed both single and multi-process applications, all while ensuring security isolation of distrusting applications on the same host system. Recent developments in library OS research had demonstrated orders-of-magnitude reduction of memory requirements when compared to running the same single-process applications on an OS kernel in a virtual machine. But prior to Graphene, those security and efficiency benefits had not been extended to multi-process applications, meaning that the library OS framework was unable to execute many commonly used tasks. Graphene addressed this problem by presenting multiple collaborative library OS instances that appeared as a single shared OS.
At its core, Graphene is a project about portability. The goal was to effectively re-deploy software from an older, less secure system onto another more secure and efficient system, while avoiding or limiting compromises that negate the benefits of the new system. This is especially valuable in commercial cloud computing environments, where hardware is shared by multiple unrelated clients, and potential security risks include side channel attacks from other tenants and unwanted access or hardware damage from cloud provider employees. Furthermore, some environments utilize security protocols that require code modification for applications to run.
At the time, Graphene was a research prototype. While it had promise, it lacked the robustness needed for widespread adoption. But the project showed enough promise to attract attention from Intel, who wanted to use it with CPUs running Intel’s new Software Guard Extensions (SGX). Intel SGX hardware enables an application to protect itself from a malicious OS or cloud hypervisor by creating secure enclaves within RAM that are invisible to both the user and a potential attacker, but many potential users were discouraged by the perception that Linux code would need to be heavily modified in order to run efficiently on SGX. With help from Intel, Porter and his collaborator Chia-Che Tsai, a then-doctoral student who is now an assistant professor at Texas A&M University, ported Graphene to SGX, creating a version of the OS that would enhance the security benefits of SGX and allow unmodified Linux code to run on it with minimal performance overhead.
Graphene started as a research prototype for Porter’s group and was maintained for some time by a two-person team during spare time, but since being published for SGX, it has rapidly been expanded for a number of new uses and features and grown to the point that Intel, Golem, and Invisible Things Lab have dedicated resources and developer effort to make the project into production quality software. In 2018, a working group was formed to organize the development and build a contributors’ community. The developers are currently working on integrations for platform-as-a-service products like Docker and languages like Go and Java, as well as support for Microsoft Windows as a host. Thanks to support from the broader open source community, Porter envisions Graphene being ready for mainstream use as early as this year.