Overview

After sixty years of operating systems evolution, we continue to find new and different isolation mechanisms: threads, processes, containers, virtual machines, lightweight contexts. Even applications provide isolation mechanisms: a JVM is a user-level process that provides isolation units whose API is Java bytecodes; some browsers offer units of isolation between each browser tab.

We ask whether we really need to have N different isolation mechanisms or whether instead, we could develop a framework in which all these different mechanisms represent points on a continuum. If we could do that, then perhaps

• We could implement such a unified framework
• The framework might allow us to discover new and useful isolation mechanisms (that could be created seamlessly rather than requiring an entirely new implementation)

The project has three main goals:

• Develop a theoretical model or framework to unify existing isolation mechanisms
• Identify novel points in the model that are useful
• Implement the model in seL4