TockWorld 7

June 26-28, 2024
San Diego, CA

Register to Attend!

Agenda

  1. June 26th - Contributors Day
  2. June 27th - Conference
  3. June 28th - Tutorials

Contributor’s Day (June 26, 2024)

The first day is intended for current and future contributors to the Tock project to have in-depth discussions focused on the development of the Tock kernel, the Tock application runtime, and other projects in the Tock ecosystem. This will feature talks about new experimental Tock features, discussions on future Tock designs, and work on prototyping new features.

The discussions will be highly technical and Tock-specific. If that resonates with you, please plan to attend!

If you would like to add something to contributors day, please reach out to the TW7 organizers (Pat, Brad, & Amit).

Contributor's Day Agenda
  1. Topic

    Time

    Room

    Speaker

  2. Breakfast

    8:10

    1244

  3. Welcome & Introductions

    Pat Pannuto

    UC San Diego

    9:00

    1242

  4. The State of Tock

    Pat Pannuto

    UC San Diego

    9:15

    1242

  5. Working Group Reports

    9:45

    1242

    Reports from working groups
    • Core, Amit Levy
    • Networking, Branden Ghena
    • OpenTitan, [tbd]
    • Documentation, Brad Campbell
    • Other sub-projects (libtock-c, rs, etc)
  6. Coffee Break / Schedule Catch-up

    10:40

    1244

  7. Kernel Size and Panic Mitigation

    Hudson Ayers

    Cruise

    11:00

    1242

  8. Using C code securely

    Leon Schuermann

    Princeton

    11:30

    1242

  9. Lunch break

    12:00

    Courtyard

  10. Teaching, Documentation and Support Discussion

    Branden Ghena

    Northwestern

    13:00

    1242

  11. Follow up from TockWorld 6

    Brad Campbell

    UVA

    13:30

    1242

  12. Breakout: Vision and Future Developments (1)

    14:00

    1241, 1242, 1244, 1202

  13. Breakout: Vision and Future Developments (2)

    15:00

    1241, 1242, 1244, 1202

  14. Tock Governance Planning

    Amit Levy

    Princeton

    16:00

    1242

  15. Wrap-up

    Pat Pannuto

    UC San Diego

    16:45

    1242

Conference (June 27th 2024)

Day two will feature a more general program focused around Tock, root of trust, and secure embedded devices. All who are interested in Tock and security-focused operating systems are invited to attend.

Conference Day Agenda
  1. Topic

    Time

    Room

    Speaker

  2. Breakfast

    8:10

    1244

    Light, continental breakfast (yogurt, parfait, bagels, and similar fare)

  3. Welcome & Opening Remarks

    Pat Pannuto

    UC San Diego

    8:45

    1242

  4. Keynote

    Florian Gilcher

    Ferrous Systems

    9:00

    1242

  5. Coffee Break

    10:00

    1244

  6. Porting Tock to x86 for Pluton

    Bobby Reynolds & Gustavo Scotti

    Microsoft

    10:15

    1242

    Pluton is a root-of-trust technology jointly developed by Microsoft and various SoC partners. It is essentially a purpose-built security processor embedded directly within the SoC die. The SoC partners have some flexibility in dictating how the Pluton core is implemented, however Microsoft owns the firmware and has chosen to use Tock OS as a common platform for (nearly) all Pluton firmware deliverables.

    One of our SoC partners has chosen to implement Pluton using an embedded-class x86 core. To support this platform, our team created a port of Tock OS for the x86 architecture. This allowed us to easily port the rest of our Pluton logic, which lives in a usermode app, to the new platform with virtually zero code changes.

    This talk dives into the technical aspects of our x86 port, including interrupt handling, memory management, the syscall interface, and emulation. We will also touch on some of the pain points we encountered and some

  7. Running Tock OS on WebAssembly

    Irina Nita

    OxidOS Automotive

    11:15

    1242

    In addition to Cortex-M and RISC-V chips, TockOS can now run on WebAssembly. Developing the kernel can be done with little to no setup, by running and debugging the operating system in a sandbox on your machine.

    The chip implementation provides the low-level drivers for peripherals like GPIO, UART and timers, which is possible due to the interoperability of the WebAssembly modules. Since hardware peripherals are not available, their state, which would usually be retrieved from memory-mapped registers, is updated through a WebSocket-based protocol written in TypeScript. Running libtock applications is done by emulating the Cortex-M4 architecture using Unicorn.js (WASM reimport of the Unicorn CPU Emulator written in C). Developers can debug the WASM kernel through the Node.js Debugger, and the applications through a GDB Stub for Unicorn, written in TypeScript.

  8. Lunch

    12:15

    Courtyard

  9. Bringing Tock to CHERI

    Lawrence Esswood

    Google

    13:15

    1242

    CHERI is a set of ISA extensions (with implementations on RISC-V, MIPS, armv8, and more) that add hardware enforced capabilities. These can be utilised by operating systems not just to provide an alternative access control mechanism (instead of an MMU or MPU), but also to enforce system-wide safety in a way that these other mechanisms struggle to help. In this presentation, I will talk about my experience bringing Tock to a RISC-V CHERI platform. I will demonstrate how just slight modifications to code (and new hardware) can improve the hardness of the syscall boundary, and give an example of how the kernel and userspace can work together to provide a temporally safe C heap.
  10. Multiplexing Serial Port Messages

    Amalia Camelia Simion

    Wyliodrin

    14:15

    1242

    Design, description, and implementation nuances of the new PacketBuffer mechanism. PacketBuffer allows the appending and prepending of metadata into messages sent on the serial port without re-allocating memory at every prepend/append.

    This talk will also introduce a new GUI app that connects to the board, reads from the serial port, and uses the metadata to filter messages by sender (the process console, debug messages, and each application) and to show them separately in the UI.

  11. Coffee Break

    15:15

    1244

  12. Lightning Talks

    15:30

    1242

    10-15 minute talks on smaller highlights, works-in-progress, future ventures, or other subjects of interest
    • Encapsulated Functions, Leon Schuermann, Princeton
    • OpenThread, Tyler Potyondy, UC San Diego
    • Dynamic Application Loading, TBD, UVA
    • Reverse Engineering & Securing an Insulin Pump, Alex Bellon, UC San Diego
    • [open slot]
  13. Teaching Embedded Systems with Tock

    Alexandru Radovici

    Politehnica University of Bucharest

    15:10

    1242

    We have been teaching an embedded undergraduate course using Rust as the programming language. This talk wants to point out the strength of Tock compared to alternative Rust systems and why we think it might be better for education. We also propose a number of modifications, which we are already working on, that would make Tock a excellent choice for teaching embedded courses.
  14. Closing Remarks

    Pat Pannuto

    UC San Diego

    16:45

    1242

  15. Reception & Mixer

    17:00

    Courtyard

    Light hors d'ouvres and refreshments

Tutorials (June 28th, 2024)

This one-day, in-person Tutorial will teach how to use the Tock operating system for secure and reliable embedded systems. The tutorial will provide hands-on experience with three aspects of Tock: the kernel, secure systems, and networking.

Tutorial Day Agenda
Joint
(Livestreamed to both rooms)
Security Track (1242)Networking Track (1202)
8:10Continental Breakfast (1244)
9:00Welcome & Tock Introduction
9:10Computer SetupComputer Setup
9:50Coffee Break (1244)
10:00Secure ElementThread Networking
12:00Lunch Break (1244/Courtyard)
13:00Encapsulated FunctionsRemote Update
14:30Coffee Break (1244)
14:45App signingDevice discovery
16:15Wrap-up and next steps
16:30Event ends — See you next year!