Collaborative Research: SaTC: CORE: Small: Improving Decentralized Kernel Patch Ecosystems

协作研究：SaTC：CORE：小型：改善去中心化内核补丁生态系统

• 批准号: 2155213
• 负责人: Zhiyun Qian
• 金额: $ 25万
• 依托单位: University of California-Riverside
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2022
• 资助国家: 美国
• 起止时间: 2022-07-01 至 2025-06-30
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2155213&HistoricalAwards=false
• 关键词: Collaborative; Research; SaTC; CORE; Small

The objective of this project is to improve the security of open-source operating system (OS) kernels from the supply chain's perspective. As it is extremely costly to develop a brand new OS, a large number of downstream OS kernels are derived from an upstream OS kernel (e.g., Linux) to save development costs. However, this also means that the security of the downstream kernels are dependent on timely patch propagation from the upstream to downstream. The diversity and decentralized nature of downstreams causes delays or even missed upstream patches altogether. Even worse, due to customizations in the downstreams, it is time-consuming to infer which bugs are applicable to downstream and worth patching. Finally, even if they know an upstream vulnerability exists in a downstream and a patch is available, it may require additional efforts to port and test upstream patches --- a significant hurdle for many downstream vendors who are wary of breaking things.This project aims to develop a series of automated and novel analyses to reason about patches, bug behaviors, and their impacts. More specifically, the project will include an analysis of upstream patches and infer which ones fix critical bugs; it will automatically infer which downstreams are affected by an upstream bug and what security impact it bears; it will understand whether the corresponding upstream patch can be applied safely and correctly. The results of the project will alleviate the human burden in analyzing, reviewing, and adopting patches. Ultimately, they will improve the security of the entire open-source OS ecosystem.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

该项目的目标是从供应链的角度提高开源操作系统（OS）内核的安全性。由于开发一个全新的操作系统成本极高，因此大量的下游操作系统内核都是从上游操作系统内核（例如Linux）衍生而来，以节省开发成本。然而，这也意味着下游内核的安全依赖于补丁从上游到下游的及时传播。下游的多样性和分散性会导致延迟，甚至完全错过上游补丁。更糟糕的是，由于下游的定制，推断哪些错误适用于下游并且值得修补是非常耗时的。最后，即使他们知道下游存在上游漏洞并且有可用的补丁，也可能需要额外的努力来移植和测试上游补丁——这对于许多担心破坏事物的下游供应商来说是一个重大障碍。该项目的目标开发一系列自动化的新颖分析来推理补丁、错误行为及其影响。更具体地说，该项目将包括对上游补丁的分析，并推断哪些补丁修复了关键错误；它会自动推断哪些下游受到上游 bug 的影响以及带来什么安全影响；它将了解相应的上游补丁是否可以安全正确地应用。该项目的结果将减轻分析、审查和采用补丁的人力负担。最终，它们将提高整个开源操作系统生态系统的安全性。该奖项反映了 NSF 的法定使命，并通过使用基金会的智力价值和更广泛的影响审查标准进行评估，被认为值得支持。