Time Protection: the Missing OS Abstraction

Timing channels enable data leakage that threatens the security of computer systems, from cloud platforms to smartphones and browsers executing untrusted third-party code. Preventing unauthorised information flow is a core duty of the operating system, however, present OSes are unable to prevent timing channels. We argue that OSes must provide time protection in addition to the established memory protection. We examine the requirements of time protection, present a design and its implementation in the seL4 microkernel, and evaluate its efficacy as well as performance overhead on Arm and x86 processors

Analysis of drug-drug interactions in Swiss claims data using tizanidine and ciprofloxacin as a prototypical contraindicated combination

BACKGROUND: Potential drug-drug interactions (pDDIs) are described in various case reports, but few studies have evaluated the impact of specific combinations on a population level. OBJECTIVE: To analyze the type and frequency of multiple contraindicated (X-pDDIs) and major interactions (D-pDDIs) and to subsequently assess the impact of the particular combination of tizanidine and ciprofloxacin on outpatient physician visits and hospitalizations. METHODS: Anonymized Swiss claims data from 524 797 patients in 2014-2015 were analyzed. First, frequencies of X- and D-pDDIs were calculated. Next, a retrospective cohort study was conducted among patients prescribed tizanidine and ciprofloxacin (exposed, n = 199) or tizanidine and other antibiotics (unexposed, n = 960). Hospitalizations and outpatient physician visits within 7, 14, and 30 days after initiation of antibiotic therapy were evaluated using multiple binary logistic regression and multiple linear regression. RESULTS: The relative frequencies of X- and D-pDDIs were 0.4% and 6.65%, respectively. In the cohort study, significant associations between exposure to tizanidine and ciprofloxacin and outpatient physician visits were identified for 14 and 30 days (odds ratio [OR] = 1.61 [95% CI = 1.17-2.24], P = 0.004, and OR = 1.59 [95% CI = 1.1-2.34], P = 0.016). A trend for increased risk of hospitalization was found for all evaluated time periods (OR = 1.68 [95% CI = 0.84-3.17], OR = 1.52 [95% CI = 0.63-3.33], and OR = 2.19 [95% CI = 0.88-5.02]). CONCLUSION and RELEVANCE: The interaction between tizanidine and ciprofloxacin is not only relevant for individual patients, but also at the population level. Further investigation of the impact of other clinically relevant DDIs is necessary to improve patient safety and reduce avoidable health care utilization

Beyond isolation: OS verification as a foundation for correct applications

Verified systems software has generally had to assume the correctness of the operating system and its provided services (like networking and the file system). Even though there exist verified operating systems and file systems, the specifications for these components do not compose with applications to produce a fully verified high-performance software stack. In this position paper, we lay out our vision for what it would look like to have a verified OS with verified applications, all with good multi-core performance. We’ve explored a part of the verification by proving a page table correct already, but the larger goal is to lay out a vision for an ambitious project that supports an application verified from its high-level specification down to the hardware