# Incremental Path Towards a Safe OS Kernel

* Recent progress towards kernel safety&#x20;
  * ![](https://2097630930-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MVORxAomcgtzVVUqmws%2Fuploads%2F5on12EVHAs3TqF99A7Fm%2Fimage.png?alt=media\&token=17e0543b-daa0-4069-a6cc-84923308a2ad)
* How can we make incremental progress towards a safer Linux?&#x20;
* Linux vulnerabilities&#x20;
  * Increasing number of vulnerabilities each year
  * Each stable components contain many latent bugs&#x20;
* Steps towards a safer OS kernel
  * Approach: incremental benefit for incremental work, improve safety on a **module by module basis**&#x20;
    * Modulization&#x20;
      * Enable incremental development and replacement of kernel modules&#x20;
      * Necessary
        * Define abstract, implementation-independent interfaces
        * Develop tools to identify interfaces and automate the process&#x20;
        * Anticipate and mitigate potential performance costs&#x20;
    * Type safety
      * Redesign interfaces to eliminate type errors and unsafe casting&#x20;
    * Ownership safety
      * Prevent memory errors and data races without compromising performance&#x20;
    * Functional correctness&#x20;
      * Remove semantic bugs through module-by-module specifications and proofs&#x20;