WEBVTT

00:00.000 --> 00:11.000
Thank you, thank you. Thanks for the introduction and it's a great pleasure and great honor

00:11.000 --> 00:18.880
to be here again. Yes, this is the last talk of this in the room so it won't be too technical

00:18.880 --> 00:25.200
so don't worry if you are already tired and why talk about this, why trying to do this

00:25.200 --> 00:33.120
perspective? Well, it's really the 15th of the room this year so 15 years depending on

00:33.120 --> 00:42.400
how you counted since Jakubirmar started this tradition in 2012 and there have been some

00:42.400 --> 00:54.160
166 talks by 80 distinct speakers about 45 distinct projects during this the room in

00:54.240 --> 01:02.480
the past 15 years including older unicorns and other friends that we have and 15 years that's

01:02.480 --> 01:10.320
quite a lot of history already I think you know 15 years if your child was this stall now it's

01:10.320 --> 01:17.360
probably graduating from Guy High School right so maybe we should look back well even the world order

01:17.360 --> 01:27.840
can change in such a time so what probably didn't change in all those 15 years I think what

01:27.840 --> 01:35.280
didn't change is the significance of micro kernels and I think that this this audience is

01:35.280 --> 01:42.000
approved to that that we still believe in this idea now different people have different

01:42.960 --> 01:48.560
different reasons to work on micro kernels therefore we have different micro kernels

01:48.560 --> 01:53.680
emerging systems and that's perfectly fine but I would say that if there is one single

01:53.680 --> 02:00.480
underlying common denominator it's the fact that we believe that from this software architecture

02:00.480 --> 02:07.200
the micro kernel approach is just a little bit better than the monolithic approach of course

02:07.200 --> 02:11.760
there's nothing wrong with having lot of features in an operating system but the problem

02:11.760 --> 02:19.680
atic part is when all those features form a single point of failure and I think Norman Fesca

02:19.680 --> 02:28.560
really describe it very nicely 15 years ago using his bull gun shift or castle ship analogy

02:29.920 --> 02:40.640
which I have redrawn using AI like this so you know monolithic systems looks like this beautiful nice

02:41.120 --> 02:48.400
a lot of diversity a lot of features but everything is on this single wooden ship without any

02:48.400 --> 02:54.800
bull to tight bulkheads you know do you really trust this is this really the best way we should

02:54.800 --> 03:02.400
implement our software a different point or different take on this if you if you look on the

03:02.880 --> 03:10.320
size of the Linux kernel binary plus some of the required kernel modules not all of them just

03:10.320 --> 03:17.280
those that are required or not typical the machine you get to something like 150 megabytes of code

03:17.280 --> 03:25.440
and data that's comparable to other monolithic software packages like triple aid games or software

03:25.440 --> 03:34.800
sweets and things like that all right but would you run that in a kernel mode would you allow

03:34.800 --> 03:41.040
would you trust your web browser to directly access your hardware without any any you know

03:41.040 --> 03:50.880
moderation layer I leave the conclusions too so what did change in those 15 years and this is

03:50.880 --> 03:56.560
quite important I think and maybe you might say that I'm overly positive but I really believe this

03:59.760 --> 04:09.120
since 2012 micro kernels are actually in the mainstream now you have multiple real-world operating

04:09.120 --> 04:15.920
systems based on the micro kernel design that are running on millions of smart devices you have

04:16.000 --> 04:24.720
millions of cars running micro kernels as hypervisors you have millions of smart appliances running

04:24.720 --> 04:31.280
micro kernels as the user facing operating system like google fuchsia you have millions of

04:31.280 --> 04:40.640
smartphones a lot of running harmony always next so I think I hope I believe that people are finally

04:41.600 --> 04:50.720
you know forgetting all those unfounded anxieties about micro kernels I mean it's not always ideal

04:50.720 --> 04:57.840
but I think there's some some progress and instead of that they are embracing their true potential

04:57.840 --> 05:05.680
without without worries so we have seen some wonderful demos today already I have just a couple

05:06.560 --> 05:18.000
of snapshots here so this is google nest with google fuchsia this is harmony always next running on

05:19.520 --> 05:28.240
surprisingly not so not so recent but but still very nice Huawei phone so yes this is an actual

05:28.240 --> 05:37.360
micro kernel based operating system with all the user facing goodies you would expect and

05:37.360 --> 05:44.720
actually the framework the RQI if I'm not mistaken is the same that that has been previously used

05:44.720 --> 05:56.240
by the Linux based harmony OS so so you have even that continuity so to sum up micro kernels are in

05:56.240 --> 06:06.560
the mainstream now let's take a short trip down the memory line and let's look on some of the

06:06.560 --> 06:12.720
interesting talks that have been presented here at the micro kernel the room of course this is my

06:12.720 --> 06:21.760
selection so if your favorite talk is not being mentioned that's not personal that's just just my

06:22.160 --> 06:30.960
selection but I really recommend you if you have the time going to that old talks and

06:30.960 --> 06:38.320
you might think you might find some interesting ideas there still so this is my this is my selection

06:39.360 --> 06:46.480
in the first year most there were mostly introductory talks so if you would like to compare the

06:46.560 --> 06:56.400
basic architecture of g note Nova Helena was feel free to go there g note already presented

06:56.960 --> 07:04.400
that there is this agony of choice in case of g note because it's not just an operating system it's

07:04.400 --> 07:10.800
an operating system framework that that actual supports I don't know how many it is today but

07:10.880 --> 07:18.560
six seven micro kernels and even a monolithic kernel which is interesting I mean the the type

07:18.560 --> 07:24.320
this is coming from from the original title I don't think it's wrong it I think it's great and I

07:24.320 --> 07:30.400
still remember this quote from the panel discussion by Jacob Germas where he said that Helena was

07:30.960 --> 07:39.600
implements the MFS driver so that there is a migration path for the minics three

07:40.560 --> 07:47.520
Helena was I think it was meant half jokingly back then but yeah I think it's less of a joke nowadays

07:48.560 --> 07:57.840
so this is this is the photo from that panel session 20 13 we have learned that Gidoo Hort is

07:57.840 --> 08:04.640
alive and well we have we have seen a confirmation today but at least for me that that was a surprise

08:04.720 --> 08:12.800
that this operating system based on the on the first generation micro kernel is still quite

08:12.800 --> 08:20.800
quite working and progressing they have been several talks on learning from past mistakes which is

08:20.800 --> 08:30.960
always good and there were several talks describing how operating system projects are

08:31.040 --> 08:41.040
maturing from academic endeavors to practical usability and maturity and probably the most important

08:41.040 --> 08:46.960
point from those talks is try to eat your own dog food whenever possible it really helps

08:50.400 --> 09:00.800
2014 this was the year when Anticanta announced ramp kernels it was them which I believe made a

09:00.800 --> 09:08.160
huge impact Gino would also introduce they their base HW their own micro kernel

09:09.200 --> 09:17.680
Helena was got a sound stack and L4E got commercial so again another move from academia to

09:19.280 --> 09:27.120
to to the real world so to speak. Jacob Germas announced my paternal dot info which is still an

09:27.120 --> 09:34.720
interesting site hopefully that that sort of points you to all the existing open source micro kernels

09:34.720 --> 09:40.720
I'm currently trying to maintain it if there's your favorite project missing please let me know

09:40.720 --> 09:48.640
sense and the poor quest and there was a very interesting talk that I really believe we should

09:48.640 --> 09:57.440
review from time to time by Vasily where he made a very good case for implementing practical security

09:57.440 --> 10:06.080
measures even in micro kernels things like not executable memory address space randomization

10:06.080 --> 10:11.920
and stuff like that because the world is complicated having a nice architecture that sort of

10:12.800 --> 10:20.720
prevents certain types of issues by itself is nice but there are other types of issues that

10:20.720 --> 10:33.200
should be also prevented I mean just recently L4E was in the middle of security vulnerable to that

10:33.200 --> 10:41.440
was not caused by L4E or the micro kernel but the vulnerability was caused by improper use

10:41.440 --> 10:51.760
of that building blocks and yeah maybe if there would be even more strict security measures

10:52.400 --> 10:59.120
maybe those people would simply not be not be able to use it in such a wrong way I don't know

10:59.520 --> 11:13.200
2015 SEL4 joins our community which was nice there was also there were also two talks about

11:13.200 --> 11:20.320
let's say small projects maybe a single person operating system projects but it's always

11:20.400 --> 11:32.880
great to see people learning by doing and while doing that discovering new ideas that we

11:32.880 --> 11:40.720
old-farts just have forgotten to discover or just fail to discover and I think this year's the

11:40.800 --> 11:50.000
room follows that tradition nicely and actually Al4E implements stake galleries I'm not sure if

11:50.000 --> 11:59.200
this was a direct direct direction to Vasily or not but yeah we've we've done something to improve

12:00.320 --> 12:04.480
improve the security even without changing the architecture

12:04.560 --> 12:13.680
2016 G note announced there's support for SEL4 so extending their set of supported

12:14.240 --> 12:22.400
supported micro kernels by yet another one good newsboard gains a lot of usability features

12:22.400 --> 12:30.240
that we still see the results today thanks to ramp kernels like sound support and USB support

12:31.120 --> 12:40.720
and Gianluka also introduced his own micro kernel again presenting some fresh interesting ideas

12:40.720 --> 12:47.280
on scheduling and what you can even consider to be a schedulable entity in an operating system

12:47.280 --> 12:58.400
kernel 2017 probably the largest attendance of a single single talk was happening here when there was

12:58.480 --> 13:05.120
the first introduction of the redox OS to this devroom and this really shows that it's never

13:05.120 --> 13:10.640
right to come to a party I mean you can always come up with something new something interesting

13:12.480 --> 13:17.360
I don't know why surprise I'll be making more popular than Linux 3 at least measuring by

13:17.360 --> 13:24.320
the number of downloads so you see the the migration path for the Linux file system is really needed

13:25.280 --> 13:33.040
and the new world talk showed a nice way how you can use virtualization in a micro kernel

13:33.040 --> 13:39.280
by an operating system without actual implementing kind of an extra just using the basic principles

13:39.280 --> 13:47.040
that the operating system I mean the micro kernel already provides by using subhertz wonderful

13:48.000 --> 14:00.000
2018 I mean there were certainly more talks but this one stuck to my mind scout OS was introduced by the

14:00.000 --> 14:07.520
genode guys you know just to explain genode is an operating system framework so it's a set of components

14:07.520 --> 14:14.000
that you are supposed to take and build your custom operating system out of it while

14:14.400 --> 14:22.400
while scout OS is a distribution of that components so to speak which you can actually use as

14:23.200 --> 14:30.080
as a as your daily driver I don't want to take credit for this but I was really pushing

14:30.640 --> 14:37.200
pushing Norman to do this for many many years so I hope I at least contributing contributed to

14:37.200 --> 14:48.960
that idea so that you know he did it so that I shut up I don't know 2019 genode introduced

14:48.960 --> 14:55.200
a kernel agnostic virtual machine manager again on a technical level an amazing feed because

14:55.200 --> 15:01.280
if you compare the different interfaces that the different micro kernels provide for virtualization

15:01.360 --> 15:08.240
and making sure that you can have a single binary that supports all of them that's amazing

15:09.360 --> 15:18.160
unicarnals were getting stronger so there were several unicarnal talks unicraft OSV if I'm

15:18.480 --> 15:32.080
mistaken and others and again one reality check which shows that the nice of architecture is amazing

15:33.440 --> 15:42.160
unless you are dealing with buggy and useless hardware so since Alphoree needs to support

15:42.240 --> 15:51.600
real world computers with real world hardware world vulnerabilities we need to face some unpleasant

15:51.600 --> 16:00.320
mitigation efforts in the micro kernel itself to provide some end-to-end security and safety to our

16:00.320 --> 16:13.280
customers 2020 so that was almost world's largest super spreading event for COVID I mean I

16:13.280 --> 16:21.440
mean I wanted to present it as a joke but it was quite amazing that we narrowly escape this so

16:21.440 --> 16:29.760
that we narrowly escape this fate I wouldn't like for them to be in the textbooks for this

16:30.960 --> 16:39.120
but yeah also looking on the positive on the bright side of that for many people that was the last

16:41.360 --> 16:49.040
large event which they attended before we had to do the two or three year break

16:50.560 --> 16:58.560
that was M3 presented again a way how to take the micro kernel idea as we know it and push it

16:58.640 --> 17:05.120
even further push it into new grounds by incorporating hardware software code design

17:07.280 --> 17:13.520
there was this big resurrection of Nova so Udo was here presenting his new

17:14.400 --> 17:22.000
old new involvement in it and presenting the his the R&V8 port and more news to come

17:22.320 --> 17:31.280
and the next year this was my micro kernel room I'm not sure how yours looked like but you know

17:31.280 --> 17:39.120
this was the matrix chat this was the the presenter screen and this is you know the output

17:39.120 --> 17:46.880
the streaming that all the other participants saw and you know in the beginning you know

17:47.440 --> 17:53.760
for in the first half of the day it did not really work so well so yeah the infrastructure

17:53.760 --> 18:01.840
was under under stress but eventually it won't find and G note presented they're

18:01.840 --> 18:07.120
probably the device drivers it's one highlight from that year

18:07.920 --> 18:17.840
2022 the infrastructure got much better I think there were almost no glitches this time but we

18:17.840 --> 18:24.800
are still sitting in front of our machines at home or whenever wherever and G note presented

18:25.840 --> 18:32.480
G note lives presented G note on pine phone and there was yet another newcomer

18:32.640 --> 18:41.040
managarm fully asynchronous micro kernel based system which I'm still surprised how they managed

18:41.040 --> 18:47.760
to achieve such a large degree of Linux compatibility in such a short time but they really

18:47.760 --> 18:53.920
focused on that and it's an amazing feat and an interesting project to to follow

18:54.080 --> 19:05.360
and in 2023 we were back to Brussels finally and G note presented their new approach of

19:06.000 --> 19:12.800
reusing Linux drivers again this this is a topic that has been done maybe six maybe seven maybe

19:12.800 --> 19:19.600
ten times before in different ways but there was there there was still obviously a

19:19.600 --> 19:29.200
currently a possibility to do it in a better way for 11th time and this is what G note and

19:29.200 --> 19:36.960
other projects are using right now we have also known that Google Fuchsia is one of the

19:37.760 --> 19:43.680
most widely used micro kernels at least at that moment and there was yet another newcomer

19:44.320 --> 19:51.200
ours or helios this time let's just a new micro kernel but a new micro kernel implemented

19:51.200 --> 20:02.720
in a completely new systems programming language what more could you could you want 2024 this is

20:03.760 --> 20:10.640
this is something that I'm not really happy about somebody just decided that 200 and

20:11.600 --> 20:20.080
40 minutes of micro kernel talks should be enough for everyone so the length of the of the

20:20.080 --> 20:29.360
level has been shortened okay let's move on I don't want to say anything better about it

20:30.560 --> 20:36.720
now I fully embrace trusted and confidential computing that that year or at least that was presented here

20:36.880 --> 20:44.560
so again jumping on a new trend in the industry and G note presented there

20:45.440 --> 20:52.160
new build system or cross compilation build system which I think also is very very important and

20:52.160 --> 21:04.960
maybe useful for for you too and last year again a newcomer CMRX a new real-time embedded

21:04.960 --> 21:10.960
MMU less micro kernel built from grounds up and presenting new interesting ideas

21:12.400 --> 21:21.200
L4E went through some certification efforts which are some hard ways how to get into safety

21:21.200 --> 21:31.200
critical systems monogarm and redox was fighting some uphill battle with some old unique monsters like

21:32.160 --> 21:38.480
canceling for success calls and signals again something that most of the micro kernel systems

21:38.480 --> 21:47.040
eventually need to face because Linux compatibility is still important to many people and also something

21:47.040 --> 21:56.080
that nobody is looking forward to and G note also embraces trusted boot so that was the history

21:56.560 --> 22:03.440
this micro background that room today was amazing great selection of talks I will be reviewing

22:03.440 --> 22:08.800
most of them and so I think the future is bright thank you very much

22:17.040 --> 22:23.920
I guess there are no questions today so so have a safe trip home or enjoy Brussels if you still can

22:23.920 --> 22:26.160
and see you next year hopefully