Tock: From Research to Securing 10 Million Computers

TL;DR

Tock is an open-source, secure operating system initially developed for academic urban sensing applications, now widely deployed in diverse security-critical hardware, demonstrating the benefits of Rust and innovative hardware protections.

Contribution

This paper details Tock's evolution from academic research OS to a widely adopted platform, highlighting its technical design, security benefits of Rust, and open-source community support.

Findings

Tock is deployed on millions of devices including servers and laptops.

Using Rust enhances security and safety in Tock's design.

Tock's architecture supports diverse applications from automotive to space.

Abstract

Tock began 10 years ago as a research operating system developed by academics to help other academics build urban sensing applications. By leveraging a new language (Rust) and new hardware protection mechanisms, Tock enabled Multiprogramming a 64 kB Computer Safely and Efficiently. Today, it is an open source project with a vibrant community of users and contributors. It is deployed on root of trust hardware in data center servers and on millions of laptops; it is used to develop automotive and space products, wearable electronics, and hardware security tokens--all while remaining a platform for operating systems research. This paper focuses on the impact of Tock's technical design on its adoption, the challenges and unexpected benefits of using a type safe language (Rust)--particularly in security sensitive settings--and the experience of supporting a production open4source operating system from academia.