{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,22]],"date-time":"2026-04-22T16:39:30Z","timestamp":1776875970622,"version":"3.51.2"},"reference-count":82,"publisher":"Association for Computing Machinery (ACM)","issue":"3","license":[{"start":{"date-parts":[[2016,6,30]],"date-time":"2016-06-30T00:00:00Z","timestamp":1467244800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Comput. Syst."],"published-print":{"date-parts":[[2016,9,17]]},"abstract":"<jats:p>\n            Multi- and many-core processors are becoming increasingly popular in embedded systems. Many of these processors now feature hardware virtualization capabilities, as found on the ARM Cortex A15 and x86 architectures with Intel VT-x or AMD-V support. Hardware virtualization provides a way to partition physical resources, including processor cores, memory, and I\/O devices, among guest virtual machines (VMs). Each VM is then able to host tasks of a specific criticality level, as part of a mixed-criticality system with different timing and safety requirements. However, traditional virtual machine systems are inappropriate for mixed-criticality computing. They use hypervisors to schedule separate VMs on physical processor cores. The costs of trapping into hypervisors to multiplex and manage machine physical resources on behalf of separate guests are too expensive for many time-critical tasks. Additionally, traditional hypervisors have memory footprints that are often too large for many embedded computing systems. In this article, we discuss the design of the Quest-V separation kernel, which partitions services of different criticality levels across separate VMs, or\n            <jats:italic>sandboxes<\/jats:italic>\n            . Each sandbox encapsulates a subset of machine physical resources that it manages without requiring intervention from a hypervisor. In Quest-V, a hypervisor is only needed to bootstrap the system, recover from certain faults, and establish communication channels between sandboxes. This not only reduces the memory footprint of the most privileged protection domain but also removes it from the control path during normal system operation, thereby heightening security.\n          <\/jats:p>","DOI":"10.1145\/2935748","type":"journal-article","created":{"date-parts":[[2016,7,5]],"date-time":"2016-07-05T14:08:13Z","timestamp":1467727693000},"page":"1-41","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":46,"title":["A Virtualized Separation Kernel for Mixed-Criticality Systems"],"prefix":"10.1145","volume":"34","author":[{"given":"Richard","family":"West","sequence":"first","affiliation":[{"name":"Boston University, MA, USA"}]},{"given":"Ye","family":"Li","sequence":"additional","affiliation":[{"name":"Boston University, MA, USA"}]},{"given":"Eric","family":"Missimer","sequence":"additional","affiliation":[{"name":"Boston University, MA, USA"}]},{"given":"Matthew","family":"Danish","sequence":"additional","affiliation":[{"name":"Boston University, MA, USA"}]}],"member":"320","published-online":{"date-parts":[[2016,6,30]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.5555\/827270.829047"},{"key":"e_1_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1535\/itj.1003.02"},{"key":"e_1_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/1168857.1168860"},{"key":"e_1_2_1_4_1","unstructured":"SYSGO AG. 2015. PikeOS Hypervisor. (2015). http:\/\/www.sysgo.com\/products\/pikeos-rtos-and-virtualization-concept.  SYSGO AG. 2015. PikeOS Hypervisor. (2015). http:\/\/www.sysgo.com\/products\/pikeos-rtos-and-virtualization-concept."},{"key":"e_1_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.5555\/320080.320119"},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1504\/IJES.2006.014859"},{"key":"e_1_2_1_7_1","volume-title":"Partitioned Systems. Wind River Systems\/IEEE Seminar. (August","author":"ARINC.","year":"2008","unstructured":"ARINC. 2008. ARINC 653 - An Avionics Standard for Safe , Partitioned Systems. Wind River Systems\/IEEE Seminar. (August 2008 ). ARINC. 2008. ARINC 653 - An Avionics Standard for Safe, Partitioned Systems. Wind River Systems\/IEEE Seminar. (August 2008)."},{"key":"e_1_2_1_8_1","unstructured":"AUTOSAR. 2015. AUTomotive Open System ARchitecture. (2015). http:\/\/www.autosar.org.  AUTOSAR. 2015. AUTomotive Open System ARchitecture. (2015). http:\/\/www.autosar.org."},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/1465611.1465708"},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/800027.808469"},{"key":"e_1_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.1985.231893"},{"key":"e_1_2_1_12_1","volume-title":"Proceedings of the 3rd USENIX Symposium on Operating Systems Design and Implementation.","author":"Banga Gaurav","unstructured":"Gaurav Banga , Peter Druschel , and Jeffrey C. Mogul . 1999. Resource containers: A new facility for resource management in server systems . In Proceedings of the 3rd USENIX Symposium on Operating Systems Design and Implementation. Gaurav Banga, Peter Druschel, and Jeffrey C. Mogul. 1999. Resource containers: A new facility for resource management in server systems. In Proceedings of the 3rd USENIX Symposium on Operating Systems Design and Implementation."},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/945445.945462"},{"key":"e_1_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/1629575.1629579"},{"key":"e_1_2_1_15_1","volume-title":"the 10th USENIX Conference on Operating Systems Design and Implementation. 335--348","author":"Belay Adam","year":"2012","unstructured":"Adam Belay , Andrea Bittau , Ali Mashtizadeh , David Terei , David Mazi\u00e8res , and Christos Kozyrakis . 2012 . Dune: Safe user-level access to privileged CPU features . In the 10th USENIX Conference on Operating Systems Design and Implementation. 335--348 . Adam Belay, Andrea Bittau, Ali Mashtizadeh, David Terei, David Mazi\u00e8res, and Christos Kozyrakis. 2012. Dune: Safe user-level access to privileged CPU features. In the 10th USENIX Conference on Operating Systems Design and Implementation. 335--348."},{"key":"e_1_2_1_16_1","volume-title":"11th USENIX Symposium on Operating Systems Design and Implementation. USENIX Association","author":"Belay Adam","year":"2014","unstructured":"Adam Belay , George Prekas , Ana Klimovic , Samuel Grossman , Christos Kozyrakis , and Edouard Bugnion . 2014 . IX: A protected dataplane operating system for high throughput and low latency . In 11th USENIX Symposium on Operating Systems Design and Implementation. USENIX Association , Broomfield, CO, 49--65. Adam Belay, George Prekas, Ana Klimovic, Samuel Grossman, Christos Kozyrakis, and Edouard Bugnion. 2014. IX: A protected dataplane operating system for high throughput and low latency. In 11th USENIX Symposium on Operating Systems Design and Implementation. USENIX Association, Broomfield, CO, 49--65."},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.5555\/827271.829112"},{"key":"e_1_2_1_20_1","volume-title":"The 8th USENIX Symposium on Operating Systems Design and Implementation. 43--57","author":"Boyd-Wickizer Silas","year":"2008","unstructured":"Silas Boyd-Wickizer , Haibo Chen , Rong Chen , Yandong Mao , M. Frans Kaashoek , Robert Morris , Aleksey Pesterev , Lex Stein , Ming Wu , Yue hua Dai , Yang Zhang , and Zheng Zhang . 2008 . Corey: An operating system for many cores . In The 8th USENIX Symposium on Operating Systems Design and Implementation. 43--57 . Silas Boyd-Wickizer, Haibo Chen, Rong Chen, Yandong Mao, M. Frans Kaashoek, Robert Morris, Aleksey Pesterev, Lex Stein, Ming Wu, Yue hua Dai, Yang Zhang, and Zheng Zhang. 2008. Corey: An operating system for many cores. In The 8th USENIX Symposium on Operating Systems Design and Implementation. 43--57."},{"key":"e_1_2_1_21_1","unstructured":"Reto Buerki and Adrian-Ken Rueegsegger. 2015. Muen Separation Kernel. (2015). http:\/\/muen.sk\/.  Reto Buerki and Adrian-Ken Rueegsegger. 2015. Muen Separation Kernel. (2015). http:\/\/muen.sk\/."},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/268998.266672"},{"key":"e_1_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/1274971.1275005"},{"key":"e_1_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/224056.224059"},{"key":"e_1_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/2463209.2488827"},{"key":"e_1_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/EDCC.2010.18"},{"key":"e_1_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/RTAS.2011.24"},{"key":"e_1_2_1_28_1","volume-title":"Proceedings of the 9th Euromicro Workshop on Real-Time Systems.","author":"Deng Z.","unstructured":"Z. Deng , J. W. S. Liu , and J. Sun . 1997. A scheme for scheduling hard real-time applications in open system environment . In Proceedings of the 9th Euromicro Workshop on Real-Time Systems. Z. Deng, J. W. S. Liu, and J. Sun. 1997. A scheme for scheduling hard real-time applications in open system environment. In Proceedings of the 9th Euromicro Workshop on Real-Time Systems."},{"key":"e_1_2_1_29_1","unstructured":"Adam Dunkels. 2015. lwIP -- A Lightweight TCP\/IP Stack. (2015). http:\/\/savannah.nongnu.org\/projects\/lwip\/.  Adam Dunkels. 2015. lwIP -- A Lightweight TCP\/IP Stack. (2015). http:\/\/savannah.nongnu.org\/projects\/lwip\/."},{"key":"e_1_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1007\/11945918_9"},{"key":"e_1_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/1095810.1095813"},{"key":"e_1_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1007\/BF01094172"},{"key":"e_1_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/2150976.2151020"},{"key":"e_1_2_1_34_1","unstructured":"Mentor Graphics. 2015. Mentor Embedded Hypervisor. (2015). http:\/\/www.mentor.com\/embedded-software\/hypervisor\/.  Mentor Graphics. 2015. Mentor Embedded Hypervisor. (2015). http:\/\/www.mentor.com\/embedded-software\/hypervisor\/."},{"key":"e_1_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.5555\/1344209.1344217"},{"key":"e_1_2_1_36_1","unstructured":"Intel Corporation. 2015. Intel 64 and IA-32 Architectures Software Developer\u2019s Manual Volume 3: System Programming Guide. http:\/\/www.intel.com.  Intel Corporation. 2015. Intel 64 and IA-32 Architectures Software Developer\u2019s Manual Volume 3: System Programming Guide. http:\/\/www.intel.com."},{"key":"e_1_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/1006209.1006246"},{"key":"e_1_2_1_38_1","unstructured":"Barry Kauler. 2015. Puppy Linux. (2015). http:\/\/www.puppylinux.org.  Barry Kauler. 2015. Puppy Linux. (2015). http:\/\/www.puppylinux.org."},{"key":"e_1_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.5555\/1025127.1026001"},{"key":"e_1_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/1629575.1629596"},{"key":"e_1_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1109\/RTAS.2007.18"},{"key":"e_1_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1109\/RTAS.2006.34"},{"key":"e_1_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1109\/RTSS.2014.17"},{"key":"e_1_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.5555\/523983.828369"},{"key":"e_1_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/HPCA.2004.10017"},{"key":"e_1_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/321738.321743"},{"key":"e_1_2_1_47_1","volume-title":"1st USENIX Workshop on Hot Topics in Parallelism.","author":"Liu Rose","year":"2009","unstructured":"Rose Liu , Kevin Klues , Sarah Bird , Steven Hofmeyr , Krste Asanovi\u0107 , and John Kubiatowicz . 2009 . Tessellation: Space-time partitioning in a manycore client OS . In 1st USENIX Workshop on Hot Topics in Parallelism. Rose Liu, Kevin Klues, Sarah Bird, Steven Hofmeyr, Krste Asanovi\u0107, and John Kubiatowicz. 2009. Tessellation: Space-time partitioning in a manycore client OS. In 1st USENIX Workshop on Hot Topics in Parallelism."},{"key":"e_1_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1147\/rd.62.0200"},{"key":"e_1_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1109\/WWOS.1993.348160"},{"key":"e_1_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1145\/2517349.2522719"},{"key":"e_1_2_1_51_1","volume-title":"Proceedings of the 19th IEEE Real-Time Systems Symposium.","author":"Oikawa Shuichi","year":"1998","unstructured":"Shuichi Oikawa and Ragunathan Rajkumar . 1998 . Linux\/RK: A portable resource kernel in Linux . In Proceedings of the 19th IEEE Real-Time Systems Symposium. Shuichi Oikawa and Ragunathan Rajkumar. 1998. Linux\/RK: A portable resource kernel in Linux. In Proceedings of the 19th IEEE Real-Time Systems Symposium."},{"key":"e_1_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1145\/78973.78974"},{"key":"e_1_2_1_53_1","unstructured":"PCI-SIG. 2015. PCI Configuration Space. (2015). https:\/\/www.pcisig.com\/.  PCI-SIG. 2015. PCI Configuration Space. (2015). https:\/\/www.pcisig.com\/."},{"key":"e_1_2_1_54_1","volume-title":"Proceedings of the 11th USENIX Symposium on Operating Systems Design and Implementation. 1--16","author":"Peter Simon","year":"2014","unstructured":"Simon Peter , Jialin Li , Irene Zhang , Dan R. K. Ports , Doug Woos , Arvind Krishnamurthy , Thomas Anderson , and Timothy Roscoe . 2014 . Arrakis: The operating system is the control plane . In Proceedings of the 11th USENIX Symposium on Operating Systems Design and Implementation. 1--16 . Simon Peter, Jialin Li, Irene Zhang, Dan R. K. Ports, Doug Woos, Arvind Krishnamurthy, Thomas Anderson, and Timothy Roscoe. 2014. Arrakis: The operating system is the control plane. In Proceedings of the 11th USENIX Symposium on Operating Systems Design and Implementation. 1--16."},{"key":"e_1_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1145\/1152154.1152160"},{"key":"e_1_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1145\/339647.339685"},{"key":"e_1_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.5555\/882482.883804"},{"key":"e_1_2_1_58_1","unstructured":"Wind River. 2014. Wind River Hypervisor. (2014). http:\/\/www.windriver.com\/products\/hypervisor\/.  Wind River. 2014. Wind River Hypervisor. (2014). http:\/\/www.windriver.com\/products\/hypervisor\/."},{"key":"e_1_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1145\/800216.806586"},{"key":"e_1_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.1145\/1400097.1400108"},{"key":"e_1_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.5555\/956418.956612"},{"key":"e_1_2_1_62_1","unstructured":"Green Hills Software. 2015a. INTEGRITY-178B RTOS. (2015). http:\/\/www.ghs.com\/products\/safety_critical\/integrity-do-178b.html.  Green Hills Software. 2015a. INTEGRITY-178B RTOS. (2015). http:\/\/www.ghs.com\/products\/safety_critical\/integrity-do-178b.html."},{"key":"e_1_2_1_63_1","unstructured":"Green Hills Software. 2015b. INTEGRITY Multivisor. (2015). http:\/\/www.ghs.com\/products\/rtos\/integrity_virtualization.html.  Green Hills Software. 2015b. INTEGRITY Multivisor. (2015). http:\/\/www.ghs.com\/products\/rtos\/integrity_virtualization.html."},{"key":"e_1_2_1_64_1","doi-asserted-by":"publisher","DOI":"10.1007\/BF02341920"},{"key":"e_1_2_1_65_1","volume-title":"Proceedings of the 15th IEEE Real-Time Systems Symposium.","author":"Spuri M.","unstructured":"M. Spuri and G. Buttazzo . 1994. Efficient aperiodic service under earliest deadline scheduling . In Proceedings of the 15th IEEE Real-Time Systems Symposium. M. Spuri and G. Buttazzo. 1994. Efficient aperiodic service under earliest deadline scheduling. In Proceedings of the 15th IEEE Real-Time Systems Symposium."},{"key":"e_1_2_1_66_1","doi-asserted-by":"publisher","DOI":"10.1007\/BF00360340"},{"key":"e_1_2_1_67_1","doi-asserted-by":"publisher","DOI":"10.1145\/1346281.1346299"},{"key":"e_1_2_1_68_1","doi-asserted-by":"publisher","DOI":"10.1109\/RTAS.2010.34"},{"key":"e_1_2_1_69_1","doi-asserted-by":"publisher","DOI":"10.1109\/12.368008"},{"key":"e_1_2_1_70_1","doi-asserted-by":"publisher","DOI":"10.1023\/B:SUPE.0000014800.27383.8f"},{"key":"e_1_2_1_71_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046754"},{"key":"e_1_2_1_72_1","unstructured":"LYNX Software Technologies. 2015. LynxSecure Embedded Hypervisor and Separation Kernel. (2015). http:\/\/www.lynx.com\/products\/hypervisors\/.  LYNX Software Technologies. 2015. LynxSecure Embedded Hypervisor and Separation Kernel. (2015). http:\/\/www.lynx.com\/products\/hypervisors\/."},{"key":"e_1_2_1_73_1","volume-title":"Jailhouse Partitioning Hypervisor. (October","author":"Siemens Corp","year":"2014","unstructured":"Siemens Corp orate Technology. 2014. Jailhouse Partitioning Hypervisor. (October 2014 ). https:\/\/github.com\/siemens\/jailhouse. Siemens Corporate Technology. 2014. Jailhouse Partitioning Hypervisor. (October 2014). https:\/\/github.com\/siemens\/jailhouse."},{"key":"e_1_2_1_74_1","doi-asserted-by":"publisher","DOI":"10.1145\/1531793.1531805"},{"key":"e_1_2_1_75_1","volume-title":"Filed with the USPTO. (October 14","author":"West Richard","year":"2008","unstructured":"Richard West , Puneet Zaroo , Carl Waldspurger , Xiao Zhang , and Haoqiang Zheng . 2008 . Online Computation of Cache Occupancy and Performance . Filed with the USPTO. (October 14 , 2008). Related to United States Patent Number US 8,429,665 B2. April 23, 2013. Richard West, Puneet Zaroo, Carl Waldspurger, Xiao Zhang, and Haoqiang Zheng. 2008. Online Computation of Cache Occupancy and Performance. Filed with the USPTO. (October 14, 2008). Related to United States Patent Number US 8,429,665 B2. April 23, 2013."},{"key":"e_1_2_1_76_1","doi-asserted-by":"publisher","DOI":"10.1145\/1899928.1899931"},{"key":"e_1_2_1_77_1","volume-title":"Multicore Technology: Architecture, Reconfiguration and Modeling","author":"West Richard","year":"2013","unstructured":"Richard West , Puneet Zaroo , Carl A. Waldspurger , and Xiao Zhang . 2013 . Multicore Technology: Architecture, Reconfiguration and Modeling . CRC Press , ISBN-10: 1439880638, Chapter 8. Richard West, Puneet Zaroo, Carl A. Waldspurger, and Xiao Zhang. 2013. Multicore Technology: Architecture, Reconfiguration and Modeling. CRC Press, ISBN-10: 1439880638, Chapter 8."},{"key":"e_1_2_1_78_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2009.18"},{"key":"e_1_2_1_79_1","volume-title":"Following the White Rabbit: Software Attacks Against Intel VT-d Technology. (April","author":"Wojtczuk Rafal","year":"2011","unstructured":"Rafal Wojtczuk and Joanna Rutkowska . 2011. Following the White Rabbit: Software Attacks Against Intel VT-d Technology. (April 2011 ). Inivisible Things Lab . Rafal Wojtczuk and Joanna Rutkowska. 2011. Following the White Rabbit: Software Attacks Against Intel VT-d Technology. (April 2011). Inivisible Things Lab."},{"key":"e_1_2_1_80_1","volume-title":"Proceedings of the 8th USENIX Symposium on Operating Systems Design and Implementation.","author":"Yang Ting","year":"2008","unstructured":"Ting Yang , Tongping Liu , Emery D. Berger , Scott F. Kaplan , and J. Eliot B. Moss . 2008 . Redline: First class support for interactivity in commodity operating systems . In Proceedings of the 8th USENIX Symposium on Operating Systems Design and Implementation. Ting Yang, Tongping Liu, Emery D. Berger, Scott F. Kaplan, and J. Eliot B. Moss. 2008. Redline: First class support for interactivity in commodity operating systems. In Proceedings of the 8th USENIX Symposium on Operating Systems Design and Implementation."},{"key":"e_1_2_1_81_1","doi-asserted-by":"publisher","DOI":"10.1145\/2628071.2628104"},{"key":"e_1_2_1_82_1","volume-title":"Proceedings of the 2nd USENIX Symposium on Operating Systems Design and Implementation. 263--278","author":"Zeldovich Nickolai","year":"2006","unstructured":"Nickolai Zeldovich , Silas Boyd-Wickizer , Eddie Kohler , and David Mazieres . 2006 . Making information flow explicit in histar . In Proceedings of the 2nd USENIX Symposium on Operating Systems Design and Implementation. 263--278 . Nickolai Zeldovich, Silas Boyd-Wickizer, Eddie Kohler, and David Mazieres. 2006. Making information flow explicit in histar. In Proceedings of the 2nd USENIX Symposium on Operating Systems Design and Implementation. 263--278."},{"key":"e_1_2_1_83_1","volume-title":"Proceedings of the 8th USENIX Symposium on Operating Systems Design and Implementation.","author":"Zeldovich Nickolai","year":"2008","unstructured":"Nickolai Zeldovich , Hari Kannan , Michael Dalton , and Christos Kozyrakis . 2008 . Hardware enforcement of application security policies using tagged memory . In Proceedings of the 8th USENIX Symposium on Operating Systems Design and Implementation. Nickolai Zeldovich, Hari Kannan, Michael Dalton, and Christos Kozyrakis. 2008. Hardware enforcement of application security policies using tagged memory. In Proceedings of the 8th USENIX Symposium on Operating Systems Design and Implementation."},{"key":"e_1_2_1_84_1","doi-asserted-by":"publisher","DOI":"10.1109\/RTSS.2006.37"}],"container-title":["ACM Transactions on Computer Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2935748","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2935748","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T03:39:56Z","timestamp":1750217996000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2935748"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,6,30]]},"references-count":82,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2016,9,17]]}},"alternative-id":["10.1145\/2935748"],"URL":"https:\/\/doi.org\/10.1145\/2935748","relation":{},"ISSN":["0734-2071","1557-7333"],"issn-type":[{"value":"0734-2071","type":"print"},{"value":"1557-7333","type":"electronic"}],"subject":[],"published":{"date-parts":[[2016,6,30]]},"assertion":[{"value":"2015-04-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2016-05-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2016-06-30","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}