On 11/22/20, Heiser, Gernot (Data61, Kensington NSW)
Yes. While this is a reasonable use case, it’s not one we see happening. Very few real-world systems are built from scratch, they almost inevitably are an evolution of something existing. And, compared to pulling out critical assets to run native (as in the Cog phone), the additional security gain from running *everything* native is small, compared to the huge refactoring/porting effort. That’s why just about everyone opts for the HACMS-style incremental cyber retrofit, as Cog have done it.
But if you think you gain enough by going fully native on an unverified microkernel OS, then Genode is what you should use. If you want high assurance for your critical assets, then the seL4 Core Platform is the way to go (at least once it supports VMs).
I'm (still) working on UX/RT, my own implementation of a QNX-like OS based on seL4, which I've posted about here in the past. It will use code from existing free Unices wherever possible. This includes using the LKL project to run multiple kernel-only Linux systems as servers to provide device drivers, disk filesystems, and a network stack. Most of the "regular" user-mode tools and libraries will be forked or ported from Linux and BSD. Many Linux-specifc API functions will be natively supported (making it easier to implement a Linux binary compatibility environment as well as porting Linux applications). I'm certainly not attempting to build a full-featured Unix-like system from scratch by myself because that would be a lot of reinvention of the wheel. Much of what I need is already out there. I just need to fill in the gaps. Basically, I'm intending to make a general-purpose Unix-like microkernel OS that is practical for most use cases where legacy Unices (including Linux) are currently used, while hopefully being more secure and easier to manage than any legacy Unix, and still maintaining a reasonable degree of backwards compatibility (and also following the Unix philosophy, or at least my interpretation of it, considerably better than any other modern system).