Thinking about ROCK

A technology is only as good as what you can achieve with it - and in thinking about some unique Sun technologies - CMT, HTM, Dtrace, and the CMT package management hardware - it occurs to me that that these can be combined to beat some very serious infrastructure security issues.

Last Friday my wife and I went to Thompson Falls, Montana, to look at a granite quarry and, as it turned out, buy 32 tons of the stuff for some home improvement work I'm really not looking forward to. It was a fun, relaxing, day: we drove the Highway to the Sun across Glacier National Park early enough Friday morning to see virtually no other traffic, were amazed by the lush valleys and enormous vistas on the western side of Montana, got along well with the people we met at the quarry, and had a pretty good dinner near Columbia Falls on the way home.

Still, as frequent readers must know, it's just not possible for me to drive the Highway to the Sun, stare at trillions of tons of vertical rock all day, wander through a large commercial quarry talking rocks, and not occasionally think about Sun's Rock processor.

Some people, of course, think this thing's been canceled; others, including me, dismiss that report as just part of the overall attempt to damage Sun as much as possible; while still others have speculated (correctly, I think) first that the rock processor could really make Oracle's RDBMS and business applications rock and later that the ideas will survive Sun no matter what.

What occurred to me, however, was this: people have studied the use of transactional memory in the development of security and transactional authorization monitors but, at least to my knowledge, nobody's linked four core Sun technologies: DTrace, HTM (hardware transactional memory), CMT, and processor based, hardware supported, packet cryptology in this context.

With these you could build an applications environment that automatically wraps transactions inside a TPM, automatically encrypts and "channel hops" all communications, automatically monitors processors for both unexpected results and unexplained activity, and automatically inserts a user defined authorization function into each transaction.

Applications written within environments like that to control many physically separate units acting together could be guaranteed to degrade gracefully as these units fail, guaranteed to warn users if attempts are made to corrupt them, guaranteed to be fully auditable after the fact, and can be made arbitrarily difficult for an outsider to corrupt.

The obvious applications here are offensive: to control, for example, a flock of smart weapons going after a submarine, a sniper, or some particular piece of enemy infrastructure. The more defensive and immediate applications, however, are in work like hardening networks and civil infrastructure (particularly electrical distribution and generation) against both accidental and intentional corruption or subversion.

Both Oracle and Sun sell into those markets now - and because those markets are spending enormous sums on labor intensive, make do, solutions that provably don't work very well, the bottom line for Rock is that a little imagination and a little courage is all the Sun/Oracle combination will need to make this a mega win - and not just for their technology and companies, but for the country.