{"id":"https://openalex.org/W4395020689","doi":"https://doi.org/10.1145/3620665.3640408","title":"Lightweight Fault Isolation: Practical, Efficient, and Secure Software Sandboxing","display_name":"Lightweight Fault Isolation: Practical, Efficient, and Secure Software Sandboxing","publication_year":2024,"publication_date":"2024-04-22","ids":{"openalex":"https://openalex.org/W4395020689","doi":"https://doi.org/10.1145/3620665.3640408"},"language":"en","primary_location":{"id":"doi:10.1145/3620665.3640408","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3620665.3640408","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 29th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 2","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1145/3620665.3640408","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5087880988","display_name":"Zachary Yedidia","orcid":"https://orcid.org/0009-0006-4244-1690"},"institutions":[{"id":"https://openalex.org/I97018004","display_name":"Stanford University","ror":"https://ror.org/00f54p054","country_code":"US","type":"education","lineage":["https://openalex.org/I97018004"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Zachary Yedidia","raw_affiliation_strings":["Stanford University, Stanford, California, United States of America"],"raw_orcid":"https://orcid.org/0009-0006-4244-1690","affiliations":[{"raw_affiliation_string":"Stanford University, Stanford, California, United States of America","institution_ids":["https://openalex.org/I97018004"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5087880988"],"corresponding_institution_ids":["https://openalex.org/I97018004"],"apc_list":null,"apc_paid":null,"fwci":3.6425,"has_fulltext":false,"cited_by_count":11,"citation_normalized_percentile":{"value":0.93571533,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"649","last_page":"665"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9969000220298767,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10772","display_name":"Distributed systems and fault tolerance","score":0.9909999966621399,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8420480489730835},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.6061412692070007},{"id":"https://openalex.org/keywords/sandbox","display_name":"Sandbox (software development)","score":0.6010103225708008},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.5670824646949768},{"id":"https://openalex.org/keywords/isolation","display_name":"Isolation (microbiology)","score":0.5217310190200806},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.4773806929588318},{"id":"https://openalex.org/keywords/compiler","display_name":"Compiler","score":0.4652017056941986},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.44800055027008057},{"id":"https://openalex.org/keywords/attack-surface","display_name":"Attack surface","score":0.4437852203845978},{"id":"https://openalex.org/keywords/source-lines-of-code","display_name":"Source lines of code","score":0.43316033482551575},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.43037787079811096},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.4245699644088745},{"id":"https://openalex.org/keywords/parallel-computing","display_name":"Parallel computing","score":0.40188586711883545},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.37972763180732727}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8420480489730835},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.6061412692070007},{"id":"https://openalex.org/C167981075","wikidata":"https://www.wikidata.org/wiki/Q2667186","display_name":"Sandbox (software development)","level":2,"score":0.6010103225708008},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.5670824646949768},{"id":"https://openalex.org/C2775941552","wikidata":"https://www.wikidata.org/wiki/Q25212305","display_name":"Isolation (microbiology)","level":2,"score":0.5217310190200806},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.4773806929588318},{"id":"https://openalex.org/C169590947","wikidata":"https://www.wikidata.org/wiki/Q47506","display_name":"Compiler","level":2,"score":0.4652017056941986},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.44800055027008057},{"id":"https://openalex.org/C2776576444","wikidata":"https://www.wikidata.org/wiki/Q303569","display_name":"Attack surface","level":2,"score":0.4437852203845978},{"id":"https://openalex.org/C199519371","wikidata":"https://www.wikidata.org/wiki/Q942695","display_name":"Source lines of code","level":3,"score":0.43316033482551575},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.43037787079811096},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.4245699644088745},{"id":"https://openalex.org/C173608175","wikidata":"https://www.wikidata.org/wiki/Q232661","display_name":"Parallel computing","level":1,"score":0.40188586711883545},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.37972763180732727},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C89423630","wikidata":"https://www.wikidata.org/wiki/Q7193","display_name":"Microbiology","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3620665.3640408","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3620665.3640408","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 29th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 2","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3620665.3640408","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3620665.3640408","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 29th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 2","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G6141350605","display_name":null,"funder_award_id":"DGE-2146755","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":42,"referenced_works":["https://openalex.org/W2363194","https://openalex.org/W2009248821","https://openalex.org/W2027509840","https://openalex.org/W2034711041","https://openalex.org/W2069107692","https://openalex.org/W2079029390","https://openalex.org/W2083355374","https://openalex.org/W2086795351","https://openalex.org/W2088383546","https://openalex.org/W2105349588","https://openalex.org/W2105842205","https://openalex.org/W2116730531","https://openalex.org/W2131238817","https://openalex.org/W2138538875","https://openalex.org/W2141729404","https://openalex.org/W2143677609","https://openalex.org/W2151480972","https://openalex.org/W2156605713","https://openalex.org/W2187802606","https://openalex.org/W2270183489","https://openalex.org/W2326370147","https://openalex.org/W2484436830","https://openalex.org/W2577352649","https://openalex.org/W2605597658","https://openalex.org/W2625141509","https://openalex.org/W2752929869","https://openalex.org/W2761578098","https://openalex.org/W2762171171","https://openalex.org/W2796645376","https://openalex.org/W2965588382","https://openalex.org/W3008539238","https://openalex.org/W3009731533","https://openalex.org/W3097183624","https://openalex.org/W3097965369","https://openalex.org/W3138722985","https://openalex.org/W4233766148","https://openalex.org/W4254234063","https://openalex.org/W4327930423","https://openalex.org/W6633875382","https://openalex.org/W6678483193","https://openalex.org/W6682091879","https://openalex.org/W6790705086"],"related_works":["https://openalex.org/W2033352828","https://openalex.org/W3208250511","https://openalex.org/W2355810117","https://openalex.org/W3098313552","https://openalex.org/W70177500","https://openalex.org/W2546418048","https://openalex.org/W2954975888","https://openalex.org/W3131442838","https://openalex.org/W2732351623","https://openalex.org/W2786854043"],"abstract_inverted_index":{"Software-based":[0],"fault":[1],"isolation":[2,10,139],"(SFI)":[3],"is":[4,106,177,193],"a":[5,65,100,113,131,146,185],"longstanding":[6],"technique":[7],"that":[8,105],"allows":[9],"of":[11,24,40,67,81,96,125,127,140,149,155,180],"one":[12],"or":[13,21],"more":[14],"processes":[15],"from":[16],"each":[17],"other":[18],"with":[19,52,145],"minimal":[20],"no":[22],"use":[23],"hardware":[25],"protection":[26],"mechanisms.":[27],"The":[28],"demand":[29],"for":[30,64,205],"SFI":[31,60,92,103],"systems":[32,47,61],"has":[33,184,200],"been":[34],"increasing":[35],"due":[36],"to":[37,48,108,163,172,189],"the":[38,79,94,152,156],"advent":[39],"cloud":[41,85],"and":[42,55,75,86,98,111,135,143,167,199,210],"serverless":[43],"computing,":[44],"which":[45],"require":[46],"run":[49],"untrusted":[50],"code":[51,70,168],"low":[53,56,165],"latency":[54],"context":[57,95],"switch":[58],"times.":[59],"must":[62],"optimize":[63],"combination":[66],"performance,":[68],"trusted":[69],"base":[71],"(TCB)":[72],"size,":[73,192],"scalability,":[74],"implementation":[76],"complexity.":[77],"With":[78],"rise":[80],"ARM64":[82,97],"in":[83,93,130],"both":[84],"personal":[87],"computers,":[88],"we":[89],"revisit":[90],"classic":[91],"present":[99],"new":[101],"multi-sandbox":[102,174],"scheme":[104],"practical":[107],"implement,":[109],"efficient,":[110],"maintains":[112],"small":[114,186],"TCB.":[115],"Our":[116],"technique,":[117],"called":[118],"Lightweight":[119],"Fault":[120],"Isolation":[121],"(LFI),":[122],"supports":[123],"tens":[124],"thousands":[126],"4GiB":[128],"sandboxes":[129],"single":[132],"address":[133],"space":[134],"does":[136],"full":[137],"software":[138,202],"loads,":[141],"stores,":[142],"jumps":[144],"runtime":[147,166],"overhead":[148],"7%":[150],"on":[151],"compatible":[153],"subset":[154],"SPEC":[157],"2017":[158],"benchmark":[159],"suite.":[160],"In":[161],"addition":[162],"providing":[164],"size":[169],"overheads":[170],"compared":[171],"existing":[173,181],"systems,":[175],"LFI":[176],"implemented":[178],"independently":[179],"compiler":[182],"toolchains,":[183],"static":[187],"verifier":[188],"reduce":[190],"TCB":[191],"hardened":[194],"against":[195],"basic":[196],"Spectre":[197],"attacks,":[198],"broad":[201],"support,":[203],"including":[204],"language":[206],"mechanisms":[207],"like":[208],"exceptions":[209],"ISA":[211],"features":[212],"such":[213],"as":[214],"SIMD.":[215]},"counts_by_year":[{"year":2025,"cited_by_count":9},{"year":2024,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}