Compile a report on the current state of Snabb/Vita regarding information security best practices

[eugeneia]

Snabb wants to provide a toolkit for network data-planes that provides developer ergonomics and robustness without compromising on performance. Writing robust network-facing software means writing secure software.

To that end, Snabb occupies an interesting position in the stack in that we embrace dynamic programming language features while, at the same time, we develop ad hoc compilers using DynASM’s Lua-mode, in addition to bending our primary compiler and language runtime to our needs with RaptorJIT.

Vita could be seen as an experiment in using Snabb to solve information security problems, and serve as a test specimen for research.

In order to identify current deficits and possible future directions of development we need to compile an actionable report based on a survey of the Vita/Snabb codebase. A motivating question for the report might be:

How does the Snabb framework help write secure software, and how can we further improve it towards that goal?

The final report should identify which of the programming techniques used in Snabb are benefitting robustness, as well as opportunities for further hardening. It should motivate Snabb developers to develop new hardening features, and help them to prioritize features that focus on areas identified as particularly fruitful.

If you are interested in doing this work, please direct any further questions to the comment section below, or to Max Rottenkolber max@mr.gy.