[ih] The "Research to Operation" (R2O) aspect of Internet History

[Karl Auerbach]

Back at SDC Frank Heinrich, David Kaufman, and I worked with Peter 
Neumann, Richard Frietag (sp), and John Rushby at SRI on PSOS and other 
capability based ideas.  (We also coordinated with work at RSRE at 
Malvern in the UK and with Plessey, which had an a deployed capability 
based machine for telco switch control.)

David, Frank, and I were trying to figure out, in those days before 
asymmetrical cryptography, how to push capabilities into other network 
machines and, more interestingly, how to push 'em into the interactions 
between network machines.  We never got very far on that.  Frank had 
interesting ides on this that came out of his work with service 
bidding/negotioting/binding when he worked on file systems for Farber's 
DCS networks.

PSOS had permanent capabilities, a thing that we considered unacceptable 
for actual deployed machines.  So when we designed the actual hardware 
computer to run PSOS we changed the design to use capabilities that 
could be discarded (or lost) and be garbage collected.  This was a *big* 
change and one needed for any practical implementation.  (We modified an 
existing Univac machine with new firmware, tagged memory, and several 
content addressable memories to create our machine for PSOS.  That was a 
lot of fun.)

We squeezed all of this through our proof-of-correctness group, Marv 
Schaeffer, Valle Schore, John Scheid, Hillary O, Josie Althouse - I 
think I have misspelled every one of those names - to validate the 
design against our *-property (star-property) based criteria for 
correctness.

Peter N. and I have over the years revisited the transient vs permanent 
capability divide; I think that he was eventually won over to our position.

I can't remember what position the Intel 432 had in the permanent vs 
transient capability debate.

(By-the-way, the so-called "capability" system in Linux is bears almost 
no resemblance to the kind of "capabilities" we were working with way 
back then.)

     --karl--

On 8/25/25 2:27 PM, Vint Cerf via Internet-history wrote:
> CHERI (see Peter G. Neumann et al at SRI) might be considered a distant
> descendent of PSOS - it is strongly hardware oriented to give very
> fine-grained memory control. The project has DARPA support for some time,
> as I recall. https://www.cl.cam.ac.uk/research/security/ctsrd/cheri/
>
> v
>
>
>
>
> On Mon, Aug 25, 2025 at 4:41 PM Jack Haverty via Internet-history <
> internet-history at elists.isoc.org> wrote:
>
>> On 8/25/25 10:53, Barbara Denny via Internet-history wrote:
>>>    Another story....
>>> I thought SINCGARs radios we were getting at SRI were milspec.  I was
>> surprised when in one shipment a radio had been broken by the post office.
>> Nothing major, just a corner piece had broken off.
>>> Some of you might be wondering what SRI was doing with these radios.  We
>> had a project with ITT to develop a packet applique (another box) to
>> transform the analog radio to one that supported packet switching. We used
>> the packet radio protocols as a starting point for  the nodes and we did
>> demonstrate it during exercises at military bases (Fort Bragg and Fort
>> Gordon).  Hosts were using TCP/IP for the applications. Last I heard ITT
>> and General Dynamics were competing? for the next production of the radios
>> and this included support for packet switching.  This was back in the late
>> 80s(?),  shortly after our project ended. I know ITT had also done more
>> internal IR&D in this area. I don't know how much of the original packet
>> radio technology got incorporated.
>>> barbara
>> Hi Barbara,
>>
>> Thanks for the SINCGARs story.  I've always wondered what happened to
>> Packet Radio technology further down the road.
>>
>> Internet History buffs,
>>
>> No, it's R2O, not R2O2...
>>
>> I think R2O is a part of the Internet History which I haven't seen
>> discussed much at all - namely how, and whether or not, technology
>> progressed from the research labs of ARPA (and others, such as in
>> Europe) into the world where it was used.   That "R2O" pipeline was of
>> course the intent of the research when it was begun.   Research was
>> initiated in the hope it would prove useful to meet operational needs.
>>
>> I lived through the progression of the ARPANET from an ARPA research
>> project to its eventual deployment as the Defense Data Network, as well
>> as numerous "clone" networks using IMPs, running the same code as
>> ARPANET, in many branches of government and commercial environments.
>>
>> Similarly, I can remember the progression of The Internet, beginning as
>> an ARPA research project.  NSF got involved, and funded a bunch of
>> regional networks, but with a guaranteed and scheduled end to its
>> funding.   By doing so, it generated the first self-sufficient ISPs, and
>> the Internet industry began.   Tim Berners-Lee created web technology,
>> W3C promoted it, and it exploded throughout the world.
>>
>> Other technologies I remember starting along such a pipeline. SATNET
>> began as a component network of The Internet, providing connectivity
>> between the US and Europe.  MATNET used the same technology as SATNET,
>> but was deployed in a military testbed environment, with a presence on
>> the USS Carl Vinson, the Navy's aircraft carrier used as a technology
>> testbed "in the field".  But I haven't heard what, if anything, happened
>> afterwards.
>>
>> There was a sort of "pipeline" carrying technology from ARPA research
>> out into the operational military, as well as into the broader
>> commercial world.   Perhaps some historians can explain how that worked
>> and what technologies made it through the pipeline. Perhaps also explain
>> ones that were abandoned as failures and why.
>>
>> For example, it seems like there could be a path beginning with projects
>> such as AlohaNet, Packet Radio, SATNET, and others, that somehow leads
>> to today's Starlink.   How did the research technology work its way
>> along that path -- if it did at all?  Did it involve code transfer,
>> adoption of successful algorithms or procedures, information
>> dissemination through documents and papers, spinoffs of startups (cisco
>> systems comes to mind), or perhaps just the movement of people, bringing
>> knowledge and ideas from one project to another?
>>
>> For a possible failure, I recall projects in the early 1980s to develop
>> "secure operating systems".   One was called KSOS (Kernelized Secure
>> Operating System).  Another was PSOS (Provably Secure Operating
>> System).  The idea was that it would be good to have a computer platform
>> that not only did what it was specified to do, but also did not do
>> anything else.   Such a system would be immune to the typical "zero-day"
>> attacks that allow an intruder to take over control of a machine.   The
>> fact that all the OSes I use today receive a constant stream of updates
>> to fix critical vulnerabilities makes me think this research ended up as
>> a failure.
>>
>> I think such "pipeline" R2O stories are an important, but
>> under-recorded, part of Internet History.
>>
>> Jack Haverty
>>
>> --
>> Internet-history mailing list
>> Internet-history at elists.isoc.org
>> https://elists.isoc.org/mailman/listinfo/internet-history
>> -
>> Unsubscribe:
>> https://app.smartsheet.com/b/form/9b6ef0621638436ab0a9b23cb0668b0b?The%20list%20to%20be%20unsubscribed%20from=Internet-history
>>
>