Focal Interest
Focal Interest
AI Summary of Peer-Reviewed Research

This page presents an AI-generated summary of a published research paper. The original authors did not write or review this article. [See full disclosure ↓]

Publishing process signals: MODERATE — reflects the venue and review process. — venue and review process.

WaSC decouples WASM system access with low startup and memory use

A black and white photograph of a person's hand pointing to or adjusting equipment inside a server rack in a data center, showing network hardware, cables, and computing infrastructure.
Research area:Operating systemCloud Computing and Resource ManagementSecurity and Verification in Computing

What the study found

WaSC is a secure container runtime that hardens WebAssembly (WASM) system isolation by decoupling the system interface into a virtualization-based daemon. The abstract says it preserves function-level startup times and memory footprints while protecting the system interface with machine-level isolation.

Why the authors say this matters

The authors say WASM is attractive in serverless computing because of lightweight memory isolation and secure language semantics, but that the WebAssembly System Interface (WASI, the standard interface for system access) does not guarantee isolation from the host kernel. The study suggests WaSC addresses this gap while keeping the startup and memory advantages the authors associate with WASM.

What the researchers tested

The researchers introduced WaSC and evaluated it with microbenchmarks and application benchmarks. They measured startup latency, memory footprint, memory density on a single physical machine, and performance for WASI calls and SQLite speedtest1.

What worked and what didn't

WaSC achieved a 99th-percentile startup latency of 15 ms and maintained a memory footprint of about 10 MB. Compared with Firecracker, a secure container runtime, WaSC achieved 3× memory density on a single physical machine. The abstract also reports a 3.2× slowdown for WASI calls along the virtualization-based daemon path, and SQLite speedtest1 showed an average 80% increase in runtime.

What to keep in mind

The abstract does not describe limitations beyond these performance trade-offs. The reported results come from the benchmarks named in the abstract, so no broader claims beyond that summary are stated.

Key points

  • WaSC hardens WASM system isolation by moving the system interface into a virtualization-based daemon.
  • The abstract reports a 99th-percentile startup latency of 15 ms and a memory footprint of about 10 MB.
  • Compared with Firecracker, WaSC achieved 3× memory density on a single physical machine.
  • The abstract reports a 3.2× slowdown for WASI calls through the daemon path.
  • SQLite speedtest1 showed an average 80% increase in runtime.

Disclosure

Research title:
WaSC decouples WASM system access with low startup and memory use
Authors:
Xingzi Yu, Tianlei Xiong, Wei Tang, Yufan Jiang, Zhixiang Wei, Hao Wang, Chen Chen, Yun Wang, Bo Peng, Zhengwei Qi
Institutions:
Shanghai Jiao Tong University, Antea Group (France), Stevens Institute of Technology
Publication date:
2026-02-23
DOI:
10.1145/3795882
OpenAlex record:
View
AI provenance: This post was generated by OpenAI. The original authors did not write or review this post.

More posts