Nexus Unikernel
v0.9 Complete
The Nexus Unikernel profile is a radiation-hardened, single-purpose system for aerospace, military, and high-reliability deployments. At 280KB, it is the most complete profile currently available.
Target Hardware
- Radiation-hardened processors
- Satellite embedded computers
- Military-grade embedded systems
- Industrial safety systems
Key Characteristics
| Feature | Details |
|---|---|
| Kernel size | 280KB |
| Architecture | Single address space |
| Scheduling | Tickless, cooperative with Photon/Matter/Gravity/Void |
| Memory | Deterministic (ARC), no garbage collection pauses |
| Networking | LwIP (grafted) + UTCP |
| Storage | NexFS Core format |
| ECC scrubbing | Active during Void-spectrum idle time |
| Boot | <600ms to operational |
Radiation Hardening
The Unikernel profile includes specific features for operation in radiation environments:
ECC Memory Scrubbing
During idle time (Void spectrum), the CPU walks memory and corrects single-bit ECC errors before they accumulate into uncorrectable multi-bit errors.
Boot Error Buffer (BEB)
A 64KB region reserved for crash logs. After a radiation-induced fault:
- The watchdog timer triggers a reset
- The BEB preserves the crash context across reboot
- The system restarts and logs the event to ProvChain
- The faulty module (if identifiable) is marked and its budget is adjusted
Dual-Bank Flash
Two firmware banks allow atomic updates:
- Bank A: Currently running firmware
- Bank B: Receives the update
- After verification, the boot vector switches to Bank B
- If Bank B fails to boot, automatic rollback to Bank A
Deterministic Execution
The cooperative scheduler with fixed-capacity ION Rings ensures deterministic execution. No dynamic allocation during normal operation. No garbage collection pauses. No unbounded loops.
What's Complete (v0.9)
- Full SMP with DragonflyBSD LWKT message-passing
- NPL lifecycle (spawn, run, crash, restart)
- ProvChain logging
- LwIP networking with DHCP
- LWF protocol integration (24/24 test suites)
- UTCP sovereign transport
- NipBox LITE (21/25 commands)
- ION Ring IPC across all subsystems
- ARM64 and RISC-V 64 boot verified
Build
sh
nexus build --profile=unikernel --arch=riscv64
nexus build --profile=unikernel --arch=aarch64