DOCSLIB.ORG

Creating High-Performance, Statically Type-Safe Network Applications

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Creating High-Performance, Statically Type-Safe Network Applications UCAM-CL-TR-775 Technical Report ISSN 1476-2986 Number 775 Computer Laboratory Creating high-performance, statically type-safe network applications Anil Madhavapeddy March 2010 15 JJ Thomson Avenue Cambridge CB3 0FD United Kingdom phone +44 1223 763500 http://www.cl.cam.ac.uk/ c 2010 Anil Madhavapeddy This technical report is based on a dissertation submitted April 2006 by the author for the degree of Doctor of Philosophy to the University of Cambridge, Robinson College. Technical reports published by the University of Cambridge Computer Laboratory are freely available via the Internet: http://www.cl.cam.ac.uk/techreports/ ISSN 1476-2986 Abstract A typical Internet server finds itself in the middle of a virtual battleground, under constant threat from worms, viruses and other malware seeking to subvert the original intentions of the programmer. In particular, critical Internet servers such as OpenSSH, BIND and Sendmail have had numerous security issues ranging from low-level buffer overflows to subtle protocol logic errors. These problems have cost billions of dollars as the growth of the Internet exposes increasing numbers of computers to electronic malware. Despite the decades of research on techniques such as model-checking, type-safety and other forms of formal analysis, the vast majority of server implementations continue to be written unsafely and informally in C/C++. In this dissertation we propose an architecture for constructing new implementations of stan- dard Internet protocols which integrates mature formal methods not currently used in deployed servers: (i) static type systems from the ML family of functional languages; (ii) model checking to verify safety properties exhaustively about aspects of the servers; and (iii) generative meta- programming to express high-level constraints for the domain-specific tasks of packet parsing and constructing non-deterministic state machines. Our architecture—dubbed MELANGE—is based on Objective Caml and contributes two domain-specific languages: (i) the Meta Packet Language (MPL), a data description language used to describe the wire format of a protocol and output statically type-safe code to handle network traffic using high-level functional data structures; and (ii) the Statecall Policy Language (SPL) for constructing non-deterministic finite state automata which are embedded into applications and dynamically enforced, or translated into PROMELA and statically model-checked. Our research emphasises the importance of delivering efficient, portable code which is feasi- ble to deploy across the Internet. We implemented two complex protocols—SSH and DNS—to verify our claims, and our evaluation shows that they perform faster than their standard coun- terparts OpenSSH and BIND, in addition to providing static guarantees against some classes of errors that are currently a major source of security problems. 3 CONTENTS Contents 1 Introduction 7 1.1 Internet Growth . .7 1.1.1 Security and Reliability Concerns . .8 1.1.2 Firewalls Prove Insufficient . .8 1.1.3 The Internet Server Monoculture . .9 1.2 Motivation for Rewriting Internet Servers . 10 1.3 Contributions . 11 2 Background 13 2.1 Internet Security . 13 2.1.1 History . 13 2.1.2 Language Issues . 15 2.1.3 The Rise of the Worm . 16 2.1.4 Defences Against Internet Attacks . 17 2.2 Functional Programming . 20 2.2.1 History . 20 2.2.2 Type Systems . 22 2.2.3 Features . 23 2.2.4 Evolution . 26 2.3 Objective Caml . 26 2.3.1 Strong Abstraction . 27 2.3.2 Polymorphic Variants . 29 2.3.3 Mutable Data and References . 30 2.3.4 Bounds Checking . 31 2.4 Model Checking . 32 2.4.1 SPIN and PROMELA ........................... 33 2.4.2 System Verification using SPIN ..................... 35 2.4.3 Model Creation and Extraction . 37 2.5 Summary . 38 3 Related Work 39 3.1 Control Plane . 40 3.1.1 Formal Models of Concurrency . 40 3.1.2 Model Extraction . 41 4 CONTENTS 3.1.3 Dynamic Enforcement and Instrumentation . 43 3.2 Data Plane . 44 3.2.1 Data Description Languages . 44 3.2.2 Active Networks . 45 3.2.3 The View-Update Problem . 46 3.3 General Purpose Languages . 47 3.3.1 Software Engineering . 47 3.3.2 Meta-Programming . 48 3.3.3 Functional Languages for Networking . 48 3.4 Summary . 50 4 Architecture 51 4.1 Goals . 51 4.1.1 Data Abstractions . 51 4.1.2 Language Support . 53 4.2 The MELANGE Architecture . 54 4.2.1 Meta Packet Language (MPL) . 56 4.2.2 Statecall Specification Language (SPL) . 57 4.3 Threat Model . 59 4.4 Summary . 61 5 Meta Packet Language 62 5.1 Language . 63 5.1.1 Parsing IPv4: An Example . 63 5.1.2 Theoretical Space . 68 5.1.3 Syntax . 70 5.1.4 Semantics . 70 5.2 Basis Library . 73 5.2.1 Packet Environments . 73 5.2.2 Basic Types . 75 5.2.3 Custom Types . 77 5.3 OCaml Interface . 77 5.3.1 Packet Sinks . 79 5.3.2 Packet Sources . 79 5.3.3 Packet Proxies . 80 5.4 Evaluation . 81 5.4.1 Experimental Setup . 81 5.4.2 Experiments and Results . 83 5.5 Discussion . 85 5.6 Summary . 86 6 Statecall Policy Language 87 6.1 Statecall Policy Language . 89 6.1.1 A Case Study using ping ......................... 89 6.1.2 Syntax . 91 6.1.3 Typing Rules . 91 6.2 Intermediate Representation . 94 5 CONTENTS 6.2.1 Control Flow Automaton . 96 6.2.2 Multiple Automata . 97 6.2.3 Optimisation . 99 6.3 Outputs . 101 6.3.1 OCaml . 102 6.3.2 PROMELA ................................. 105 6.3.3 HTML and Javascript . 106 6.4 Summary . 107 7 Case Studies 109 7.1 Secure Shell (SSH) . 110 7.1.1 Performance . 112 7.1.2 SSH Packet Format . 115 7.1.3 SSH State Machines . 116 7.1.4 AJAX Debugger . 118 7.1.5 Model Checking . 118 7.2 Domain Name System . 122 7.2.1 DNS Packet Format . 122 7.2.2 An Authoritative Deens Server . 124 7.2.3 Performance . 125 7.3 Code Size . 127 7.4 Summary . 128 8 Conclusions 129 8.1 Future Work . 131 A Sample Application: ping 156 B MPL User Manual 160 B.1 Well-Formed Specifications . 160 B.2 Semantics . 163 C MPL Protocol Listings 165 C.1 Ethernet . 165 C.2 IPv4 . 165 C.3 ICMP . ..
Load more

Recommended publications
  • PL/I List Processing • PL/I Language Lacked FaciliEs for TreaNg Linked Lists HAROLD LAWSON,JR
    The Birth of the Pointer Variable Based upon: Experiences and Reflec;ons of a Computer Pioneer Harold “Bud” Lawson FELLOW FELLOW and LIFE MEMBER IEEE COMPUTER SOCIETY CHARLES BABBAGE COMPUTER PIONEER FELLOW Overlapping Phases • Phase 1 (1959-1974) – Computer Industry • Phase 2 (1974-1996) - Computer-Based Systems • Phase 3 (1996-Present) – Complex Systems • Dedicated to all the talented colleagues that I have worked with during my career. • We have had fun and learned from each other. • InteresMng ReflecMons and Happenings are indicated in Red. Computer Industry (1959 to 1974) • Summer 1958 - US Census Bureau • 1959 Temple University (Introduc;on to IBM 650 (Drum Machine)) • 1959-61 Employed at Remington-Rand Univac • 1961-67 Employed at IBM • 1967-69 Part Time Consultant (Professor) • 1969-70 Employed at Standard Computer Corporaon • 1971-73 Consultant to Datasaab, Linköping • 1973-… Consultant .. Expert Witness.. Rear Admiral Dr. Grace Murray Hopper (December 9, 1906 – January 1, 1992) Minted the word “BUG” – During her Mme as Programmer of the MARK I Computer at Harvard Minted the word “COMPILER” with A-0 in 1951 Developed Math-MaMc and FlowmaMc and inspired the Development of COBOL Grace loved US Navy Service – The oldest acMve officer, reMrement at 80. From Grace I learned that it is important to queson the status-quo, to seek deeper meaning and explore alterna5ve ways of doing things. 1980 – Honarary Doctor The USS Linköpings Universitet Hopper Univac Compiler Technology of the 1950’s Grace Hopper’s Early Programming Languages Math-MaMc
    [Show full text]
  • Systems Programming in C++ Practical Course
    Systems Programming in C++ Practical Course Summer Term 2019 Course Goals Learn to write good C++ • Basic syntax • Common idioms and best practices Learn to implement large systems with C++ • C++ standard library and Linux ecosystem • Tools and techniques (building, debugging, etc.) Learn to write high-performance code with C++ • Multithreading and synchronization • Performance pitfalls 1 Formal Prerequisites Knowledge equivalent to the lectures • Introduction to Informatics 1 (IN0001) • Fundamentals of Programming (IN0002) • Fundamentals of Algorithms and Data Structures (IN0007) Additional formal prerequisites (B.Sc. Informatics) • Introduction to Computer Architecture (IN0004) • Basic Principles: Operating Systems and System Software (IN0009) Additional formal prerequisites (B.Sc. Games Engineering) • Operating Systems and Hardware oriented Programming for Games (IN0034) 2 Practical Prerequisites Practical prerequisites • No previous experience with C or C++ required • Familiarity with another general-purpose programming language Operating System • Working Linux operating system (e.g. Ubuntu) • Basic experience with Linux (in particular with shell) • You are free to use your favorite OS, we only support Linux 3 Lecture & Tutorial • Lecture: Tuesday, 14:00 – 16:00, MI 02.11.018 • Tutorial: Friday, 10:00 – 12:00, MI 02.11.018 • Discuss assignments and any questions • First two tutorials are additional lectures • Everything will be in English • Attendance is mandatory • Announcements on the website 4 Assignments • Brief non-coding quizzes
    [Show full text]
  • Functional Javascript
    www.it-ebooks.info www.it-ebooks.info Functional JavaScript Michael Fogus www.it-ebooks.info Functional JavaScript by Michael Fogus Copyright © 2013 Michael Fogus. All rights reserved. Printed in the United States of America. Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472. O’Reilly books may be purchased for educational, business, or sales promotional use. Online editions are also available for most titles (http://my.safaribooksonline.com). For more information, contact our corporate/ institutional sales department: 800-998-9938 or [email protected]. Editor: Mary Treseler Indexer: Judith McConville Production Editor: Melanie Yarbrough Cover Designer: Karen Montgomery Copyeditor: Jasmine Kwityn Interior Designer: David Futato Proofreader: Jilly Gagnon Illustrator: Robert Romano May 2013: First Edition Revision History for the First Edition: 2013-05-24: First release See http://oreilly.com/catalog/errata.csp?isbn=9781449360726 for release details. Nutshell Handbook, the Nutshell Handbook logo, and the O’Reilly logo are registered trademarks of O’Reilly Media, Inc. Functional JavaScript, the image of an eider duck, and related trade dress are trademarks of O’Reilly Media, Inc. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and O’Reilly Media, Inc., was aware of a trade‐ mark claim, the designations have been printed in caps or initial caps. While every precaution has been taken in the preparation of this book, the publisher and author assume no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein.
    [Show full text]
  • Kednos PL/I for Openvms Systems User Manual
    ) Kednos PL/I for OpenVMS Systems User Manual Order Number: AA-H951E-TM November 2003 This manual provides an overview of the PL/I programming language. It explains programming with Kednos PL/I on OpenVMS VAX Systems and OpenVMS Alpha Systems. It also describes the operation of the Kednos PL/I compilers and the features of the operating systems that are important to the PL/I programmer. Revision/Update Information: This revised manual supersedes the PL/I User’s Manual for VAX VMS, Order Number AA-H951D-TL. Operating System and Version: For Kednos PL/I for OpenVMS VAX: OpenVMS VAX Version 5.5 or higher For Kednos PL/I for OpenVMS Alpha: OpenVMS Alpha Version 6.2 or higher Software Version: Kednos PL/I Version 3.8 for OpenVMS VAX Kednos PL/I Version 4.4 for OpenVMS Alpha Published by: Kednos Corporation, Pebble Beach, CA, www.Kednos.com First Printing, August 1980 Revised, November 1983 Updated, April 1985 Revised, April 1987 Revised, January 1992 Revised, May 1992 Revised, November 1993 Revised, April 1995 Revised, October 1995 Revised, November 2003 Kednos Corporation makes no representations that the use of its products in the manner described in this publication will not infringe on existing or future patent rights, nor do the descriptions contained in this publication imply the granting of licenses to make, use, or sell equipment or software in accordance with the description. Possession, use, or copying of the software described in this publication is authorized only pursuant to a valid written license from Kednos Corporation or an anthorized sublicensor.
    [Show full text]
  • Stephanie Weirich –
    Stephanie Weirich School of Engineering and Science, University of Pennsylvania Levine 510, 3330 Walnut St, Philadelphia, PA 19104 215-573-2821 • [email protected] July 13, 2021 Positions University of Pennsylvania Philadelphia, Pennsylvania ENIAC President’s Distinguished Professor September 2019-present Galois, Inc Portland, Oregon Visiting Scientist June 2018-August 2019 University of Pennsylvania Philadelphia, Pennsylvania Professor July 2015-August 2019 University of Pennsylvania Philadelphia, Pennsylvania Associate Professor July 2008-June 2015 University of Cambridge Cambridge, UK Visitor August 2009-July 2010 Microsoft Research Cambridge, UK Visiting Researcher September-November 2009 University of Pennsylvania Philadelphia, Pennsylvania Assistant Professor July 2002-July 2008 Cornell University Ithaca, New York Instructor, Research Assistant and Teaching AssistantAugust 1996-July 2002 Lucent Technologies Murray Hill, New Jersey Intern June-July 1999 Education Cornell University Ithaca, NY Ph.D., Computer Science 2002 Cornell University Ithaca, NY M.S., Computer Science 2000 Rice University Houston, TX B.A., Computer Science, magnum cum laude 1996 Honors ○␣ SIGPLAN Robin Milner Young Researcher award, 2016 ○␣ Most Influential ICFP 2006 Paper, awarded in 2016 ○␣ Microsoft Outstanding Collaborator, 2016 ○␣ Penn Engineering Fellow, University of Pennsylvania, 2014 ○␣ Institute for Defense Analyses Computer Science Study Panel, 2007 ○␣ National Science Foundation CAREER Award, 2003 ○␣ Intel Graduate Student Fellowship, 2000–2001
    [Show full text]
  • Submission Data for 2020-2021 CORE Conference Ranking Process International Conference on Functional Programming
    Submission Data for 2020-2021 CORE conference Ranking process International Conference on Functional Programming Jeremy Gibbons Conference Details Conference Title: International Conference on Functional Programming Acronym : ICFP Rank: A* Requested Rank Rank: A* Recent Years Proceedings Publishing Style Proceedings Publishing: journal Link to most recent proceedings: https://dblp.uni-trier.de/db/journals/pacmpl/pacmpl4.html#nrICFP Further details: ACM introduced the PACM series of journals in 2017 for ”the best conferences published by ACM”, for publishing the proceedings of conferences with a two-phase reviewing process comparable to journal reviewing ( https://www.acm.org/publications/pacm/introducing-pacm). In particular, Proceedings of the ACM on Programming Languages (PACMPL) has published the proceedings of ICFP, OOPSLA, and POPL since September 2017 ( https://dl.acm.org/journal/pacmpl). It is published Gold Open Access. Most Recent Years Most Recent Year Year: 2019 URL: https://icfp19.sigplan.org/ Location: Berlin Papers submitted: 119 Papers published: 39 Acceptance rate: 33 Source for numbers: SlidesfromPCChair'sreport General Chairs Name: Derek Dreyer Affiliation: MPS-SWS Gender: M H Index: 33 GScholar url: https://scholar.google.com/citations?user=1_c89uMAAAAJ&hl=en DBLP url: Program Chairs Name: Francois Pottier Affiliation: INRIA Gender: M H Index: 30 GScholar url: https://scholar.google.com/citations?user=7R6jcZ0AAAAJ&hl=en DBLP url: 1 Second Most Recent Year Year: 2018 URL: https://icfp18.sigplan.org/ Location: St Louis, Missouri
    [Show full text]
  • Combinatorial Species and Labelled Structures Brent Yorgey University of Pennsylvania, [email protected]
    University of Pennsylvania ScholarlyCommons Publicly Accessible Penn Dissertations 1-1-2014 Combinatorial Species and Labelled Structures Brent Yorgey University of Pennsylvania, [email protected] Follow this and additional works at: http://repository.upenn.edu/edissertations Part of the Computer Sciences Commons, and the Mathematics Commons Recommended Citation Yorgey, Brent, "Combinatorial Species and Labelled Structures" (2014). Publicly Accessible Penn Dissertations. 1512. http://repository.upenn.edu/edissertations/1512 This paper is posted at ScholarlyCommons. http://repository.upenn.edu/edissertations/1512 For more information, please contact [email protected]. Combinatorial Species and Labelled Structures Abstract The theory of combinatorial species was developed in the 1980s as part of the mathematical subfield of enumerative combinatorics, unifying and putting on a firmer theoretical basis a collection of techniques centered around generating functions. The theory of algebraic data types was developed, around the same time, in functional programming languages such as Hope and Miranda, and is still used today in languages such as Haskell, the ML family, and Scala. Despite their disparate origins, the two theories have striking similarities. In particular, both constitute algebraic frameworks in which to construct structures of interest. Though the similarity has not gone unnoticed, a link between combinatorial species and algebraic data types has never been systematically explored. This dissertation lays the theoretical groundwork for a precise—and, hopefully, useful—bridge bewteen the two theories. One of the key contributions is to port the theory of species from a classical, untyped set theory to a constructive type theory. This porting process is nontrivial, and involves fundamental issues related to equality and finiteness; the recently developed homotopy type theory is put to good use formalizing these issues in a satisfactory way.
    [Show full text]
  • Chapter 4 Introduction to UNIX Systems Programming
    Chapter 4 Introduction to UNIX Systems Programming 4.1 Introduction Last chapter covered how to use UNIX from from a shell program using UNIX commands. These commands are programs that are written in C that interact with the UNIX environment using functions called Systems Calls. This chapter covers this Systems Calls and how to use them inside a program. 4.2 What is an Operating System An Operating System is a program that sits between the hardware and the application programs. Like any other program it has a main() function and it is built like any other program with a compiler and a linker. However it is built with some special parameters so the starting address is the boot address where the CPU will jump to start the operating system when the system boots. Draft An operating system typically offers the following functionality: ● Multitasking The Operating System will allow multiple programs to run simultaneously in the same computer. The Operating System will schedule the programs in the multiple processors of the computer even when the number of running programs exceeds the number of processors or cores. ● Multiuser The Operating System will allow multiple users to use simultaneously in the same computer. ● File system © 2014 Gustavo Rodriguez-Rivera and Justin Ennen,Introduction to Systems Programming: a Hands-on Approach (V2014-10-27) (systemsprogrammingbook.com) It allows to store files in disk or other media. ● Networking It gives access to the local network and internet ● Window System It provides a Graphical User Interface ● Standard Programs It also includes programs such as file utilities, task manager, editors, compilers, web browser, etc.
    [Show full text]
  • Stephanie Weirich –
    Stephanie Weirich School of Engineering and Science, University of Pennsylvania Levine 510, 3330 Walnut St, Philadelphia, PA 19104 215-573-2821 • [email protected] • June 21, 2014 Education Cornell University Ithaca, NY Ph.D., Computer Science August 2002 Cornell University Ithaca, NY M.S., Computer Science August 2000 Rice University Houston, TX B.A., Computer Science May 1996 magnum cum laude Positions Held University of Pennsylvania Philadelphia, Pennsylvania Associate Professor July 2008-present University of Cambridge Cambridge, UK Visitor August 2009-July 2010 Microsoft Research Cambridge, UK Visiting Researcher September-November 2009 University of Pennsylvania Philadelphia, Pennsylvania Assistant Professor July 2002-July 2008 Cornell University Ithaca, New York Instructor, Research Assistant and Teaching Assistant August 1996-July 2002 Lucent Technologies Murray Hill, New Jersey Intern June-July 1999 Research Interests Programming languages, Type systems, Functional programming, Generic programming, De- pendent types, Program verification, Proof assistants Honors Penn Engineering Fellow, University of Pennsylvania, 2014. Institute for Defense Analyses Computer Science Study Panel, 2007. National Science Foundation CAREER Award, 2003. Intel Graduate Student Fellowship, 2000–2001. National Science Foundation Graduate Research Fellowship, 1996–1999. CRA-W Distributed Mentorship Project Award, 1996. Microsoft Technical Scholar, 1995–1996. Technical Society Membership Association for Computing Machinery, 1998-present ACM SIGPLAN, 1998-present ACM SIGLOG, 2014-present IFIP Working Group 2.8 (Functional Programming), 2003-present IFIP Working Group 2.11 (Program Generation), 2007-2012 Teaching Experience CIS 120 - Programming Languages and Techniques I CIS 552 - Advanced Programming CIS 670/700 - Advanced topics in Programming Languages CIS 500 - Software Foundations CIS 341 - Programming Languages Students Dissertation supervision...................................................................................
    [Show full text]
  • Lecture 24 Systems Programming in C
    Lecture 24 Systems Programming in C A process is a currently executing instance of a program. All programs by default execute in the user mode. A C program can invoke UNIX system calls directly. A system call can be defined as a request to the operating system to do something on behalf of the program. During the execution of a system call , the mode is change from user mode to kernel mode (or system mode) to allow the execution of the system call. The kernel, the core of the operating system program in fact has control over everything. All OS software is trusted and executed without any further verification. All other software needs to request kernel mode using specific system calls to create new processes and manage I/O. A high level programmer does not have to worry about the mode change from user-mode to kernel-mode as it is handled by a predefined library of system calls. Unlike processes in user mode, which can be replaced by another process at any time, a process in kernel mode cannot be arbitrarily replaced by another process. A process in kernel mode can only be suspended by an interrupt or exception. A C system call software instruction generates an OS interrupt commonly called the operating system trap . The system call interface handles these interruptions in a special way. The C library function passes a unique number corresponding to the system call to the kernel, so kernel can determine the specific system call user is invoking. After executing the kernel command the operating system trap is released and the system returns to user mode.
    [Show full text]
  • 8297 SYSTEMS PROGRAMMER 1 Nature of Work Under General
    8297 SYSTEMS PROGRAMMER 1 Nature of Work Under general supervision, an employee in this class performs work of considerable difficulty to provide software support through installing and maintaining software systems such as TSO, IMS, TMS, SAS, CICS, WYLBUR, or other major subsystems. Work includes monitoring, debugging, updating and controlling software packages which interface with application programs of the various users. The incumbent works closely with higher level Systems Programmers on the more complex aspects of installations to assure compatibility with existing software/hardware environment. The incumbent participates in self-study and on-the-job training to improve skills in complex systems programming. An irregular work schedule and on-call duty is required of the position. May function as a consultant in the choice of installation and implementation of office automation equipment and software; the assignments involve multiple application, multiple platforms and complex, interdepartmental communications. Performs related work as required. Distinguishing Characteristics Systems Programmer 1 provides software support for systems which affect a large percentage of the user community. Errors in judgment at this level could affect a number of user operations for a period of time; however, the central mainframe system would continue to operate. Systems Programmer 2 provides support for major software systems; errors in judgment at this level could shut-down the entire central mainframe system. Examples of Work Installs and maintains systems software packages or data base management and data communications systems. Receives advanced training to improve techniques and methodologies used in support of complex host resident software packages. Monitors computer performance to identify, correct and/or improve the operational efficiency of the hardware/software configuration.
    [Show full text]
  • Uusi Hakemisto
    214 6. Tunneling 215 ROCK EXCAVATION HANDBOOK 6.1. GENERAL SELECTING TUNNELING METHODS In modern tunnel and underground cavern excavation, it is possible to select from many dif- ferent methods. The following factors should be taken into consideration when selecting the method: - Tunnel dimensions - Tunnel geometry - Length of tunnel, total volume to be excavated - Geological and rock mechanical conditions - Ground water level and expected water inflow - Vibration restrictions FIGURE 6.1.-2. Range of methods compared to uniaxal compressive strength. - Allowed ground settlements The methods can be divided into drill & blast, and mechanical excavation. Mechanical meth- ods can be split further to partial face (e.g. roadheaders, hammers, excavators) or full face (TBM, shield, pipe jacking, micro tunneling). FIGURE 6.1.-1. Tunneling methods in different rock/soil conditions. The drill & blast method is still the most typical method for medium to hard rock conditions. It can be applied to a wide range of rock conditions. Some of its features include versatile equipment, fast start-up and relatively low capital cost tied to the equipment. On the other hand, the cyclic nature of the drill & blast method requires good work site organization. FIGURE 6.1.-3. Drill and blast cycle. Blast vibrations and noise also restrict the use of drill & blast in urban areas. 216 6. Tunneling 217 ROCK EXCAVATION HANDBOOK Hard-rock TBMs can be used in relatively soft to hard rock conditions, and best when rock DRIFTING AND TUNNELING fracturing & weakness zones are predictable. The TBM is most economical method for longer tunnel lengths, in which its high investment cost and timely build-up can be utilized by the Many mines and excavation sites still plan their drilling patterns manually, but advanced high advance rate of excavation.
    [Show full text]