This goal of this project is to develop a flexible, open runtime that allows for the safe execution of distinct, connected programs from untrusted sources on the JVM. Executing unsafe, unverified code is, of course, a major security concern, which must be dealt with by carefully designing the system to guard effectively against possible attacks and exploits. In this thesis, I will describe the in-depth construction and inner working of such a system, and its supplementary management modules. Used security measures are based largely on the java platform's security capabilities, extended with custom solutions.
The framework also defines the model, based on which client programs may be created for it in an idiomatic, intuitive manner; fitting the control structure of most commonly used programming languages — especially the host java language. I will demonstrate a typical usage of the runtime via an example project, describing in detail the design decisions and implementation concerns that may arise during development.
Finally, the project realizes a control system that utilizes the aforementioned secure framework, and provides management- and information display capabilities toward end-users.