Akhil Arora (Aarhus University) and I are running a half-day tutorial at SOSP 2026 this fall.
The tutorial is called HARNESS (Hardening Agent Runtimes: Networking, Execution, State, Security). It covers the systems side of always-on agents: the kind that run persistently, hold long-lived authority over tools, and accumulate state and failure modes over time.
Most agent tutorials focus on prompt engineering or model selection. This one focuses on what happens after deployment: isolation, tool policies, crash recovery, observability, and the runtime machinery that keeps an agent from drifting into dangerous territory.
The format is two concept blocks interleaved with two hands-on labs. Participants deploy an agent locally using OpenClaw, add custom tools via MCP, apply restrictive policies, inject faults (crash recovery, prompt injection, resource exhaustion, memory poisoning), and iterate on the configuration based on what they observe in session transcripts and traces.
No cloud accounts or API keys needed. Everything runs locally in Docker.
More details and materials on the tutorial website.