You are here
Deep Understanding of Complex High-Assurance Hypervisor Source Code
Title: VP of Engineering
Phone: (607) 273-7340
Email: paul@grammatech.com
Title: CEO and Chairman
Phone: (607) 273-7340
Email: tt@grammatech.com
Hypervisors offer a virtualization platform that is cost effective and attractive from a security point of view because guest operating systems are independent of each other. However, these claims of independence must be certified before it is permitted to use a hypervisor in a security-critical environment. The cost to perform a Common Criteria security evaluation of such low-level system code is very high, and the complexity of the code often thwarts automated tools that could help. We propose to work on advanced static analysis techniques to help reduce this cost by providing user interfaces that aid a user gain understanding of the functionality of the code. When risky features are identified, the hypervisor can be refactored to remove them. The same static analysis techniques can be used to help assess the impact of the refactoring on the remainder of the code. These techniques will include advanced versions of program slicing and chopping, and software model checking. Variations of more superficial techniques will also be explored. The work will build on our existing static analysis platform. We will work closely with the customer and with existing customers involved in performing such certifications.
* Information listed above is at the time of submission. *