Deep Understanding of Complex High-Assurance Hypervisor Source Code
Agency / Branch:
DOD / OSD
Hypervisors offer a virtualization platform that is cost effective and attractive from a security point of view because guest operating systems are independent of each other. However, these claims of independence must be certified before it is permitted to use a hypervisor in a security-critical environment. The cost to perform a Common Criteria security evaluation of such low-level system code is very high, and the complexity of the code often thwarts automated tools that could help. In Phase I we developed a prototype of a tool that is capable of handling this complexity. This prototype provides features for visualization of the program's call graph, tightly coupled with textual views of the source code, and features such as program slicing. It is capable of analyzing both C/C++ source code and modules written in assembly language. The prototype builds on an existing technology infrastructure in use in commercial products and for several other research prototypes. In Phase II, we propose to continue work on this tool to move it to an advanced technology readiness level. The path to commercialization of this work involves transitioning the prototype to an existing successful product suite.
Small Business Information at Submission:
317 N. Aurora Street Ithaca, NY 14850
Number of Employees: