This paper presents the first results from the ongoing research project HASPOC, developing a high assurance virtualization platform for the ARMv8 CPU architecture. Formal verification at machine code level guarantees information isolation between different guest systems (e.g.~OSs) running on the platform. To use the platform in networking scenarios, we allow guest systems to securely communicate with each other via platform-provided communication channels and to take exclusive control of peripherals for communication with the outside world. The isolation is shown to be formally equivalent to that of guests executing on physically separate platforms with dedicated communication channels crossing the air-gap. Common Criteria (CC) assurance me...
We present the design of a trusted platform module (TPM) that supports hardware-based virtualization...
In recent years, powerful handheld computing devices such as personal digital assistants and mobile ...
We present an analysis of the virtualizability of the ARMv7-A architecture carried out in the contex...
This paper presents the first results from the ongoing research project HASPOC, developing a high as...
With commodity operating systems failing to establish unbreakable isolation of processes, there is a...
The isolation of security critical components from an untrusted OS allows to both protect applicatio...
The need for security and virtualization capabilities in modern cyber-physical systems is increasing...
With the advent of the mobile industry, we face new security challenges. ARM architecture is deploye...
The security of embedded systems can be dramatically improved through the use of formally verified i...
In order to host a general purpose operating system, hypervisors need to virtualize the CPU memory s...
Virtual memory is an essential mechanism for enforcing security boundaries, but its relaxed-memory c...
The security of embedded systems can be dramatically improved through the use of formally verified i...
The isolation of security critical components from an untrusted OS allows to both protect applicatio...
The advances and adoption of Trusted Computing and hardware assisted virtualisation technologies in ...
peer-reviewedTrusted Computing is a relatively new approach to computer security in which a system s...
We present the design of a trusted platform module (TPM) that supports hardware-based virtualization...
In recent years, powerful handheld computing devices such as personal digital assistants and mobile ...
We present an analysis of the virtualizability of the ARMv7-A architecture carried out in the contex...
This paper presents the first results from the ongoing research project HASPOC, developing a high as...
With commodity operating systems failing to establish unbreakable isolation of processes, there is a...
The isolation of security critical components from an untrusted OS allows to both protect applicatio...
The need for security and virtualization capabilities in modern cyber-physical systems is increasing...
With the advent of the mobile industry, we face new security challenges. ARM architecture is deploye...
The security of embedded systems can be dramatically improved through the use of formally verified i...
In order to host a general purpose operating system, hypervisors need to virtualize the CPU memory s...
Virtual memory is an essential mechanism for enforcing security boundaries, but its relaxed-memory c...
The security of embedded systems can be dramatically improved through the use of formally verified i...
The isolation of security critical components from an untrusted OS allows to both protect applicatio...
The advances and adoption of Trusted Computing and hardware assisted virtualisation technologies in ...
peer-reviewedTrusted Computing is a relatively new approach to computer security in which a system s...
We present the design of a trusted platform module (TPM) that supports hardware-based virtualization...
In recent years, powerful handheld computing devices such as personal digital assistants and mobile ...
We present an analysis of the virtualizability of the ARMv7-A architecture carried out in the contex...