VirtualCert is a machine-checked model of virtualization that can be used to reason about isolation between operating systems in presence of cache-based side-channels. In contrast to most prominent projects on operating systems verification, where such guarantees are proved directly on concrete implementations of hypervisors, VirtualCert abstracts away most implementations issues and specifies the effects of hypervisor actions axiomatically, in terms of preconditions and postconditions. Unfortunately, seemingly innocuous implementation issues are often relevant for security. Incorporating the treatment of errors into VirtualCert is therefore an important step towards strengthening the isolation theorems proved in earlier work. In this paper...
Virtualization promises significant benefits in security, efficiency, dependability, and cost. Achie...
(27 pages)We propose a deductive-verification approach for proving partial-correctness and invarianc...
The isolation among physically co-located virtual machines is an important prerequisite for ensuring...
Virtualization software is increasingly a part of the infrastructure behind our online activities. C...
A hypervisor is a software which virtualizes hardware resources, allowing several guest operating sy...
Over the last years, security-kernels have played a promising role in reshaping the landscape of pla...
In order to host a general purpose operating system, hypervisors need to virtualize the CPU memory s...
Hypervisors are a popular mechanism for implementing software virtualization. Since hypervisors exec...
AbstractThe paper discusses the constructive framework for writing hypervisor on the top of the VM. ...
The security of embedded systems can be dramatically improved through the use of formally verified i...
The isolation of security critical components from an untrusted OS allows to both protect applicatio...
The business world is exhibiting a growing dependency on computer systems, their operations and th...
International audienceRIOT is a micro-kernel dedicated to IoT applications that adopts eBPF (extende...
Virtual memory is an essential mechanism for enforcing security boundaries, but its relaxed-memory c...
This paper presents the first results from the ongoing research project HASPOC, developing a high as...
Virtualization promises significant benefits in security, efficiency, dependability, and cost. Achie...
(27 pages)We propose a deductive-verification approach for proving partial-correctness and invarianc...
The isolation among physically co-located virtual machines is an important prerequisite for ensuring...
Virtualization software is increasingly a part of the infrastructure behind our online activities. C...
A hypervisor is a software which virtualizes hardware resources, allowing several guest operating sy...
Over the last years, security-kernels have played a promising role in reshaping the landscape of pla...
In order to host a general purpose operating system, hypervisors need to virtualize the CPU memory s...
Hypervisors are a popular mechanism for implementing software virtualization. Since hypervisors exec...
AbstractThe paper discusses the constructive framework for writing hypervisor on the top of the VM. ...
The security of embedded systems can be dramatically improved through the use of formally verified i...
The isolation of security critical components from an untrusted OS allows to both protect applicatio...
The business world is exhibiting a growing dependency on computer systems, their operations and th...
International audienceRIOT is a micro-kernel dedicated to IoT applications that adopts eBPF (extende...
Virtual memory is an essential mechanism for enforcing security boundaries, but its relaxed-memory c...
This paper presents the first results from the ongoing research project HASPOC, developing a high as...
Virtualization promises significant benefits in security, efficiency, dependability, and cost. Achie...
(27 pages)We propose a deductive-verification approach for proving partial-correctness and invarianc...
The isolation among physically co-located virtual machines is an important prerequisite for ensuring...