SlideShare uma empresa Scribd logo

Fosdem 18: Securing embedded Systems using Virtualization

The Linux Foundation
The Linux Foundation

Hypervisors were once seen as purely cloud and server technologies, but have slowly seeped into the embedded space providing extra layers of security. This discussion will showcase how companies from security vendors to automotive are using open source hypervisors (particularly Xen Project) to secure embedded systems, what challenges they face and how they have overcome it. We will also explore what this might mean to IoT at large and how to get started in securing your embedded system with a hypervisor-first approach. Hypervisors were once seen as purely cloud and server technologies, but have slowly seeped into the embedded space providing extra layers of security. This discussion will showcase how companies from security vendors to automotive are using open source hypervisors (particularly Xen Project) to secure embedded systems, what challenges they face and how they have overcome it. We will also explore what this might mean to IoT at large and how to get started in securing your embedded system with a hypervisor-first approach. The topic will cover content such as: * Why virtualisation in embedded * Hypervisor architectures on ARM and a quick roundup of examples * Relevant security technologies * Specific requirements for embedded systems * Example usage of FOSS based hypervisors in embedded * Challenges such as safety certification and how this may be approached

Tecnologia
1 de 41
Baixar para ler offline
Lars Kurth Community Manager, Xen Project Chairman, Xen Project Advisory Board Director, Open Source, Citrix lars_kurth larskurth www.slideshare.net/xen_com_mgr/presentations
Consolidation Reduce cost, size, weight and power consumption Reduce development costs: platform independence Security and Safety Support mixed criticality compositions (Apps with differing safety, security & real-time requirements) Safety Certification of the Hypervisor Embedded Requirements Minimal IRQ latency Low or 0 scheduling overhead Drivers for special I/O devices Flexible architecture
EL0/PL0 least privileged mode used for applications (user mode) EL1/PL1 privileged mode used for running kernels such as the Linux kernel EL2/PL2 This has a higher level of privilege and can be used to run a hypervisor which takes control of the system and can host multiple "guest" operating systems
EL2 EL1 EL0 Guest Kernel Guest Kernel Guest Userspace Guest Userspace Host Userspace Host Kernel + Hypervisor Native DDs Type 2 with VHE/ARMv8.1 (e.g. KVM) Guest Kernel Guest Kernel Guest Userspace Guest Userspace Guest Userspace Guest Kernel Hypervisor Traditional Embedded Type 1 Hypervisor Native DDs
A dual license (GPLv2) “microvisor” implementation by KernKonzept l4re.org & kernkonzept.com/l4re.html (10-20 employees) No public repositories (only code snapshots) Requires CLA (Grant of © and patent license) Written specifically for mixed criticality compositions Typical µkernel design Kernel: address spaces, threads and IPC Everything else in user space (device drivers, apps, policy) Solid feature set: PV Linux implementation (L4Linux) ● µApps (native & Posix) ● device pass-through ● … Also see: – The L4Re Open Source Microvisor System: goo.gl/SNczQ2
github.com/siemens/jailhouse Lightweight (sub 10k LoC) partitioning hypervisor by Siemens Linux used for bootstrap and control of partitions Focus is on partitioning and not on virtualization No scheduler, no IO emulator, etc. Appears to have good basic feature set, with key areas WIP: cache region, config tools, ARM64 support fairly new Also see: – AGL Talk May2017: goo.gl/6HHY5a
xenproject.org General purpose hypervisor used in a wide range of supported use- cases and products in different markets (including embedded, military/aviation, medical, automotive) Linux or NetBSD used for bootstrap, control plane and drivers Expansive feature set, that is highly customizable and flexible Strong and diverse open source community
EL2 EL1 EL0 Xen Project Hypervisor Guest Kernel Guest Kernel Guest Userspace Guest Userspace Strong Isolation Device Drivers run in EL1, not EL2 Protected Address Spaces: Grant tables Trusted Computing Base (TCB) Dom0 Kernel Native DDs Dom0 Userspace Toolstack
EL1 EL2 EL0 Xen Project Hypervisor Guest Kernel Guest Kernel Guest Userspace Guest Userspace Control Plane Server: sysadmin Embedded: config/setup, system health monitoring (watchdog), maintenance, SW updates, … Dom0 Kernel Native DDs Dom0 Userspace Toolstack
Existing net, block, console keyboard, mouse, USB framebuffer, GPU sharing* New in Xen 4.9, more in 4.11 9pfs (share a filesystem between VMs) Pvcalls (forward POSIX calls across VMs) multitouch, sound, display, DRM Developing New Ones Easy to write (GPL and BSD samples) Kernel and User Space *) A number of different approaches by different vendors in different market segments are being deployed, which are PV-like, but not strictly a PV protocol
System Partitioning Sandboxing drivers & system components Fine-grain control of VM capabilities Enables multi-layered security approach Other Security Features Trusted Execution Environment (TEE) Virtual Machine Introspection, alt2pm Live Patching
Meltdown Cannot be exploited from a fully virtualized (i.e. ARM, HVM or PVH) ➜ Fully virtualized VMs offer significant protection against Meltdown Spectre On current information: substantially harder to exploit under Xen than under monolithic kernels because there are significantly fewer options for the attacker to interact with the hypervisor – Attacker needs a suitable "gadget" running inside of the Hypervisor GPZ use the eBPF engine to execute a gadget written by them, designed to 'leak' the maximum amount of information – Initial analysis: Xen has nothing similar to eBPF
Guest Kernel Xen Project Hypervisor Driver Domain Guest OS*: Linux, BSD, MiniOS, unikernel, … Disk Controller Guest Kernel* Storage Domain Disk Driver Guest Kernel* Network Domain Network Driver Network Controller BlockFront Driver BlockBack Driver Dom0 Kernel Application NetFront Driver NetBack Driver
Attack Surface Reduction Similar to Linux Security Modules/SELinux Same policy syntax as SELinux Different types, roles, users and attributes Same tools for policy compilation / verification (checkpolicy) Enabled by KCONFIG VM hypervisor domain(self) domain(other) memory (grant, mmu, shadow) inter-VM communicationpassthroughsecurity config Fine-grained policy, controlling which hypervisor functionality is accessible to this (class of) VM Effect: limit what an exploit in this VM could do
Pratap Sankar @ Flickr Documentation wiki.xenproject.org/wiki/Dom0_Disaggregation wiki.xenproject.org/wiki/Xen_Security_Modules_:_XSM-FLASK
Pratap Sankar @ Flickr Crucible:Defense starlab.io Xen Project based virtualization platform for technology protection, cyber-hardening, and system integrity for aerospace & defense systems Qubes OS www.qubes-os.org Secure OS OpenXT www.openxt.org FOSS Platform for security research, security applications and embedded appliance integration building on Xen & OpenEmbedded Virtual Machine Introspection based security Solutions Bitdefender Hypervisor Introspection Zentific Zazen
User defined App VMs for individual apps or groups of apps USB Service Domain Banking Domain Personal Domain Firewall VM enforces network policies Network Domain Dom0 Secure UI and sysadmin domain
Xen supports several different schedulers with different properties.
Xen supports several different schedulers with different properties. Regular VM scheduler (Credit) Hard real-time (ARINC653) Dedicated to 1 VM via pinning and Null scheduler  no scheduler overheads Soft real-time (RTDS)
Scheduler Use-cases Today Future plans Credit General Purpose Supported Default Supported Optional Credit 2 General Purpose Optimized for lower latency, higher VM density Supported Default RTDS Soft & Firm Real-time Multicore Embedded, Automotive, Graphics & Gaming in the Cloud, Low Latency Workloads Experimental Better XL support <1μs granularity Supported Hardening Optimization ARINC 653 Hard Real-time Single core Avionics, Drones, Medical Supported Enable via KCONFIG Null Hard Real-time Experimental (Xen 4.10) Supported
vCPU 0 pCPU 0 vCPU 1 pCPU 1 irq 109 virq 109 IRQ injection Always on the CPU running the vCPU
vCPU 0 pCPU 0 irq 109 virq 109 vCPU 1 pCPU 1 IF vIRQ target changes or vCPU is moved THEN vIRQ is moved immediately virq 109
vCPU 0 pCPU 0 vCPU 1 pCPU 1 irq 109 virq 109 IRQs always shadow the vIRQ  minimizes latency Xilinx ZynqMP board (four Cortex A53 cores, GICv2) WARM_MAX (excluding the first 3 interrupts): <2000ns Without Null scheduler See blog.xenproject.org/2017/03/20/xen-on-arm- interrupt-latency/
Code Quality: compliance CERT/MISRA coding standards Typically enforced through static analysis tools Xen Project is working through issues partnering with a tools vendor Certification Artefact Preparation: Retrofitting required artefacts covering use-case requirements to code Access to original developers can be key (otherwise rely solely on git/mailing list archaeology) Development Process: OSS development process is non-compliant with safety standards But there are routes to assess non-compliant code (e.g. IEC 61508-3 Route 3s) ➜ extra artefacts Cost/Sharing Cost: The cost of safety certification is high (25-75% of development cost) ➜ disincentive to share cost Could be done through a consortium sharing the cost of certifying an official minimal base configuration Domain specific certification standards ➜ limits ability to share cost Liability/Accountable owner: Someone to blame and deal with issues ➜ makes sharing costs harder
Pratap Sankar @ Flickr AIS ainfosec.com BAE Systems baesystems.com Galois galois.com Maintain FreeRTOS Xen Port Developed and maintain HalVM Dornerworks dornerworks.com/xen Consulting Xen Embedded Distros Virtuosity for Xilinx Zynq Virtuosity for NXP i.MX 8 Virtuosity (formerly ARLX) DO-178 (EAL6+), IEC 62304, ISO 26262 MILS EAL FACE, VICTORY, ARINC 653 Starlab starlab.io Crucible and Crucible:Defense Xen embedded hypervisor In progress: DO-178, MILS EAL Uses a minimal Dom0, disaggregation and XSM/FLASK Precedents of safety certification for Xen based systems www.slideshare.net/xen_com_mgr/art-certification & www.youtube.com/watch?v=UyW5ul_1ct0 www.linux.com/news/xen-project/2017/2/how-shrink-attack-surfaces-hypervisor
Pratap Sankar @ Flickr LG Electronics Demo bit.do/lg-xen-demo-2016 Bosch Car GmbH Contributions 10 smaller features in 2016 Perseus Founded by Xen maintainer bit.do/perseus-2017 GlobalLogic Product: Nautilus bit.do/gl-nautilus First product in production expected in 2018 Supports: HW: Renesas R-Car Gen2 & Gen3, TI Jacinto6, Intel Apollo Lake, Qualcomm 410C, Sinlinx A33 Guests: Linux up to 4.9  Android M, N, N-Car  QNX, ThreadX, FreeRTOS PV Drivers for: GPU, Audio, HW accelerated Video codecs, DRM, … Contributions: 27 smaller features from 2013 to 2016 EPAM Demo Next slide Interesting Features: Container based telematics applications running in a Xen VM that can be downloaded from a cloud service Ongoing Contributions: ABIs for PV Sound, PV Display & PV DRM Leading development of co-processor sharing framework
Pratap Sankar @ Flickr xenbits.xenproject.org/people/larsk/ LCC17 - The Internet of Transportation[1080P].MP4
Pratap Sankar @ Flickr
AWS Dom0 - Control DomD – HW Drivers & Cluster Wayland/Weston OpenGL ES Linux Kernel with GPU and other HW Drivers ALSA w PV_ALSAS_BE DomU Fusion Container mgmt tool Linux Kernel w/o HW Drivers Minimal rootfs with systems library Telematics simulation Agent (Acceleration, Braking, Corning, GPS) DomU – Linux IVI MW Frameworks PV DISPLAY Linux Kernel with GPU and w/o other HW Drivers PV EVENTS PV SOUND IVI Simulation App Trusted Apps TrustZone Hypervisor R-Car H3 Platform OP-TEE OS TZ monitor Driver Behavior Based Insurance Backend Telematics Simulation Agent ver 2.0 Telematics Simulation Agent ver 1.0 Monitoring Dashboard Wayland BE (Events/Display) Cluster Simulation AppDom0 Services Minimal rootfs Linux Kernel w/o HW Drivers Containers
Picture by Lars Kurth
Extremely Flexible and Versatile Proven in many different markets Easy to port to new environments Easy to develop new PV drivers Highly customizable Security and Resilience Isolation, Partitioning, Security Features Functional Safety Examples of Safety Certification Looking at ways to make this easier and cheaper Engaging with other groups looking at this (e.g. AGL, …) Challenges still being addressed Standardization of more I/O devices via PV protocols Standardization of GPU and co-processor sharing RTOS or other minimal OS as Dom0 Testing of embedded Hardware by the project Picture by Lars Kurth
xenbits.xenproject.org/people/larsk Picture by Lars Kurth
Developer Portal: bit.do/xen-devs Xen on ARM whitepaper: bit.do/xenarm-white Xen on ARM wiki: bit.do/xenarm-wiki Port Xen to a new SOC: bit.do/xenarm-porting Add Xen support Xen to your OS: bit.do/xenarm-os Device Passthrough presentation: bit.do/xenarm-pt OE meta-virtualization Xen recipe: bit.do/xenmeta OpenXT (Xen + OpenEmbedded): openxt.org Xenbedded presentation: bit.do/xenbedded Monthly ARM Community Call: bit.do/xenarm-call

Recomendados

Xen Project 15 Years down the Line
Xen Project 15 Years down the LineXen Project 15 Years down the Line
Xen Project 15 Years down the Line
The Linux Foundation
 
LFCollab14: Xen vs Xen Automotive
LFCollab14: Xen vs Xen AutomotiveLFCollab14: Xen vs Xen Automotive
LFCollab14: Xen vs Xen Automotive
The Linux Foundation
 
ALSS14: Xen Project Automotive Hypervisor (Demo)
ALSS14: Xen Project Automotive Hypervisor (Demo)ALSS14: Xen Project Automotive Hypervisor (Demo)
ALSS14: Xen Project Automotive Hypervisor (Demo)
The Linux Foundation
 
XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...
XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...
XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...
The Linux Foundation
 
ELC21: VM-to-VM Communication Mechanisms for Embedded
ELC21: VM-to-VM Communication Mechanisms for EmbeddedELC21: VM-to-VM Communication Mechanisms for Embedded
ELC21: VM-to-VM Communication Mechanisms for Embedded
Stefano Stabellini
 
Embedded Hypervisor for ARM
Embedded Hypervisor for ARMEmbedded Hypervisor for ARM
Embedded Hypervisor for ARM
National Cheng Kung University
 
Xen in Safety-Critical Systems - Critical Summit 2022
Xen in Safety-Critical Systems - Critical Summit 2022Xen in Safety-Critical Systems - Critical Summit 2022
Xen in Safety-Critical Systems - Critical Summit 2022
Stefano Stabellini
 
OSSNA18: Xen Beginners Training
OSSNA18: Xen Beginners Training OSSNA18: Xen Beginners Training
OSSNA18: Xen Beginners Training
The Linux Foundation
 

Recomendados

Xen Project 15 Years down the Line
Xen Project 15 Years down the LineXen Project 15 Years down the Line
Xen Project 15 Years down the Line
The Linux Foundation
 
LFCollab14: Xen vs Xen Automotive
LFCollab14: Xen vs Xen AutomotiveLFCollab14: Xen vs Xen Automotive
LFCollab14: Xen vs Xen Automotive
The Linux Foundation
 
ALSS14: Xen Project Automotive Hypervisor (Demo)
ALSS14: Xen Project Automotive Hypervisor (Demo)ALSS14: Xen Project Automotive Hypervisor (Demo)
ALSS14: Xen Project Automotive Hypervisor (Demo)
The Linux Foundation
 
XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...
XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...
XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...
The Linux Foundation
 
ELC21: VM-to-VM Communication Mechanisms for Embedded
ELC21: VM-to-VM Communication Mechanisms for EmbeddedELC21: VM-to-VM Communication Mechanisms for Embedded
ELC21: VM-to-VM Communication Mechanisms for Embedded
Stefano Stabellini
 
Embedded Hypervisor for ARM
Embedded Hypervisor for ARMEmbedded Hypervisor for ARM
Embedded Hypervisor for ARM
National Cheng Kung University
 
Xen in Safety-Critical Systems - Critical Summit 2022
Xen in Safety-Critical Systems - Critical Summit 2022Xen in Safety-Critical Systems - Critical Summit 2022
Xen in Safety-Critical Systems - Critical Summit 2022
Stefano Stabellini
 
OSSNA18: Xen Beginners Training
OSSNA18: Xen Beginners Training OSSNA18: Xen Beginners Training
OSSNA18: Xen Beginners Training
The Linux Foundation
 
Xen and the art of embedded virtualization (ELC 2017)
Xen and the art of embedded virtualization (ELC 2017)Xen and the art of embedded virtualization (ELC 2017)
Xen and the art of embedded virtualization (ELC 2017)
Stefano Stabellini
 
GPU Virtualization in Embedded Automotive Solutions
GPU Virtualization in Embedded Automotive SolutionsGPU Virtualization in Embedded Automotive Solutions
GPU Virtualization in Embedded Automotive Solutions
GlobalLogic Ukraine
 
Simultaneously Leveraging Linux and Android in a GENIVI compliant IVI System
Simultaneously Leveraging Linux and Android in a GENIVI compliant IVI System Simultaneously Leveraging Linux and Android in a GENIVI compliant IVI System
Simultaneously Leveraging Linux and Android in a GENIVI compliant IVI System
mentoresd
 
XPDDS18: Design and Implementation of Automotive: Virtualization Based on Xen...
XPDDS18: Design and Implementation of Automotive: Virtualization Based on Xen...XPDDS18: Design and Implementation of Automotive: Virtualization Based on Xen...
XPDDS18: Design and Implementation of Automotive: Virtualization Based on Xen...
The Linux Foundation
 
2018 Genivi Xen Overview Nov Update
2018 Genivi Xen Overview Nov Update2018 Genivi Xen Overview Nov Update
2018 Genivi Xen Overview Nov Update
The Linux Foundation
 
Android's HIDL: Treble in the HAL
Android's HIDL: Treble in the HALAndroid's HIDL: Treble in the HAL
Android's HIDL: Treble in the HAL
Opersys inc.
 
RunX: deploy real-time OSes as containers at the edge
RunX: deploy real-time OSes as containers at the edgeRunX: deploy real-time OSes as containers at the edge
RunX: deploy real-time OSes as containers at the edge
Stefano Stabellini
 
Disk Performance Comparison Xen v.s. KVM
Disk Performance Comparison Xen v.s. KVMDisk Performance Comparison Xen v.s. KVM
Disk Performance Comparison Xen v.s. KVM
nknytk
 
Embedded Linux on ARM
Embedded Linux on ARMEmbedded Linux on ARM
Embedded Linux on ARM
Emertxe Information Technologies Pvt Ltd
 
ALSF13: Xen on ARM - Virtualization for the Automotive Industry - Stefano Sta...
ALSF13: Xen on ARM - Virtualization for the Automotive Industry - Stefano Sta...ALSF13: Xen on ARM - Virtualization for the Automotive Industry - Stefano Sta...
ALSF13: Xen on ARM - Virtualization for the Automotive Industry - Stefano Sta...
The Linux Foundation
 
Embedded Android : System Development - Part III
Embedded Android : System Development - Part IIIEmbedded Android : System Development - Part III
Embedded Android : System Development - Part III
Emertxe Information Technologies Pvt Ltd
 
Xen Memory Management
Xen Memory ManagementXen Memory Management
Xen Memory Management
The Linux Foundation
 
U Boot or Universal Bootloader
U Boot or Universal BootloaderU Boot or Universal Bootloader
U Boot or Universal Bootloader
Satpal Parmar
 
Virtualization, A Concept Implementation of Cloud
Virtualization, A Concept Implementation of CloudVirtualization, A Concept Implementation of Cloud
Virtualization, A Concept Implementation of Cloud
Nishant Munjal
 
Trusted firmware deep_dive_v1.0_
Trusted firmware deep_dive_v1.0_Trusted firmware deep_dive_v1.0_
Trusted firmware deep_dive_v1.0_
Linaro
 
Android HAL Introduction: libhardware and its legacy
Android HAL Introduction: libhardware and its legacyAndroid HAL Introduction: libhardware and its legacy
Android HAL Introduction: libhardware and its legacy
Jollen Chen
 
Xen Debugging
Xen DebuggingXen Debugging
Xen Debugging
The Linux Foundation
 
Linux power management: are you doing it right?
Linux power management: are you doing it right?Linux power management: are you doing it right?
Linux power management: are you doing it right?
Chris Simmonds
 
Hardware Probing in the Linux Kernel
Hardware Probing in the Linux KernelHardware Probing in the Linux Kernel
Hardware Probing in the Linux Kernel
Kernel TLV
 
U boot-boot-flow
U boot-boot-flowU boot-boot-flow
U boot-boot-flow
BabuSubashChandar Chandra Mohan
 
LCC17 - Securing Embedded Systems with the Hypervisor - Lars Kurth, Citrix
LCC17 - Securing Embedded Systems with the Hypervisor - Lars Kurth, CitrixLCC17 - Securing Embedded Systems with the Hypervisor - Lars Kurth, Citrix
LCC17 - Securing Embedded Systems with the Hypervisor - Lars Kurth, Citrix
The Linux Foundation
 
Rootlinux17: An introduction to Xen Project Virtualisation
Rootlinux17: An introduction to Xen Project VirtualisationRootlinux17: An introduction to Xen Project Virtualisation
Rootlinux17: An introduction to Xen Project Virtualisation
The Linux Foundation
 

Mais conteúdo relacionado

Mais procurados

Xen and the art of embedded virtualization (ELC 2017)
Xen and the art of embedded virtualization (ELC 2017)Xen and the art of embedded virtualization (ELC 2017)
Xen and the art of embedded virtualization (ELC 2017)
Stefano Stabellini
 
GPU Virtualization in Embedded Automotive Solutions
GPU Virtualization in Embedded Automotive SolutionsGPU Virtualization in Embedded Automotive Solutions
GPU Virtualization in Embedded Automotive Solutions
GlobalLogic Ukraine
 
Simultaneously Leveraging Linux and Android in a GENIVI compliant IVI System
Simultaneously Leveraging Linux and Android in a GENIVI compliant IVI System Simultaneously Leveraging Linux and Android in a GENIVI compliant IVI System
Simultaneously Leveraging Linux and Android in a GENIVI compliant IVI System
mentoresd
 
XPDDS18: Design and Implementation of Automotive: Virtualization Based on Xen...
XPDDS18: Design and Implementation of Automotive: Virtualization Based on Xen...XPDDS18: Design and Implementation of Automotive: Virtualization Based on Xen...
XPDDS18: Design and Implementation of Automotive: Virtualization Based on Xen...
The Linux Foundation
 
RunX: deploy real-time OSes as containers at the edge
RunX: deploy real-time OSes as containers at the edgeRunX: deploy real-time OSes as containers at the edge
RunX: deploy real-time OSes as containers at the edge
Stefano Stabellini
 
Disk Performance Comparison Xen v.s. KVM
Disk Performance Comparison Xen v.s. KVMDisk Performance Comparison Xen v.s. KVM
Disk Performance Comparison Xen v.s. KVM
nknytk
 
ALSF13: Xen on ARM - Virtualization for the Automotive Industry - Stefano Sta...
ALSF13: Xen on ARM - Virtualization for the Automotive Industry - Stefano Sta...ALSF13: Xen on ARM - Virtualization for the Automotive Industry - Stefano Sta...
ALSF13: Xen on ARM - Virtualization for the Automotive Industry - Stefano Sta...
The Linux Foundation
 

Mais procurados (20)

Xen and the art of embedded virtualization (ELC 2017)
Xen and the art of embedded virtualization (ELC 2017)Xen and the art of embedded virtualization (ELC 2017)
Xen and the art of embedded virtualization (ELC 2017)
 
GPU Virtualization in Embedded Automotive Solutions
GPU Virtualization in Embedded Automotive SolutionsGPU Virtualization in Embedded Automotive Solutions
GPU Virtualization in Embedded Automotive Solutions
 
Simultaneously Leveraging Linux and Android in a GENIVI compliant IVI System
Simultaneously Leveraging Linux and Android in a GENIVI compliant IVI System Simultaneously Leveraging Linux and Android in a GENIVI compliant IVI System
Simultaneously Leveraging Linux and Android in a GENIVI compliant IVI System
 
XPDDS18: Design and Implementation of Automotive: Virtualization Based on Xen...
XPDDS18: Design and Implementation of Automotive: Virtualization Based on Xen...XPDDS18: Design and Implementation of Automotive: Virtualization Based on Xen...
XPDDS18: Design and Implementation of Automotive: Virtualization Based on Xen...
 
2018 Genivi Xen Overview Nov Update
2018 Genivi Xen Overview Nov Update2018 Genivi Xen Overview Nov Update
2018 Genivi Xen Overview Nov Update
 
Android's HIDL: Treble in the HAL
Android's HIDL: Treble in the HALAndroid's HIDL: Treble in the HAL
Android's HIDL: Treble in the HAL
 
RunX: deploy real-time OSes as containers at the edge
RunX: deploy real-time OSes as containers at the edgeRunX: deploy real-time OSes as containers at the edge
RunX: deploy real-time OSes as containers at the edge
 
Disk Performance Comparison Xen v.s. KVM
Disk Performance Comparison Xen v.s. KVMDisk Performance Comparison Xen v.s. KVM
Disk Performance Comparison Xen v.s. KVM
 
Embedded Linux on ARM
Embedded Linux on ARMEmbedded Linux on ARM
Embedded Linux on ARM
 
ALSF13: Xen on ARM - Virtualization for the Automotive Industry - Stefano Sta...
ALSF13: Xen on ARM - Virtualization for the Automotive Industry - Stefano Sta...ALSF13: Xen on ARM - Virtualization for the Automotive Industry - Stefano Sta...
ALSF13: Xen on ARM - Virtualization for the Automotive Industry - Stefano Sta...
 
Embedded Android : System Development - Part III
Embedded Android : System Development - Part IIIEmbedded Android : System Development - Part III
Embedded Android : System Development - Part III
 
Xen Memory Management
Xen Memory ManagementXen Memory Management
Xen Memory Management
 
U Boot or Universal Bootloader
U Boot or Universal BootloaderU Boot or Universal Bootloader
U Boot or Universal Bootloader
 
Virtualization, A Concept Implementation of Cloud
Virtualization, A Concept Implementation of CloudVirtualization, A Concept Implementation of Cloud
Virtualization, A Concept Implementation of Cloud
 
Trusted firmware deep_dive_v1.0_
Trusted firmware deep_dive_v1.0_Trusted firmware deep_dive_v1.0_
Trusted firmware deep_dive_v1.0_
 
Android HAL Introduction: libhardware and its legacy
Android HAL Introduction: libhardware and its legacyAndroid HAL Introduction: libhardware and its legacy
Android HAL Introduction: libhardware and its legacy
 
Xen Debugging
Xen DebuggingXen Debugging
Xen Debugging
 
Linux power management: are you doing it right?
Linux power management: are you doing it right?Linux power management: are you doing it right?
Linux power management: are you doing it right?
 
Hardware Probing in the Linux Kernel
Hardware Probing in the Linux KernelHardware Probing in the Linux Kernel
Hardware Probing in the Linux Kernel
 
U boot-boot-flow
U boot-boot-flowU boot-boot-flow
U boot-boot-flow
 

Semelhante a Fosdem 18: Securing embedded Systems using Virtualization

Rootlinux17: An introduction to Xen Project Virtualisation
Rootlinux17: An introduction to Xen Project VirtualisationRootlinux17: An introduction to Xen Project Virtualisation
Rootlinux17: An introduction to Xen Project Virtualisation
The Linux Foundation
 
Scale17x: Thinking outside of the conceived tech comfort zone
Scale17x: Thinking outside of the conceived tech comfort zoneScale17x: Thinking outside of the conceived tech comfort zone
Scale17x: Thinking outside of the conceived tech comfort zone
The Linux Foundation
 
8.) xo s as a platform (on off premise)
8.) xo s as a platform (on off premise)8.) xo s as a platform (on off premise)
8.) xo s as a platform (on off premise)
Jeff Green
 
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
The Linux Foundation
 
Secure Containers with EPT Isolation
Secure Containers with EPT IsolationSecure Containers with EPT Isolation
Secure Containers with EPT Isolation
LinuxCon ContainerCon CloudOpen China
 
Mobile operating system..
Mobile operating system..Mobile operating system..
Mobile operating system..
Aashish Uppal
 
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
The Linux Foundation
 
LFCOLLAB15: Xen 4.5 and Beyond
LFCOLLAB15: Xen 4.5 and BeyondLFCOLLAB15: Xen 4.5 and Beyond
LFCOLLAB15: Xen 4.5 and Beyond
The Linux Foundation
 
Cloud Computing Hypervisors and Comparison Xen KVM
Cloud Computing Hypervisors and Comparison Xen KVM Cloud Computing Hypervisors and Comparison Xen KVM
Cloud Computing Hypervisors and Comparison Xen KVM
cloudresearcher
 

Semelhante a Fosdem 18: Securing embedded Systems using Virtualization (20)

LCC17 - Securing Embedded Systems with the Hypervisor - Lars Kurth, Citrix
LCC17 - Securing Embedded Systems with the Hypervisor - Lars Kurth, CitrixLCC17 - Securing Embedded Systems with the Hypervisor - Lars Kurth, Citrix
LCC17 - Securing Embedded Systems with the Hypervisor - Lars Kurth, Citrix
 
Rootlinux17: An introduction to Xen Project Virtualisation
Rootlinux17: An introduction to Xen Project VirtualisationRootlinux17: An introduction to Xen Project Virtualisation
Rootlinux17: An introduction to Xen Project Virtualisation
 
Xen Community Update 2011
Xen Community Update 2011Xen Community Update 2011
Xen Community Update 2011
 
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
 
A Xen Case Study
A Xen Case StudyA Xen Case Study
A Xen Case Study
 
Scale17x: Thinking outside of the conceived tech comfort zone
Scale17x: Thinking outside of the conceived tech comfort zoneScale17x: Thinking outside of the conceived tech comfort zone
Scale17x: Thinking outside of the conceived tech comfort zone
 
8.) xo s as a platform (on off premise)
8.) xo s as a platform (on off premise)8.) xo s as a platform (on off premise)
8.) xo s as a platform (on off premise)
 
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
 
Secure Containers with EPT Isolation
Secure Containers with EPT IsolationSecure Containers with EPT Isolation
Secure Containers with EPT Isolation
 
SynapseIndia dotnet development platform overview
SynapseIndia dotnet development platform overviewSynapseIndia dotnet development platform overview
SynapseIndia dotnet development platform overview
 
Fuzzing_with_Xen.pdf
Fuzzing_with_Xen.pdfFuzzing_with_Xen.pdf
Fuzzing_with_Xen.pdf
 
Mobile operating system..
Mobile operating system..Mobile operating system..
Mobile operating system..
 
Project ACRN CSE Virtualization
Project ACRN CSE VirtualizationProject ACRN CSE Virtualization
Project ACRN CSE Virtualization
 
OffensiveCon2022: Case Studies of Fuzzing with Xen
OffensiveCon2022: Case Studies of Fuzzing with XenOffensiveCon2022: Case Studies of Fuzzing with Xen
OffensiveCon2022: Case Studies of Fuzzing with Xen
 
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
 
Xen and Client Virtualization: the case of XenClient XT
Xen and Client Virtualization: the case of XenClient XTXen and Client Virtualization: the case of XenClient XT
Xen and Client Virtualization: the case of XenClient XT
 
An Intrudction to OpenStack 2017
An Intrudction to OpenStack 2017An Intrudction to OpenStack 2017
An Intrudction to OpenStack 2017
 
淺談探索 Linux 系統設計之道
淺談探索 Linux 系統設計之道 淺談探索 Linux 系統設計之道
淺談探索 Linux 系統設計之道
 
LFCOLLAB15: Xen 4.5 and Beyond
LFCOLLAB15: Xen 4.5 and BeyondLFCOLLAB15: Xen 4.5 and Beyond
LFCOLLAB15: Xen 4.5 and Beyond
 
Cloud Computing Hypervisors and Comparison Xen KVM
Cloud Computing Hypervisors and Comparison Xen KVM Cloud Computing Hypervisors and Comparison Xen KVM
Cloud Computing Hypervisors and Comparison Xen KVM
 

Mais de The Linux Foundation

ELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made Simple
The Linux Foundation
 
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
The Linux Foundation
 
XPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportXPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather Report
The Linux Foundation
 
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxXPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
The Linux Foundation
 
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making... OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
The Linux Foundation
 
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
The Linux Foundation
 
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
The Linux Foundation
 
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
The Linux Foundation
 
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information SecurityXPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
The Linux Foundation
 

Mais de The Linux Foundation (20)

ELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made Simple
 
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
 
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
 
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
 
XPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportXPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather Report
 
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
 
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxXPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
 
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
 
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, BitdefenderXPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
 
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making... OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
 
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixXPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
 
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdXPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
 
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
 
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DXPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
 
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsXPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
 
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
 
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
 
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
 
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSEXPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
 
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information SecurityXPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
 

Último

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 

Último (20)

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 

Fosdem 18: Securing embedded Systems using Virtualization

  • 1. Lars Kurth Community Manager, Xen Project Chairman, Xen Project Advisory Board Director, Open Source, Citrix lars_kurth larskurth www.slideshare.net/xen_com_mgr/presentations
  • 2.
  • 3. Consolidation Reduce cost, size, weight and power consumption Reduce development costs: platform independence Security and Safety Support mixed criticality compositions (Apps with differing safety, security & real-time requirements) Safety Certification of the Hypervisor Embedded Requirements Minimal IRQ latency Low or 0 scheduling overhead Drivers for special I/O devices Flexible architecture
  • 4.
  • 5. EL0/PL0 least privileged mode used for applications (user mode) EL1/PL1 privileged mode used for running kernels such as the Linux kernel EL2/PL2 This has a higher level of privilege and can be used to run a hypervisor which takes control of the system and can host multiple "guest" operating systems
  • 6. EL2 EL1 EL0 Guest Kernel Guest Kernel Guest Userspace Guest Userspace Host Userspace Host Kernel + Hypervisor Native DDs Type 2 with VHE/ARMv8.1 (e.g. KVM) Guest Kernel Guest Kernel Guest Userspace Guest Userspace Guest Userspace Guest Kernel Hypervisor Traditional Embedded Type 1 Hypervisor Native DDs
  • 7.
  • 8. A dual license (GPLv2) “microvisor” implementation by KernKonzept l4re.org & kernkonzept.com/l4re.html (10-20 employees) No public repositories (only code snapshots) Requires CLA (Grant of © and patent license) Written specifically for mixed criticality compositions Typical µkernel design Kernel: address spaces, threads and IPC Everything else in user space (device drivers, apps, policy) Solid feature set: PV Linux implementation (L4Linux) ● µApps (native & Posix) ● device pass-through ● … Also see: – The L4Re Open Source Microvisor System: goo.gl/SNczQ2
  • 9. github.com/siemens/jailhouse Lightweight (sub 10k LoC) partitioning hypervisor by Siemens Linux used for bootstrap and control of partitions Focus is on partitioning and not on virtualization No scheduler, no IO emulator, etc. Appears to have good basic feature set, with key areas WIP: cache region, config tools, ARM64 support fairly new Also see: – AGL Talk May2017: goo.gl/6HHY5a
  • 10. xenproject.org General purpose hypervisor used in a wide range of supported use- cases and products in different markets (including embedded, military/aviation, medical, automotive) Linux or NetBSD used for bootstrap, control plane and drivers Expansive feature set, that is highly customizable and flexible Strong and diverse open source community
  • 11.
  • 12. EL2 EL1 EL0 Xen Project Hypervisor Guest Kernel Guest Kernel Guest Userspace Guest Userspace Strong Isolation Device Drivers run in EL1, not EL2 Protected Address Spaces: Grant tables Trusted Computing Base (TCB) Dom0 Kernel Native DDs Dom0 Userspace Toolstack
  • 13. EL1 EL2 EL0 Xen Project Hypervisor Guest Kernel Guest Kernel Guest Userspace Guest Userspace Control Plane Server: sysadmin Embedded: config/setup, system health monitoring (watchdog), maintenance, SW updates, … Dom0 Kernel Native DDs Dom0 Userspace Toolstack
  • 14.
  • 15. Existing net, block, console keyboard, mouse, USB framebuffer, GPU sharing* New in Xen 4.9, more in 4.11 9pfs (share a filesystem between VMs) Pvcalls (forward POSIX calls across VMs) multitouch, sound, display, DRM Developing New Ones Easy to write (GPL and BSD samples) Kernel and User Space *) A number of different approaches by different vendors in different market segments are being deployed, which are PV-like, but not strictly a PV protocol
  • 16. System Partitioning Sandboxing drivers & system components Fine-grain control of VM capabilities Enables multi-layered security approach Other Security Features Trusted Execution Environment (TEE) Virtual Machine Introspection, alt2pm Live Patching
  • 17. Meltdown Cannot be exploited from a fully virtualized (i.e. ARM, HVM or PVH) ➜ Fully virtualized VMs offer significant protection against Meltdown Spectre On current information: substantially harder to exploit under Xen than under monolithic kernels because there are significantly fewer options for the attacker to interact with the hypervisor – Attacker needs a suitable "gadget" running inside of the Hypervisor GPZ use the eBPF engine to execute a gadget written by them, designed to 'leak' the maximum amount of information – Initial analysis: Xen has nothing similar to eBPF
  • 18. Guest Kernel Xen Project Hypervisor Driver Domain Guest OS*: Linux, BSD, MiniOS, unikernel, … Disk Controller Guest Kernel* Storage Domain Disk Driver Guest Kernel* Network Domain Network Driver Network Controller BlockFront Driver BlockBack Driver Dom0 Kernel Application NetFront Driver NetBack Driver
  • 19. Attack Surface Reduction Similar to Linux Security Modules/SELinux Same policy syntax as SELinux Different types, roles, users and attributes Same tools for policy compilation / verification (checkpolicy) Enabled by KCONFIG VM hypervisor domain(self) domain(other) memory (grant, mmu, shadow) inter-VM communicationpassthroughsecurity config Fine-grained policy, controlling which hypervisor functionality is accessible to this (class of) VM Effect: limit what an exploit in this VM could do
  • 20. Pratap Sankar @ Flickr Documentation wiki.xenproject.org/wiki/Dom0_Disaggregation wiki.xenproject.org/wiki/Xen_Security_Modules_:_XSM-FLASK
  • 21.
  • 22. Pratap Sankar @ Flickr Crucible:Defense starlab.io Xen Project based virtualization platform for technology protection, cyber-hardening, and system integrity for aerospace & defense systems Qubes OS www.qubes-os.org Secure OS OpenXT www.openxt.org FOSS Platform for security research, security applications and embedded appliance integration building on Xen & OpenEmbedded Virtual Machine Introspection based security Solutions Bitdefender Hypervisor Introspection Zentific Zazen
  • 23.
  • 24. User defined App VMs for individual apps or groups of apps USB Service Domain Banking Domain Personal Domain Firewall VM enforces network policies Network Domain Dom0 Secure UI and sysadmin domain
  • 25.
  • 26. Xen supports several different schedulers with different properties.
  • 27. Xen supports several different schedulers with different properties. Regular VM scheduler (Credit) Hard real-time (ARINC653) Dedicated to 1 VM via pinning and Null scheduler  no scheduler overheads Soft real-time (RTDS)
  • 28. Scheduler Use-cases Today Future plans Credit General Purpose Supported Default Supported Optional Credit 2 General Purpose Optimized for lower latency, higher VM density Supported Default RTDS Soft & Firm Real-time Multicore Embedded, Automotive, Graphics & Gaming in the Cloud, Low Latency Workloads Experimental Better XL support <1μs granularity Supported Hardening Optimization ARINC 653 Hard Real-time Single core Avionics, Drones, Medical Supported Enable via KCONFIG Null Hard Real-time Experimental (Xen 4.10) Supported
  • 29. vCPU 0 pCPU 0 vCPU 1 pCPU 1 irq 109 virq 109 IRQ injection Always on the CPU running the vCPU
  • 30. vCPU 0 pCPU 0 irq 109 virq 109 vCPU 1 pCPU 1 IF vIRQ target changes or vCPU is moved THEN vIRQ is moved immediately virq 109
  • 31. vCPU 0 pCPU 0 vCPU 1 pCPU 1 irq 109 virq 109 IRQs always shadow the vIRQ  minimizes latency Xilinx ZynqMP board (four Cortex A53 cores, GICv2) WARM_MAX (excluding the first 3 interrupts): <2000ns Without Null scheduler See blog.xenproject.org/2017/03/20/xen-on-arm- interrupt-latency/
  • 32. Code Quality: compliance CERT/MISRA coding standards Typically enforced through static analysis tools Xen Project is working through issues partnering with a tools vendor Certification Artefact Preparation: Retrofitting required artefacts covering use-case requirements to code Access to original developers can be key (otherwise rely solely on git/mailing list archaeology) Development Process: OSS development process is non-compliant with safety standards But there are routes to assess non-compliant code (e.g. IEC 61508-3 Route 3s) ➜ extra artefacts Cost/Sharing Cost: The cost of safety certification is high (25-75% of development cost) ➜ disincentive to share cost Could be done through a consortium sharing the cost of certifying an official minimal base configuration Domain specific certification standards ➜ limits ability to share cost Liability/Accountable owner: Someone to blame and deal with issues ➜ makes sharing costs harder
  • 33. Pratap Sankar @ Flickr AIS ainfosec.com BAE Systems baesystems.com Galois galois.com Maintain FreeRTOS Xen Port Developed and maintain HalVM Dornerworks dornerworks.com/xen Consulting Xen Embedded Distros Virtuosity for Xilinx Zynq Virtuosity for NXP i.MX 8 Virtuosity (formerly ARLX) DO-178 (EAL6+), IEC 62304, ISO 26262 MILS EAL FACE, VICTORY, ARINC 653 Starlab starlab.io Crucible and Crucible:Defense Xen embedded hypervisor In progress: DO-178, MILS EAL Uses a minimal Dom0, disaggregation and XSM/FLASK Precedents of safety certification for Xen based systems www.slideshare.net/xen_com_mgr/art-certification & www.youtube.com/watch?v=UyW5ul_1ct0 www.linux.com/news/xen-project/2017/2/how-shrink-attack-surfaces-hypervisor
  • 34. Pratap Sankar @ Flickr LG Electronics Demo bit.do/lg-xen-demo-2016 Bosch Car GmbH Contributions 10 smaller features in 2016 Perseus Founded by Xen maintainer bit.do/perseus-2017 GlobalLogic Product: Nautilus bit.do/gl-nautilus First product in production expected in 2018 Supports: HW: Renesas R-Car Gen2 & Gen3, TI Jacinto6, Intel Apollo Lake, Qualcomm 410C, Sinlinx A33 Guests: Linux up to 4.9  Android M, N, N-Car  QNX, ThreadX, FreeRTOS PV Drivers for: GPU, Audio, HW accelerated Video codecs, DRM, … Contributions: 27 smaller features from 2013 to 2016 EPAM Demo Next slide Interesting Features: Container based telematics applications running in a Xen VM that can be downloaded from a cloud service Ongoing Contributions: ABIs for PV Sound, PV Display & PV DRM Leading development of co-processor sharing framework
  • 35. Pratap Sankar @ Flickr xenbits.xenproject.org/people/larsk/ LCC17 - The Internet of Transportation[1080P].MP4
  • 36. Pratap Sankar @ Flickr
  • 37. AWS Dom0 - Control DomD – HW Drivers & Cluster Wayland/Weston OpenGL ES Linux Kernel with GPU and other HW Drivers ALSA w PV_ALSAS_BE DomU Fusion Container mgmt tool Linux Kernel w/o HW Drivers Minimal rootfs with systems library Telematics simulation Agent (Acceleration, Braking, Corning, GPS) DomU – Linux IVI MW Frameworks PV DISPLAY Linux Kernel with GPU and w/o other HW Drivers PV EVENTS PV SOUND IVI Simulation App Trusted Apps TrustZone Hypervisor R-Car H3 Platform OP-TEE OS TZ monitor Driver Behavior Based Insurance Backend Telematics Simulation Agent ver 2.0 Telematics Simulation Agent ver 1.0 Monitoring Dashboard Wayland BE (Events/Display) Cluster Simulation AppDom0 Services Minimal rootfs Linux Kernel w/o HW Drivers Containers
  • 39. Extremely Flexible and Versatile Proven in many different markets Easy to port to new environments Easy to develop new PV drivers Highly customizable Security and Resilience Isolation, Partitioning, Security Features Functional Safety Examples of Safety Certification Looking at ways to make this easier and cheaper Engaging with other groups looking at this (e.g. AGL, …) Challenges still being addressed Standardization of more I/O devices via PV protocols Standardization of GPU and co-processor sharing RTOS or other minimal OS as Dom0 Testing of embedded Hardware by the project Picture by Lars Kurth
  • 41. Developer Portal: bit.do/xen-devs Xen on ARM whitepaper: bit.do/xenarm-white Xen on ARM wiki: bit.do/xenarm-wiki Port Xen to a new SOC: bit.do/xenarm-porting Add Xen support Xen to your OS: bit.do/xenarm-os Device Passthrough presentation: bit.do/xenarm-pt OE meta-virtualization Xen recipe: bit.do/xenmeta OpenXT (Xen + OpenEmbedded): openxt.org Xenbedded presentation: bit.do/xenbedded Monthly ARM Community Call: bit.do/xenarm-call