Secure Containers. Jan Imagination Technologies HGI Dec, 2014 p1

Size: px
Start display at page:

Download "Secure Containers. Jan 2015 www.imgtec.com. Imagination Technologies HGI Dec, 2014 p1"

Transcription

1 Secure Containers Jan Imagination Technologies HGI Dec, 2014 p1

2 What are we protecting? Sensitive assets belonging to the user and the service provider Network Monitor unauthorized access, misuse, modification, or denial of a network-accessible resources Application Operating System Platform Original manufacturer; anti-cloning Application / OS Platform Authenticity Runtime Integrity Data Extranet Data Intranet Secret key, digital certificates Attack Surface Area control execution, view, copy, print, and altering Imagination Technologies HGI Dec, 2014 p2

3 Platform Security Open Everything, Smart Everything, Internet of Everything Problem Mobile Devices, Home Gateways, in vehicle infotainments, etc, increasing require security Solutions Trusted Execution Environment (TEE) Secure Element (SE) Trusted Platform Module (TPM) Implementation Closed proprietary by SoC manufacturer Two World (Secure and Normal) Secure Hypervisor Imagination Technologies HGI Dec, 2014 p3

4 Security Implementation Next generation platforms demand multiple secure data-flows User Space H/W + TPM Layered Two Worlds Normal World Secure World Platform Virtualization VM 0 TEE VM n Hypervisor Reduced Attack Surface Area Single Client Customized Security at a cost Inflexible Proprietary Security schemes Single Client Single TEE Secure Apps coexist in Secure World Restricted scalability in multi-core Multi-Client Multiple TEEs All Secure Apps in own VM Fully scalable in multi-core Imagination Technologies HGI Dec, 2014 p4

5 Scalable Security- Hardware Virtualization Secure Root is the secure hypervisor/kernel access-rights controlled by Root Scalable Supports many s (CPU & GPU pairs) SoC virtualization support Virtualized GIC (interrupt controller) and IOMMU Bus transactions to other IP include ID Benefits Ease of use - no modification required to OS Reliability corrupted/crashed OS1 cannot affect OS2 Performance intelligent resource allocation Heterogeneous GPU operation Secure/non-Secure OS/Apps App App App App OS1 OS2 App Hypervisor/Secure Kernel MIPS core H/W supported Virtualization s -ID Root TPM Boot ROM Imagination Technologies HGI Dec, 2014 p5

6 True Isolation Benefits Secure Extranet TEE Secure Intranet Mature, proven technology used in networking and Compute H/W Firewall high level of security OpenWRT Secure App s Crypto 3 rd Party Containers Secure services can only affect their container Not the overall system Highest flexibility and performance Multiple Secure Domains IP protection provided through system partitioning Software Hardware Secure OS IPC Hypervisor MIPS, PowerVR Heterogeneous Platform Offloads Secure Boot DRAM WAN LAN Imagination Technologies HGI Dec, 2014 p6

7 True Isolation Benefits Secure Extranet TEE Secure Intranet Mature, proven technology used in networking and Compute H/W Firewall high level of security OpenWRT Secure App s Crypto 3 rd Party Containers Secure services can only affect their container Not the overall system Highest flexibility and performance Multiple Secure Domains IP protection provided through system partitioning Software Hardware Secure OS IPC Hypervisor MIPS, PowerVR Heterogeneous Platform Offloads Secure Boot DRAM WAN LAN Imagination Technologies HGI Dec, 2014 p7

8 True Isolation Benefits Secure Extranet TEE Secure Intranet Mature, proven technology used in networking and Compute H/W Firewall high level of security Broadband App s Secure App s Crypto LAN App s Secure services can only affect their container Not the overall system Highest flexibility and performance Multiple Secure Domains IP protection provided through system partitioning Software Hardware Secure OS IPC Hypervisor MIPS, PowerVR Heterogeneous Platform Offloads Secure Boot DRAM WAN LAN Imagination Technologies HGI Dec, 2014 p8

9 Security no longer a CPU bound problem Secure Containers - Isolate concurrent flows Licensing Terms and IP Separation Partitioning of incompatible licensing terms Proprietary vs open source Security and Robustness Isolate critical software Reduction in application testing and certification S/W H/W VMn User Kernel VM3 User Kernel CPU Cluster VM2 User Kernel User Kernel Secure Hypervisor MMU Coherent Fabric SoC VM1 Network layers Offloads (Crypto, IP, etc) I/O vgpu 1 GPU Cluster MMU vgpu 2 Increase Privilege Memory Memory X Secure Domains Protected Partitions Imagination Technologies HGI Dec, 2014 p9 X TPM Boot ROM

10 Summary Virtualization is indispensable to the future of embedded system design A secure Hypervisor is the foundation of a Secure and Reliable embedded system A virtualized environment offers flexible software management Virtualization provides Hardware firewall-grade security Scalability Reliability Total cost of ownership is dramatically reduced MIPS Virtualization is the right technology for the secure digital world Imagination Technologies HGI Dec, 2014 p10

11 Thank you Imagination Technologies HGI Dec, 2014 p11

The MIPS architecture and virtualization

The MIPS architecture and virtualization The MIPS architecture and virtualization Simply put, virtualization makes one physical device appear as one or more virtual devices. Virtualization can be implemented at the processor level (e.g. CPU or

More information

Using ARM TrustZone Technology for Securing Embedded Devices Running Applications of Mixed Criticality Presenter: Felix Baum, Mentor

Using ARM TrustZone Technology for Securing Embedded Devices Running Applications of Mixed Criticality Presenter: Felix Baum, Mentor Using ARM TrustZone Technology for Securing Embedded Devices Running Applications of Mixed Criticality Presenter: Felix Baum, Mentor Agenda Objectives Describe the need for hardware enforced security Outline

More information

FCC compliance with open source: Running OpenWrt in a VM on top of the L4Re microhypervisor

FCC compliance with open source: Running OpenWrt in a VM on top of the L4Re microhypervisor FCC compliance with open source: Running OpenWrt in a VM on top of the L4Re microhypervisor Michael Hohmuth Kernkonzept 2 FCC Wifi rule 2014: New FCC rule Router manufacturers need to prevent Wifi misconfiguration

More information

Virtualization in the ARMv7 Architecture Lecture for the Embedded Systems Course CSD, University of Crete (May 20, 2014)

Virtualization in the ARMv7 Architecture Lecture for the Embedded Systems Course CSD, University of Crete (May 20, 2014) Virtualization in the ARMv7 Architecture Lecture for the Embedded Systems Course CSD, University of Crete (May 20, 2014) ManolisMarazakis (maraz@ics.forth.gr) Institute of Computer Science (ICS) Foundation

More information

Trusted Boot Loader Steve Johnson, Panasonic Chair Security WG San Jose April 12, 2006

Trusted Boot Loader Steve Johnson, Panasonic Chair Security WG San Jose April 12, 2006 Trusted Boot Loader Steve Johnson, Panasonic Chair Security WG San Jose April 12, 2006 April 12th, 2006 1 Synopsis Background Trusted boot Security enhancements to boot loader Necessary code U-Boot Kernel

More information

Comprehensive Security for Internet-of-Things Devices With ARM TrustZone

Comprehensive Security for Internet-of-Things Devices With ARM TrustZone Comprehensive Security for Internet-of-Things Devices With ARM TrustZone Howard Williams mentor.com/embedded Internet-of-Things Trends The world is more connected IoT devices are smarter and more complex

More information

A Scalable VISC Processor Platform for Modern Client and Cloud Workloads

A Scalable VISC Processor Platform for Modern Client and Cloud Workloads A Scalable VISC Processor Platform for Modern Client and Cloud Workloads Mohammad Abdallah Founder, President and CTO Soft Machines Linley Processor Conference October 7, 2015 Agenda Soft Machines Background

More information

Full and Para Virtualization

Full and Para Virtualization Full and Para Virtualization Dr. Sanjay P. Ahuja, Ph.D. 2010-14 FIS Distinguished Professor of Computer Science School of Computing, UNF x86 Hardware Virtualization The x86 architecture offers four levels

More information

Secure Virtualization on Single- and Multi-core ARM Processors

Secure Virtualization on Single- and Multi-core ARM Processors Secure Virtualization on Single- and Multi-core ARM Processors Brad Suessmith Senior VP & GM TRANGO Virtual Processors John Goodacre ARM Multiprocessing Program Manager ARM Limited Agenda Company and market

More information

Hardware Based Virtualization Technologies. Elsie Wahlig elsie.wahlig@amd.com Platform Software Architect

Hardware Based Virtualization Technologies. Elsie Wahlig elsie.wahlig@amd.com Platform Software Architect Hardware Based Virtualization Technologies Elsie Wahlig elsie.wahlig@amd.com Platform Software Architect Outline What is Virtualization? Evolution of Virtualization AMD Virtualization AMD s IO Virtualization

More information

Virtualization for Hard Real-Time Applications Partition where you can Virtualize where you have to

Virtualization for Hard Real-Time Applications Partition where you can Virtualize where you have to Virtualization for Hard Real-Time Applications Partition where you can Virtualize where you have to Hanspeter Vogel Triadem Solutions AG Real-Time Systems GmbH Gartenstrasse 33 D-88212 Ravensburg Germany

More information

Intel Virtualization Technology (VT) in Converged Application Platforms

Intel Virtualization Technology (VT) in Converged Application Platforms Intel Virtualization Technology (VT) in Converged Application Platforms Enabling Improved Utilization, Change Management, and Cost Reduction through Hardware Assisted Virtualization White Paper January

More information

SECURE IMPLEMENTATIONS OF CONTENT PROTECTION (DRM) SCHEMES ON CONSUMER ELECTRONIC DEVICES

SECURE IMPLEMENTATIONS OF CONTENT PROTECTION (DRM) SCHEMES ON CONSUMER ELECTRONIC DEVICES SECURE IMPLEMENTATIONS OF CONTENT PROTECTION (DRM) SCHEMES ON CONSUMER ELECTRONIC DEVICES Contents Introduction... 3 DRM Threat Model... 3 DRM Flow... 4 DRM Assets... 5 Threat Model... 5 Protection of

More information

Microkernels, virtualization, exokernels. Tutorial 1 CSC469

Microkernels, virtualization, exokernels. Tutorial 1 CSC469 Microkernels, virtualization, exokernels Tutorial 1 CSC469 Monolithic kernel vs Microkernel Monolithic OS kernel Application VFS System call User mode What was the main idea? What were the problems? IPC,

More information

Sierraware Overview. Simply Secure

Sierraware Overview. Simply Secure Sierraware Overview Simply Secure Sierraware Software Suite SierraTEE/Micro Kernel TrustZone/GlobalPlatform TEE SierraVisor: Bare Metal Hypervisor Hypervisor for ARM Para-virtualization, TrustZone Virtualization,

More information

NoHype: Virtualized Cloud Infrastructure without the Virtualization

NoHype: Virtualized Cloud Infrastructure without the Virtualization NoHype: Virtualized Cloud Infrastructure without the Virtualization Eric Keller, Jakub Szefer, Jennifer Rexford, Ruby Lee Princeton University ISCA 2010 Virtualized Cloud Infrastructure Run virtual machines

More information

PikeOS: Multi-Core RTOS for IMA. Dr. Sergey Tverdyshev SYSGO AG 29.10.2012, Moscow

PikeOS: Multi-Core RTOS for IMA. Dr. Sergey Tverdyshev SYSGO AG 29.10.2012, Moscow PikeOS: Multi-Core RTOS for IMA Dr. Sergey Tverdyshev SYSGO AG 29.10.2012, Moscow Contents Multi Core Overview Hardware Considerations Multi Core Software Design Certification Consideratins PikeOS Multi-Core

More information

Lecture Embedded System Security Dynamic Root of Trust and Trusted Execution

Lecture Embedded System Security Dynamic Root of Trust and Trusted Execution 1 Lecture Embedded System Security Dynamic Root of Trust and Execution Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt (CASED) Germany Summer Term 2014 Dynamic Root

More information

MODULE 3 VIRTUALIZED DATA CENTER COMPUTE

MODULE 3 VIRTUALIZED DATA CENTER COMPUTE MODULE 3 VIRTUALIZED DATA CENTER COMPUTE Module 3: Virtualized Data Center Compute Upon completion of this module, you should be able to: Describe compute virtualization Discuss the compute virtualization

More information

Embedded Java & Secure Element for high security in IoT systems

Embedded Java & Secure Element for high security in IoT systems Embedded Java & Secure Element for high security in IoT systems JavaOne - September 2014 Anne-Laure SIXOU - ST Thierry BOUSQUET - ST Frédéric VAUTE - Oracle Speakers 2 Anne-Laure SIXOU Smartgrid Product

More information

CARTES 2012 Demo presentation. Secure Trusted Execution Environment

CARTES 2012 Demo presentation. Secure Trusted Execution Environment CARTES 2012 Demo presentation Secure Trusted Execution Environment MobiCore offers a preventive security solution, protecting most of currently known cyber attacks, complementary to other security solutions

More information

Next Generation Operating Systems

Next Generation Operating Systems Next Generation Operating Systems Zeljko Susnjar, Cisco CTG June 2015 The end of CPU scaling Future computing challenges Power efficiency Performance == parallelism Cisco Confidential 2 Paradox of the

More information

Virtual Hosting & Virtual Machines

Virtual Hosting & Virtual Machines & Virtual Machines Coleman Kane Coleman.Kane@ge.com September 2, 2014 Cyber Defense Overview / Machines 1 / 17 Similar to the network partitioning schemes described previously, there exist a menu of options

More information

Hypervisors. Introduction. Introduction. Introduction. Introduction. Introduction. Credits:

Hypervisors. Introduction. Introduction. Introduction. Introduction. Introduction. Credits: Hypervisors Credits: P. Chaganti Xen Virtualization A practical handbook D. Chisnall The definitive guide to Xen Hypervisor G. Kesden Lect. 25 CS 15-440 G. Heiser UNSW/NICTA/OKL Virtualization is a technique

More information

CHANCES AND RISKS FOR SECURITY IN MULTICORE PROCESSORS

CHANCES AND RISKS FOR SECURITY IN MULTICORE PROCESSORS CHANCES AND RISKS FOR SECURITY IN MULTICORE PROCESSORS Prof. Dr.-Ing. Georg Sigl Institute for Security in Information Technology Technical University Munich sigl@tum.de Fraunhofer Research Institution

More information

Virtualization. Pradipta De pradipta.de@sunykorea.ac.kr

Virtualization. Pradipta De pradipta.de@sunykorea.ac.kr Virtualization Pradipta De pradipta.de@sunykorea.ac.kr Today s Topic Virtualization Basics System Virtualization Techniques CSE506: Ext Filesystem 2 Virtualization? A virtual machine (VM) is an emulation

More information

Hardware accelerated Virtualization in the ARM Cortex Processors

Hardware accelerated Virtualization in the ARM Cortex Processors Hardware accelerated Virtualization in the ARM Cortex Processors John Goodacre Director, Program Management ARM Processor Division ARM Ltd. Cambridge UK 2nd November 2010 Sponsored by: & & New Capabilities

More information

IoT: Smart Vision Leads The Way

IoT: Smart Vision Leads The Way IoT: Smart Vision Leads The Way Peter McGuinness Multimedia Technology Marketing www.imgtec.com IoT is changing from amorphous to concrete: Imagination Technologies US Summit May 2015 2 IoT is changing

More information

Virtual Machine Monitors. Dr. Marc E. Fiuczynski Research Scholar Princeton University

Virtual Machine Monitors. Dr. Marc E. Fiuczynski Research Scholar Princeton University Virtual Machine Monitors Dr. Marc E. Fiuczynski Research Scholar Princeton University Introduction Have been around since 1960 s on mainframes used for multitasking Good example VM/370 Have resurfaced

More information

Multi-core Programming System Overview

Multi-core Programming System Overview Multi-core Programming System Overview Based on slides from Intel Software College and Multi-Core Programming increasing performance through software multi-threading by Shameem Akhter and Jason Roberts,

More information

A Cryptographically Secure On-chip Firewall for Memory Address Space Control

A Cryptographically Secure On-chip Firewall for Memory Address Space Control A Cryptographically Secure On-chip Firewall for Memory Address Space Control Roberto Rivoir Director of Security Development Rambus France IoT & Security Innovation Day Sophia Antipolis, France 26 November

More information

Virtual Machines. Virtualization

Virtual Machines. Virtualization Virtual Machines Marie Roch Tanenbaum 8.3 contains slides from: Tanenbaum 3 rd ed. 2008 1 Virtualization Started with the IBM System/360 in the 1960s Basic concept simulate multiple copies of the underlying

More information

Leveraging Thin Hypervisors for Security on Embedded Systems

Leveraging Thin Hypervisors for Security on Embedded Systems Leveraging Thin Hypervisors for Security on Embedded Systems Christian Gehrmann A part of Swedish ICT What is virtualization? Separation of a resource or request for a service from the underlying physical

More information

Virtualization. Michael Tsai 2015/06/08

Virtualization. Michael Tsai 2015/06/08 Virtualization Michael Tsai 2015/06/08 What is virtualization? Let s first look at a video from VMware http://bcove.me/x9zhalcl Problems? Low utilization Different needs DNS DHCP Web mail 5% 5% 15% 8%

More information

Network Virtualization and Data Center Networks 263-3825-00 Data Center Virtualization - Basics. Qin Yin Fall Semester 2013

Network Virtualization and Data Center Networks 263-3825-00 Data Center Virtualization - Basics. Qin Yin Fall Semester 2013 Network Virtualization and Data Center Networks 263-3825-00 Data Center Virtualization - Basics Qin Yin Fall Semester 2013 1 Walmart s Data Center 2 Amadeus Data Center 3 Google s Data Center 4 Data Center

More information

Computer Science. About PaaS Security. Donghoon Kim Henry E. Schaffer Mladen A. Vouk

Computer Science. About PaaS Security. Donghoon Kim Henry E. Schaffer Mladen A. Vouk About PaaS Security Donghoon Kim Henry E. Schaffer Mladen A. Vouk North Carolina State University, USA May 21, 2015 @ ICACON 2015 Outline Introduction Background Contribution PaaS Vulnerabilities and Countermeasures

More information

Virtualization benefits Introduction to XenSource How Xen is changing virtualization The Xen hypervisor architecture Xen paravirtualization

Virtualization benefits Introduction to XenSource How Xen is changing virtualization The Xen hypervisor architecture Xen paravirtualization www.xensource.com Virtualization benefits Introduction to XenSource How Xen is changing virtualization The Xen hypervisor architecture Xen paravirtualization Interoperable virtualization The XenEnterprise*

More information

Enabling Technologies for Distributed Computing

Enabling Technologies for Distributed Computing Enabling Technologies for Distributed Computing Dr. Sanjay P. Ahuja, Ph.D. Fidelity National Financial Distinguished Professor of CIS School of Computing, UNF Multi-core CPUs and Multithreading Technologies

More information

WIND RIVER SECURE ANDROID CAPABILITY

WIND RIVER SECURE ANDROID CAPABILITY WIND RIVER SECURE ANDROID CAPABILITY Cyber warfare has swiftly migrated from hacking into enterprise networks and the Internet to targeting, and being triggered from, mobile devices. With the recent explosion

More information

Embedded Virtualization & Cyber Security for Industrial Automation HyperSecured PC-based Control and Operation

Embedded Virtualization & Cyber Security for Industrial Automation HyperSecured PC-based Control and Operation Embedded Virtualization & Cyber Security for Industrial Automation HyperSecured PC-based Control and Operation Industrial controllers and HMIs today mostly lack protective functions for their IT and network

More information

Decomposition into Parts. Software Engineering, Lecture 4. Data and Function Cohesion. Allocation of Functions and Data. Component Interfaces

Decomposition into Parts. Software Engineering, Lecture 4. Data and Function Cohesion. Allocation of Functions and Data. Component Interfaces Software Engineering, Lecture 4 Decomposition into suitable parts Cross cutting concerns Design patterns I will also give an example scenario that you are supposed to analyse and make synthesis from The

More information

Lecture 02b Cloud Computing II

Lecture 02b Cloud Computing II Mobile Cloud Computing Lecture 02b Cloud Computing II 吳 秀 陽 Shiow-yang Wu T. Sridhar. Cloud Computing A Primer, Part 2: Infrastructure and Implementation Topics. The Internet Protocol Journal, Volume 12,

More information

3.1 IaaS Definition. IaaS: Infrastructure as a Service

3.1 IaaS Definition. IaaS: Infrastructure as a Service 1 3.1 IaaS Definition IaaS: Infrastructure as a Service Through the internet, provide IT server, storage, computing power and other infrastructure capacity to the end users and the service fee based on

More information

Security 4.0 - Security by Separation

Security 4.0 - Security by Separation Security 4.0 - Security by Separation Making Industrial Control Systems More Secure Author(s): Date: Version Mehmet Özer 19.05.2015 v1.0 SYSGO AG 1 Agenda Security Challenges IoT Architecture for Industrial

More information

Do Containers fully 'contain' security issues? A closer look at Docker and Warden. By Farshad Abasi, 2015-09-16

Do Containers fully 'contain' security issues? A closer look at Docker and Warden. By Farshad Abasi, 2015-09-16 Do Containers fully 'contain' security issues? A closer look at Docker and Warden. By Farshad Abasi, 2015-09-16 Overview What are Containers? Containers and The Cloud Containerization vs. H/W Virtualization

More information

ARM: A Security Opportunity against Advanced Persistent Threats

ARM: A Security Opportunity against Advanced Persistent Threats SESSION ID: CCT-R05 ARM: A Security Opportunity against Advanced Persistent Threats Siddharth Anbalahan Practice Head-Security Testing Paladaion Networks Pvt Ltd. Siddharth.anbalahan@paladion.net Agenda

More information

Customer Experience. Silicon. Support & Professional Eng. Services. Freescale Provided SW & Solutions

Customer Experience. Silicon. Support & Professional Eng. Services. Freescale Provided SW & Solutions September 2013 Silicon Support & Professional Eng. Services Customer Experience Freescale Provided SW & Solutions Provide Valued Software, Support & Professional Engineering Services, Competitively 2 Customer

More information

Virtualization for Cloud Computing

Virtualization for Cloud Computing Virtualization for Cloud Computing Dr. Sanjay P. Ahuja, Ph.D. 2010-14 FIS Distinguished Professor of Computer Science School of Computing, UNF CLOUD COMPUTING On demand provision of computational resources

More information

COS 318: Operating Systems. Virtual Machine Monitors

COS 318: Operating Systems. Virtual Machine Monitors COS 318: Operating Systems Virtual Machine Monitors Kai Li and Andy Bavier Computer Science Department Princeton University http://www.cs.princeton.edu/courses/archive/fall13/cos318/ Introduction u Have

More information

Virtual Machine Security

Virtual Machine Security Virtual Machine Security CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07/ 1 Operating System Quandary Q: What is the primary goal

More information

Attacking Hypervisors via Firmware and Hardware

Attacking Hypervisors via Firmware and Hardware Attacking Hypervisors via Firmware and Hardware Alex Matrosov (@matrosov), Mikhail Gorobets, Oleksandr Bazhaniuk (@ABazhaniuk), Andrew Furtak, Yuriy Bulygin (@c7zero) Advanced Threat Research Agenda Hypervisor

More information

Intel s Virtualization Extensions (VT-x) So you want to build a hypervisor?

Intel s Virtualization Extensions (VT-x) So you want to build a hypervisor? Intel s Virtualization Extensions (VT-x) So you want to build a hypervisor? Mr. Jacob Torrey February 26, 2014 Dartmouth College 153 Brooks Road, Rome, NY 315.336.3306 http://ainfosec.com @JacobTorrey

More information

Security Frameworks. An Enterprise Approach to Security. Robert Belka Frazier, CISSP belka@att.net

Security Frameworks. An Enterprise Approach to Security. Robert Belka Frazier, CISSP belka@att.net Security Frameworks An Enterprise Approach to Security Robert Belka Frazier, CISSP belka@att.net Security Security is recognized as essential to protect vital processes and the systems that provide those

More information

Above the clouds: A Berkeley View of Cloud Computing

Above the clouds: A Berkeley View of Cloud Computing Partial Review-2 On the paper Above the clouds: A Berkeley View of Cloud Computing By Nikhil Ramteke Sr. No.- 07125 6. Cloud Computing Economics Observation in Cloud Economics mainly concerns with following

More information

Hitachi Virtage Embedded Virtualization Hitachi BladeSymphony 10U

Hitachi Virtage Embedded Virtualization Hitachi BladeSymphony 10U Hitachi Virtage Embedded Virtualization Hitachi BladeSymphony 10U Datasheet Brings the performance and reliability of mainframe virtualization to blade computing BladeSymphony is the first true enterprise-class

More information

Virtual Machine in Data Center Switches Huawei Virtual System

Virtual Machine in Data Center Switches Huawei Virtual System Virtual Machine in Data Center Switches Huawei Virtual System Contents 1 Introduction... 3 2 VS: From the Aspect of Virtualization Technology... 3 3 VS: From the Aspect of Market Driving... 4 4 VS: From

More information

GETTING STARTED WITH ANDROID DEVELOPMENT FOR EMBEDDED SYSTEMS

GETTING STARTED WITH ANDROID DEVELOPMENT FOR EMBEDDED SYSTEMS Embedded Systems White Paper GETTING STARTED WITH ANDROID DEVELOPMENT FOR EMBEDDED SYSTEMS September 2009 ABSTRACT Android is an open source platform built by Google that includes an operating system,

More information

Uses for Virtual Machines. Virtual Machines. There are several uses for virtual machines:

Uses for Virtual Machines. Virtual Machines. There are several uses for virtual machines: Virtual Machines Uses for Virtual Machines Virtual machine technology, often just called virtualization, makes one computer behave as several computers by sharing the resources of a single computer between

More information

Republic Polytechnic School of Information and Communications Technology C226 Operating System Concepts. Module Curriculum

Republic Polytechnic School of Information and Communications Technology C226 Operating System Concepts. Module Curriculum Republic Polytechnic School of Information and Communications Technology C6 Operating System Concepts Module Curriculum Module Description: This module examines the fundamental components of single computer

More information

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013 CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control

More information

The Xen of Virtualization

The Xen of Virtualization The Xen of Virtualization Assignment for CLC-MIRI Amin Khan Universitat Politècnica de Catalunya March 4, 2013 Amin Khan (UPC) Xen Hypervisor March 4, 2013 1 / 19 Outline 1 Introduction 2 Architecture

More information

Hardware/microprocessor Run- time executive (real- time OS, hypervisor, etc.) Web messaging infrastructure

Hardware/microprocessor Run- time executive (real- time OS, hypervisor, etc.) Web messaging infrastructure Firmware Strategy for the Internet of Cars David Kleidermacher, CTO Green Hills Software The Internet of Things (IoT) trend can be defined as the rapid assimilation of the world s objects (anything that

More information

VIRTUALIZATION ON MULTICORE MPUS

VIRTUALIZATION ON MULTICORE MPUS VIRTUALIZATION ON MULTICORE MPUS PETER.VANACKEREN@NXP.COM - SR. FAE EMEA Agenda Virtualization Introduction KVM/QEMU Containers libvirt I/O in KVM Environments Device Virtualization - virtio Device Direct-Assignment

More information

What Cloud computing means in real life

What Cloud computing means in real life ITU TRCSL Symposium on Cloud Computing Session 2: Cloud Computing Foundation and Requirements What Cloud computing means in real life Saman Perera Senior General Manager Information Systems Mobitel (Pvt)

More information

Virtual Machines. COMP 3361: Operating Systems I Winter 2015 http://www.cs.du.edu/3361

Virtual Machines. COMP 3361: Operating Systems I Winter 2015 http://www.cs.du.edu/3361 s COMP 3361: Operating Systems I Winter 2015 http://www.cs.du.edu/3361 1 Virtualization! Create illusion of multiple machines on the same physical hardware! Single computer hosts multiple virtual machines

More information

CPET 581 Cloud Computing: Technologies and Enterprise IT Strategies. Virtualization of Clusters and Data Centers

CPET 581 Cloud Computing: Technologies and Enterprise IT Strategies. Virtualization of Clusters and Data Centers CPET 581 Cloud Computing: Technologies and Enterprise IT Strategies Lecture 4 Virtualization of Clusters and Data Centers Text Book: Distributed and Cloud Computing, by K. Hwang, G C. Fox, and J.J. Dongarra,

More information

Lecture 2 Cloud Computing & Virtualization. Cloud Application Development (SE808, School of Software, Sun Yat-Sen University) Yabo (Arber) Xu

Lecture 2 Cloud Computing & Virtualization. Cloud Application Development (SE808, School of Software, Sun Yat-Sen University) Yabo (Arber) Xu Lecture 2 Cloud Computing & Virtualization Cloud Application Development (SE808, School of Software, Sun Yat-Sen University) Yabo (Arber) Xu Outline Introduction to Virtualization The Major Approaches

More information

AMD MEMORY ENCRYPTION

AMD MEMORY ENCRYPTION White Paper AMD MEMORY ENCRYPTION April 21, 2016 David Kaplan, Jeremy Powell, Tom Woller DISCLAIMER The information contained herein is for informational purposes only, and is subject to change without

More information

Parallels Virtuozzo Containers

Parallels Virtuozzo Containers Parallels Virtuozzo Containers White Paper Top Ten Considerations For Choosing A Server Virtualization Technology www.parallels.com Version 1.0 Table of Contents Introduction... 3 Technology Overview...

More information

Beyond Virtualization: A Novel Software Architecture for Multi-Core SoCs. Jim Ready September 18, 2012

Beyond Virtualization: A Novel Software Architecture for Multi-Core SoCs. Jim Ready September 18, 2012 Beyond Virtualization: A Novel Software Architecture for Multi-Core SoCs Jim Ready September 18, 2012 How HW guys view the world SW Software HW How SW guys view the world SW HW Reality The SoC Software

More information

CHAPTER 1: OPERATING SYSTEM FUNDAMENTALS

CHAPTER 1: OPERATING SYSTEM FUNDAMENTALS CHAPTER 1: OPERATING SYSTEM FUNDAMENTALS What is an operating? A collection of software modules to assist programmers in enhancing efficiency, flexibility, and robustness An Extended Machine from the users

More information

Smartphone Security. A Holistic view of Layered Defenses. David M. Wheeler, CISSP, CSSLP, GSLC. (C) 2012 SecureComm, Inc. All Rights Reserved

Smartphone Security. A Holistic view of Layered Defenses. David M. Wheeler, CISSP, CSSLP, GSLC. (C) 2012 SecureComm, Inc. All Rights Reserved Smartphone Security A Holistic view of Layered Defenses David M. Wheeler, CISSP, CSSLP, GSLC 1 The Smartphone Market The smartphone security market is expected to grow at a rate of 44 percent annually

More information

Virtualization Technologies and Blackboard: The Future of Blackboard Software on Multi-Core Technologies

Virtualization Technologies and Blackboard: The Future of Blackboard Software on Multi-Core Technologies Virtualization Technologies and Blackboard: The Future of Blackboard Software on Multi-Core Technologies Kurt Klemperer, Principal System Performance Engineer kklemperer@blackboard.com Agenda Session Length:

More information

Enabling Technologies for Distributed and Cloud Computing

Enabling Technologies for Distributed and Cloud Computing Enabling Technologies for Distributed and Cloud Computing Dr. Sanjay P. Ahuja, Ph.D. 2010-14 FIS Distinguished Professor of Computer Science School of Computing, UNF Multi-core CPUs and Multithreading

More information

High Performance or Cycle Accuracy?

High Performance or Cycle Accuracy? CHIP DESIGN High Performance or Cycle Accuracy? You can have both! Bill Neifert, Carbon Design Systems Rob Kaye, ARM ATC-100 AGENDA Modelling 101 & Programmer s View (PV) Models Cycle Accurate Models Bringing

More information

IaaS Cloud Architectures: Virtualized Data Centers to Federated Cloud Infrastructures

IaaS Cloud Architectures: Virtualized Data Centers to Federated Cloud Infrastructures IaaS Cloud Architectures: Virtualized Data Centers to Federated Cloud Infrastructures Dr. Sanjay P. Ahuja, Ph.D. 2010-14 FIS Distinguished Professor of Computer Science School of Computing, UNF Introduction

More information

Android and real-time. ADREAM 2012

Android and real-time. ADREAM 2012 Android and real-time ADREAM 2012 fcamps@laas.fr Context : Android Android is a disruptive technology, which was introduced for mobile handsets, but has much wider potential. Increasing relevance of Android

More information

From Ethernet Ubiquity to Ethernet Convergence: The Emergence of the Converged Network Interface Controller

From Ethernet Ubiquity to Ethernet Convergence: The Emergence of the Converged Network Interface Controller White Paper From Ethernet Ubiquity to Ethernet Convergence: The Emergence of the Converged Network Interface Controller The focus of this paper is on the emergence of the converged network interface controller

More information

Chapter 14 Virtual Machines

Chapter 14 Virtual Machines Operating Systems: Internals and Design Principles Chapter 14 Virtual Machines Eighth Edition By William Stallings Virtual Machines (VM) Virtualization technology enables a single PC or server to simultaneously

More information

Confidentio. Integrated security processing unit. Including key management module, encryption engine and random number generator

Confidentio. Integrated security processing unit. Including key management module, encryption engine and random number generator Confidentio Integrated security processing unit Including key management module, encryption engine and random number generator Secure your digital life Confidentio : An integrated security processing unit

More information

ISOLATING UNTRUSTED SOFTWARE ON SECURE SYSTEMS HYPERVISOR CASE STUDY

ISOLATING UNTRUSTED SOFTWARE ON SECURE SYSTEMS HYPERVISOR CASE STUDY ISOLATING UNTRUSTED SOFTWARE ON SECURE SYSTEMS HYPERVISOR CASE STUDY Dr. Gregg Wildes DornerWorks www.dornerworks.com Embedded Systems Engineering for Security and Safety-Critical Systems Where Hardware

More information

Microsoft s Advantages and Goals for Hyper-V for Server 2016

Microsoft s Advantages and Goals for Hyper-V for Server 2016 Virtualization is a bedrock of modern cloud environments. Hypervisors manage the virtual machines in a cloud environments, providing six fundamental features, as shown in the table below. 1 Hypervisors

More information

The Review of Virtualization in an Isolated Computer Environment

The Review of Virtualization in an Isolated Computer Environment The Review of Virtualization in an Isolated Computer Environment Sunanda Assistant professor, Department of Computer Science & Engineering, Ludhiana College of Engineering & Technology, Ludhiana, Punjab,

More information

Securing your Virtual Datacenter. Part 1: Preventing, Mitigating Privilege Escalation

Securing your Virtual Datacenter. Part 1: Preventing, Mitigating Privilege Escalation Securing your Virtual Datacenter Part 1: Preventing, Mitigating Privilege Escalation Before We Start... Today's discussion is by no means an exhaustive discussion of the security implications of virtualization

More information

Network Virtualization and Application Delivery Using Software Defined Networking

Network Virtualization and Application Delivery Using Software Defined Networking Network Virtualization and Application Delivery Using Software Defined Networking Project Leader: Subharthi Paul Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Keynote at

More information

Technical Brief Distributed Trusted Computing

Technical Brief Distributed Trusted Computing Technical Brief Distributed Trusted Computing Josh Wood Look inside to learn about Distributed Trusted Computing in Tectonic Enterprise, an industry-first set of technologies that cryptographically verify,

More information

Proposal for Virtual Private Server Provisioning

Proposal for Virtual Private Server Provisioning Interpole Solutions 1050, Sadguru Darshan, New Prabhadevi Road, Mumbai - 400 025 Tel: 91-22-24364111, 24364112 Email : response@interpole.net Website: www.interpole.net Proposal for Virtual Private Server

More information

Building Docker Cloud Services with Virtuozzo

Building Docker Cloud Services with Virtuozzo Building Docker Cloud Services with Virtuozzo Improving security and performance of application containers services in the cloud EXECUTIVE SUMMARY Application containers, and Docker in particular, are

More information

Radware s AppDirector and AppXcel An Application Delivery solution for applications developed over BEA s Weblogic

Radware s AppDirector and AppXcel An Application Delivery solution for applications developed over BEA s Weblogic TESTING & INTEGRATION GROUP SOLUTION GUIDE Radware s AppDirector and AppXcel An Application Delivery solution for applications developed over BEA s Weblogic Contents INTRODUCTION... 2 RADWARE APPDIRECTOR...

More information

New Methodologies in Smart Card Security Design. Y.GRESSUS Methodology and Secure ASIC development manager, Bull CP8

New Methodologies in Smart Card Security Design. Y.GRESSUS Methodology and Secure ASIC development manager, Bull CP8 New Methodologies in Smart Card Security Design Y.GRESSUS Methodology and Secure ASIC development manager, Bull CP8 Japan Security Conference Page 2 Trends Opportunities New methodologies Summary Concurrent

More information

ADM5120 HOME GATEWAY CONTROLLER. Product Notes

ADM5120 HOME GATEWAY CONTROLLER. Product Notes HOME GATEWAY CONTROLLER Product Notes ADMtek.com.tw Information in this document is provided in connection with ADMtek products. ADMtek may make changes to specifications and product descriptions at any

More information

Responsive and Enforced Interrupt Handling for Real-Time System Virtualization

Responsive and Enforced Interrupt Handling for Real-Time System Virtualization Responsive and Enforced Interrupt Handling for Real-Time System Virtualization Hyoseung Kim * Shige Wang Raj Rajkumar * * General Motors R&D Workload Consolidation Multi-core CPUs for embedded real-time

More information

COS 318: Operating Systems. Virtual Machine Monitors

COS 318: Operating Systems. Virtual Machine Monitors COS 318: Operating Systems Virtual Machine Monitors Andy Bavier Computer Science Department Princeton University http://www.cs.princeton.edu/courses/archive/fall10/cos318/ Introduction Have been around

More information

ARM TrustZone and KVM Coexistence with RTOS For Automotive

ARM TrustZone and KVM Coexistence with RTOS For Automotive ARM TrustZone and KVM Coexistence with RTOS For Automotive Michele Paolino m.paolino@virtualopensystems.com Automotive-grade Linux Summit, 2015-06-01, Tokyo, Japan Authorship and sponsorship Michele Paolino,

More information

Nested Virtualization

Nested Virtualization Nested Virtualization Dongxiao Xu, Xiantao Zhang, Yang Zhang May 9, 2013 Agenda Nested Virtualization Overview Dive into Nested Virtualization Details Nested CPU Virtualization Nested MMU Virtualization

More information

Principles and characteristics of distributed systems and environments

Principles and characteristics of distributed systems and environments Principles and characteristics of distributed systems and environments Definition of a distributed system Distributed system is a collection of independent computers that appears to its users as a single

More information

AppDirector Load balancing IBM Websphere and AppXcel

AppDirector Load balancing IBM Websphere and AppXcel TESTING & INTEGRATION GROUP SOLUTION GUIDE AppDirector Load balancing IBM Websphere and AppXcel INTRODUCTION...2 RADWARE APPDIRECTOR...3 RADWARE APPXCEL...3 IBM WEBSPHERE...4 SOLUTION DETAILS...4 HOW IT

More information

Networking for Caribbean Development

Networking for Caribbean Development Networking for Caribbean Development BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n o g. o r g Virtualization: Architectural Considerations and Implementation Options Virtualization Virtualization is the

More information

RED HAT ENTERPRISE VIRTUALIZATION FOR SERVERS: COMPETITIVE FEATURES

RED HAT ENTERPRISE VIRTUALIZATION FOR SERVERS: COMPETITIVE FEATURES RED HAT ENTERPRISE VIRTUALIZATION FOR SERVERS: COMPETITIVE FEATURES RED HAT ENTERPRISE VIRTUALIZATION FOR SERVERS Server virtualization offers tremendous benefits for enterprise IT organizations server

More information

Outline: Operating Systems

Outline: Operating Systems Outline: Operating Systems What is an OS OS Functions Multitasking Virtual Memory File Systems Window systems PC Operating System Wars: Windows vs. Linux 1 Operating System provides a way to boot (start)

More information