EECatalog SPECIAL FEATURE
|
|
- Clyde Hancock
- 8 years ago
- Views:
Transcription
1 Type Zero Hypervisor the New Frontier in Embedded Virtualization The hypervisor s full control over the hardware platform and ability to virtualize hardware platforms are beneficial in environments that face high security threats and demand high reliability. By Will Keegan and Arun Subbarao, LynuxWorks, Inc. Virtualization is a thriving technology proven to be successful in enterprise IT such as data centers and cloud computing. However, technology vendors have only scratched the surface on providing virtualization-based solutions, leaving untapped opportunities in industries beyond IT, specifically in the security-critical and safetycritical markets. A major tech producing industry that has yet to fully seize the expansive opportunities of virtualization is the embedded computing world, which serves a wide set of markets from defense systems to biomedical devices. This slower adoption is due to the underlying technology of virtualization the hypervisor. Up until now, hypervisors were primarily designed to serve the popular demands of enterprise IT, focused to run in IT server and desktop environments. As a result, these enterprise IT hypervisors do not support the strict properties commonly needed in embedded designs such as low power, small size, and determinism. However, as security in these embedded devices becomes a significant concern, the possibly of using virtualization to achieve security in embedded devices is gaining momentum in the embedded market. This article identifies unique security and reliability capabilities hypervisors have to offer to the embedded community and how the new Type Zero Hypervisor is able to deliver these capabilities with its unique architecture. Hypervisors for IT Infrastructure The hypervisor is software that creates an abstraction layer between hardware and operating systems, serving as the underlying technology of computer virtualization. Hypervisors achieve this layer of abstraction by taking full control over the physical computing platform to create software virtual hardware platforms that emulate the underlying hardware (Figure 1). These emulated platforms then allow operating systems, referred to as guest OSs, to run on the emulated platform instead of on the physical hardware. The emulated platforms can be replicated multiple times to support multiple guest OSs on the same machine, and can also be transferred to other hypervisor enabled machines. Today, hypervisors are most commonly deployed on IT servers and PCs to take advantage of multi-guest OS operation, which reduces the cost of maintaining multiple platforms and combines the capabilities offered by multiple flavors of OSs on a single platform. Hypervisors used in IT fit into two commonly designated architectures, type 2 and type 1: Type 2 hypervisors run as applications on top of a general purpose OSs such as Windows or Mac OS. Type 2 hypervisors are commonly deployed to run user programs designed for OSs on a machine running a different OS; for example, running Windows applications on a Mac. Type 1, also referred to as bare metal, is a single software hypervisor package that runs directly on hardware. The software packages in today s IT type 1 hypervisors include a hypervisor integrated, or paired, with a special purpose host operating system and additional applications to support features needed by the enterprise IT market. Existing type 2 and type 1 hypervisors are unsuited for use in embedded systems because they include a significant amount of unnecessary functionality that can greatly impact the size, security, and performance of an embedded system design. Figure 1 - Hypervisor Embedded Hypervisors Going 24 Engineers Guide to Embedded Linux and Android 2013
2 Beyond IT Hypervisors, if designed correctly, can offer benefits for embedded devices, and provide capabilities that are not offered by today s enterprise hypervisors. The hypervisor s full control over the hardware platform and ability to virtualize hardware platforms can be used to build advanced solutions to solve major problems in environments that face a high security threat and demand high reliability. Some of the major security and reliability use cases offered by hypervisors are listed below: maintaining separation between the security domains (Figure 2). Independent Measurement - In safety-critical environments, systems are commonly built with redundant components and system health monitors to detect the event of a component failure and recover operation with redundant components. Hypervisors can create independent computing environments that allow mission-critical functions to run without the interference of co-existing applications or complex dependencies of Security Domain Isolation - The hypervisor s full control over the hardware platform has the ability to isolate access to hardware resources to create separate computing environments for guest OSs that prohibit unauthorized information flow between security domains. Security domain isolation is extremely useful in tactical defense systems deployed on size, weight, and power (SWaP) restricted platforms, such as Humvees Figure 4 - Hypervisor Reference Monitor Figure 2 - Hypervisor Security Domain Isolation Figure 3- Hypervisor Independent Measurement and aircraft, that currently require multiple computing platforms to process separate levels of classified data. With a hypervisor a single computing platform can be used to process multiple levels of classified data while full operating systems. Using a hypervisor, a single computing node can run a system application in one virtual environment and an independent health monitor in a separate environment to measure the status of the application (Figure 3). In the event of an application error the health monitor has the opportunity to locally reset the application or direct a failover procedure for quicker response time and smarter fault-tolerant designs. Reference Monitoring - Both safety-critical and security-critical system computing nodes rely on data channel interfaces for either local storage or intersystem communication. A compromise in the integrity or authenticity of data transferred over communication channels can compromise the security and availability of the entire system. Hypervisors can provide the ability to independently mediate access and monitor information flow between applications and data channel interfaces to insure all information flow is un-tampered and always authorized to maintain operation. These hypervisor security and reliability use cases face two major technical challenges: 1) Having a security foundation that hosts independent computing domains and controls information flow between guest OSs, critical 25
3 Figure 5 - Hypervisor Size Comparison Chart functions, and system resources. 2) Availability of a hypervisor that addresses the needs of embedded platforms. These challenges by themselves are hard to satisfy with today s existing solutions. Trying to satisfy both requires a new design. The Type Zero hypervisor architecture, designed by LynuxWorks from the ground-up to operate in safetycritical and security-critical environments while meeting the stringent demands of embedded computing platforms, fully satisfies the requirements of these and many other use cases. Introducing Type Zero Type Zero is a new bare-metal architecture, designed by LynuxWorks, that differentiates from type 1 by removing the all un-needed functionality from the security sensitive hypervisor mode yet virtualizes guest operating systems in a tiny stand-alone package. By shedding the need of support by a full operating system, the Type Zero hypervisor drastically reduces the size and computational overhead imposed on target embedded systems. Figure 5 shows a comparison in size between type 2, type 1, and Type Zero architectures, indicating that the majority of code size in the type 2 and type 1 hypervisors is attributed to the underlying host or helper OS. Small size is one of many hypervisor design aspects needed by embedded systems. In order for hypervisors to operate in embedded mission critical systems, major architectural design considerations must be addressed to ensure key embedded, security, and reliability requirements are recognized and accommodated. The following properties are identified as key hypervisor architecture requirements for embedded virtualization systems for use in safety-critical and security-critical environments: Minimal Size - Embedded systems are commonly faced with limiting storage and memory restrictions. Embedded solutions utilizing virtualization technology must consider both the footprint of the guest OS and the foot print of the supporting hypervisor. Typical embedded hypervisors consume less than 512 KB of storage and less than 4MB of system RAM. In contrast, today s available type 1 hypervisors require storage footprints from hundreds of megabytes to several gigabytes before adding guest OS images, and consume several hundreds of megabytes to nearly a gigabyte of RAM. The base storage and memory footprint of type 1 hypervisors range from tens to thousands times larger than the demands of traditional embedded OSs which may well exceed the size restrictions on an embedded platform. Maximum Efficiency - Efficiency is very important for embedded solutions that have demanding throughput specifications or must operate in power-conscious devices with very limited processing capabilities. In order to maximize efficiency, hypervisors must only contain the functionality that is necessary and sufficient to serve the guest OS & its applications. Type 1 hypervisors, for example, depend on the underlying 26 Engineers Guide to Embedded Linux and Android 2013
4 support of a closed operating system, which may consume unnecessary CPU cycles outside the control of the embedded system architect. Determinism - Embedded systems often rely on the ability to guarantee the time of execution for all system operations. Having control over the timeliness of system operations allows architects to construct solutions that ensure the proper behavior of mission-critical functions and overall system availability. The biggest impact hypervisors have on determinism is the scheduler used to assign guest OSs CPU processing cycles. In order to perform any function that requires deterministic behavior in a virtualized environment, architects must have full control over the hypervisor scheduler to guarantee that critical functions are scheduled to execute on time, and to ensure that other low priority operations do not interfere with critical processes. Type 1 hypervisors utilize a dynamic CPU scheduler that determines the order of execution of guest OSs on CPU based on guest OS throughput demand. Dynamic CPU schedulers take control of execution from the system architect and pass it to the guest applications, which invariably get exploited by rogue applications for DDoS attacks. Security - Security is the most important property of a hypervisor running in high threat environments. The hypervisor is privileged software responsible for orchestrating the simultaneous execution of guest OSs while protecting each guest OS s integrity, confidentiality, and availability. All code running in the hypervisor has a direct impact the on overall security, reliability, and determinism of a hypervisor-enabled platform. Any unauthorized access or control over the hypervisor can be devastating for embedded solutions targeted for operation in safety or security-critical environments. The best way to strengthen the security of a hypervisor, or any system, is to limit the access components have over privileged resources and to reduce the complexity of the design. Type 1 hypervisors that rely on host OSs include complex privileged components like device drivers, and I/O stacks. This creates a situation which makes it very difficult to verify that the code in these components do not possess an exploitable flaw to gain unauthorized access to the hypervisor. Reliability - Reliability is the most important property for safety-critical systems. Many factors contribute to the reliability of a hypervisor, including, design complexity, determinism, and foundational security. Type 1 hypervisors are heavily tested to maintain operation, but the reliance on a full operating system does introduce significant risk through complexities in core components such as: dynamic process scheduling, full process model, dynamic memory management, file systems, I/O stacks, and third party device drivers. Any flaw in these components can cause system failure. Flexibility - Any foundational technology used in embedded systems requires flexibility for architects to mold the technology to fit their specific system designs. Although hypervisors are mainly marketed for their ability to host multiple OSs, the hypervisor s control over the physical hardware can provide capabilities that go beyond emulating computer platforms. Type 1 hypervisors provide a limiting user model that conforms to enterprise IT use cases. LynuxWorks LynxSecure Type Zero hypervisor exemplifies these architectural principles to ensure that key embedded mission-critical requirements can be realized using virtualization, as discussed in detail in the next section. LynxSecure - Type Zero Hypervisor Architecture The design goal of the LynxSecure Type Zero hypervisor architecture is to provide a secure and reliable foundation for virtualization platforms to serve a broad array of computing environments from embedded to enterprise systems. This objective of providing a secure foundation with the features to serve an expansive market poses a common paradox found in architecture design. A secure and reliable foundation demands a small and simple code base, but offering broad functionality increases complexity which can compromise size and security. Lynx- Secure s Type Zero architecture solves this problem of by establishing a foundational core needed by all virtualization markets while providing an external configuration framework that allows for many unique virtualization solutions to be constructed, without imposing unnecessary code bloat in the hypervisor core. LynxSecure - Type Zero Hypervisor Core The core foundation of the Type Zero hypervisor establishes a baseline set of functionality to support a virtualization framework that will enable system architects to build virtualization solutions for any market. The key to supporting this framework is selecting the minimal set of components needed maintain a secure, reliable, and efficient foundation for all forms Type Zero hypervisor deployments. The following set of functional components is implemented to comprise the LynxSecure Type Zero hypervisor core foundation (Figure 6): Real-time Virtual CPU (RTvCPU) Scheduler - The realtime virtual CPU scheduler orchestrates the execution of general guest OSs, real-time guest OS, and bare-metal applications) on the hardware CPU cores. The real-time scheduler gives system architects the flexibility to control execution scheduling on multiple, dedicated, or shared CPU cores with clock-tick precision to host realtime OSs and applications. The virtual CPU scheduler utilizes Intel VT-x to allow guest OSs to run directly on the CPU cores, reducing significant software complexity 27
5 Figure 6 - LynxSecure Type Zero Hypervisor Core and computational overhead. Without VT-x, hypervisors require additional software support to emulate the CPU for proper guest OS execution. Memory Manager - The memory manager allocates the memory for each guest OS and is responsible for protecting the integrity and confidentiality of the information stored and processed by each of the co-existing guests. Protecting the integrity and confidentiality of each guest OS is extremely important for solutions that require security domain separation between guest OSs. The memory manager also controls shared memory structures for intercommunication between guest OSs, bare-metal applications, virtual devices, para-virtual devices, and physical devices. The memory manager s role in fully protecting guest OS memory from unauthorized access is broken into two categories: protecting unauthorized access to guest OS memory from coexisting guest OSs, and protecting guest OS memory from external I/O devices. The memory manager is able to protect against unauthorized access requests originated from guest OSs, however the memory manager must rely on Intel s hardware VT-d to explicitly control the boundaries of memory read and write requests originating from external devices. In addition to VT-d, the memory manager benefits from Intel s recent extended page table (EPT) hardware feature. Using EPT, guest OSs are able to directly manage their local memory page tables, no longer requiring assistance from the hypervisor which removes a significant bottleneck in guest OS memory access performance. Hypercall API - The Hypercall API is a privileged hypervisor interface utilized by the virtualization framework to provide guest OSs and bare-metal applications a facility for inter-guest communication, guest OS management, audit, and maintenance management. Interrupt Handler - The interrupt handler manages interrupt signal routing for efficient asymmetric communication channels between guest OSs, bare-metal applications, virtual devices, para-virtual devices, and physical devices. Exception Handler - The exception handler manages illegal or privileged guest OS operations to ensure all system operations do not subvert the availability, integrity, and confidentiality protections provided by the hypervisor. Security Monitor - The security monitor is responsible for bringing the hypervisor into a secure state and continuously monitors security critical hardware resources to maintain a secure operational state. The security monitor relies on the Intel TXT feature set during the startup initialization process. Prior to loading the hypervisor, the hardware trusted platform module (TPM) is controlled via Intel s TXT instruction set to validate the Type Zero hypervisor is not compromised and is ready to enter full operational state. System Audit - The system audit component is an advanced service for recording major security, safety, or user defined system events that can be passed up to guest OSs or bare-metal applications to build robust fault detection, threat detection, and system recovery sub-systems. LynxSecure s Type Zero hypervisor core design satisfies the size, efficiency, determinism, security, and reliability requirements of embedded mission-critical systems, while leaving the need for flexibility up to the higher level virtualization framework. By selecting a minimum set of functionality and utilizing Intel s hardware assistance, the size and complexity of the core components are drastically reduced to assure vital security and reliability logic is correct, while the software computational overhead is minimized to improve latency for a stronger deterministic behavior. 28 Engineers Guide to Embedded Linux and Android 2013
6 Summary Virtualization is a powerful technology that is changing the way organizations of all shapes and sizes do business through the greatly offered cost saving and security benefits. Up until now, however, virtualization has been confined to IT server and PC environments leaving a world of untapped opportunity for technology producers to explore. With the help from advancements in hardware assisted virtualization features from chip vendors like Intel, combined with the vision from embedded RTOS company, LynuxWorks, the Type Zero hypervisor emerges to give the embedded community the tools they need to deliver the benefits of virtualization beyond the realm of enterprise IT, into new industries with the most demanding security and reliability requirements. Arun Subbarao is Vice President of Engineering at LynuxWorks, responsible for the development of security, virtualization and operatingsystem products, as well as consulting services. He has 20 years of experience in the software industry working on security, virtualization, operating systems and networking technologies. In this role, he spearheaded the development of the award-winning LynxSecure separation kernel and hypervisor product as well as software innovation in the areas of security, safety and virtualization. He has also been a panelist and presenter at several industry conferences. He holds a BS in Computer Science from India, MS in Computer Science from SUNY Albany and an MBA from Santa Clara University. Will Keegan is a technical specialist at LynuxWorks, Inc., where he upholds a strategic role in supporting sales, marketing, and engineering. He has over 7 years of experience working in enterprise IT, safety-critical, and security-critical industries. He previously served as a product engineer for OIS where he worked on the development and marketing of various high assurance cryptographic network and embedded middleware products. Will also served as a network engineer for USAA, building and maintaining world class data centers. He graduated from the University of Texas at Austin in 2005, earning a B.S. in Computer Science. 29
Virtualization for Cloud Computing
Virtualization for Cloud Computing Dr. Sanjay P. Ahuja, Ph.D. 2010-14 FIS Distinguished Professor of Computer Science School of Computing, UNF CLOUD COMPUTING On demand provision of computational resources
More informationHRG Assessment: Stratus everrun Enterprise
HRG Assessment: Stratus everrun Enterprise Today IT executive decision makers and their technology recommenders are faced with escalating demands for more effective technology based solutions while at
More information9/26/2011. What is Virtualization? What are the different types of virtualization.
CSE 501 Monday, September 26, 2011 Kevin Cleary kpcleary@buffalo.edu What is Virtualization? What are the different types of virtualization. Practical Uses Popular virtualization products Demo Question,
More informationFull and Para Virtualization
Full and Para Virtualization Dr. Sanjay P. Ahuja, Ph.D. 2010-14 FIS Distinguished Professor of Computer Science School of Computing, UNF x86 Hardware Virtualization The x86 architecture offers four levels
More informationevm Virtualization Platform for Windows
B A C K G R O U N D E R evm Virtualization Platform for Windows Host your Embedded OS and Windows on a Single Hardware Platform using Intel Virtualization Technology April, 2008 TenAsys Corporation 1400
More informationEnabling Technologies for Distributed and Cloud Computing
Enabling Technologies for Distributed and Cloud Computing Dr. Sanjay P. Ahuja, Ph.D. 2010-14 FIS Distinguished Professor of Computer Science School of Computing, UNF Multi-core CPUs and Multithreading
More informationA Survey on Virtual Machine Security
A Survey on Virtual Machine Security Jenni Susan Reuben Helsinki University of Technology jreubens@cc.hut.fi Abstract Virtualization plays a major role in helping the organizations to reduce the operational
More informationEnabling Technologies for Distributed Computing
Enabling Technologies for Distributed Computing Dr. Sanjay P. Ahuja, Ph.D. Fidelity National Financial Distinguished Professor of CIS School of Computing, UNF Multi-core CPUs and Multithreading Technologies
More informationVirtualization Technologies and Blackboard: The Future of Blackboard Software on Multi-Core Technologies
Virtualization Technologies and Blackboard: The Future of Blackboard Software on Multi-Core Technologies Kurt Klemperer, Principal System Performance Engineer kklemperer@blackboard.com Agenda Session Length:
More informationEmbedded Virtualization & Cyber Security for Industrial Automation HyperSecured PC-based Control and Operation
Embedded Virtualization & Cyber Security for Industrial Automation HyperSecured PC-based Control and Operation Industrial controllers and HMIs today mostly lack protective functions for their IT and network
More informationSecuring your Virtual Datacenter. Part 1: Preventing, Mitigating Privilege Escalation
Securing your Virtual Datacenter Part 1: Preventing, Mitigating Privilege Escalation Before We Start... Today's discussion is by no means an exhaustive discussion of the security implications of virtualization
More informationVirtualization and the U2 Databases
Virtualization and the U2 Databases Brian Kupzyk Senior Technical Support Engineer for Rocket U2 Nik Kesic Lead Technical Support for Rocket U2 Opening Procedure Orange arrow allows you to manipulate the
More informationProteus, a hybrid Virtualization Platform for Embedded Systems
Proteus, a hybrid Virtualization Platform for Embedded Systems Dipl.-Inf. Daniel Baldin and Dipl.-Inf. Timo Kerstan Heinz-Nixdorf-Institute University of Paderborn 33102 Paderborn, Germany dbaldin@uni-paderborn.de
More informationNetworking for Caribbean Development
Networking for Caribbean Development BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n o g. o r g Virtualization: Architectural Considerations and Implementation Options Virtualization Virtualization is the
More informationA hypervisor approach with real-time support to the MIPS M5150 processor
ISQED Wednesday March 4, 2015 Session 5B A hypervisor approach with real-time support to the MIPS M5150 processor Authors: Samir Zampiva (samir.zampiva@acad.pucrs.br) Carlos Moratelli (carlos.moratelli@pucrs.br)
More informationVirtualization. P. A. Wilsey. The text highlighted in green in these slides contain external hyperlinks. 1 / 16
1 / 16 Virtualization P. A. Wilsey The text highlighted in green in these slides contain external hyperlinks. 2 / 16 Conventional System Viewed as Layers This illustration is a common presentation of the
More informationCOS 318: Operating Systems. Virtual Machine Monitors
COS 318: Operating Systems Virtual Machine Monitors Kai Li and Andy Bavier Computer Science Department Princeton University http://www.cs.princeton.edu/courses/archive/fall13/cos318/ Introduction u Have
More informationWhite Paper. Recording Server Virtualization
White Paper Recording Server Virtualization Prepared by: Mike Sherwood, Senior Solutions Engineer Milestone Systems 23 March 2011 Table of Contents Introduction... 3 Target audience and white paper purpose...
More informationVirtualization Technology. Zhiming Shen
Virtualization Technology Zhiming Shen Virtualization: rejuvenation 1960 s: first track of virtualization Time and resource sharing on expensive mainframes IBM VM/370 Late 1970 s and early 1980 s: became
More informationHypervisors. Introduction. Introduction. Introduction. Introduction. Introduction. Credits:
Hypervisors Credits: P. Chaganti Xen Virtualization A practical handbook D. Chisnall The definitive guide to Xen Hypervisor G. Kesden Lect. 25 CS 15-440 G. Heiser UNSW/NICTA/OKL Virtualization is a technique
More informationThe Benefits of Virtualization for Your DR Plan
E-Guide The Benefits of Virtualization for Your DR Plan Server virtualization is making a positive impact in the area of disaster recovery. Through virtualization, organizations can save money, as well
More informationRackspace Cloud Databases and Container-based Virtualization
Rackspace Cloud Databases and Container-based Virtualization August 2012 J.R. Arredondo @jrarredondo Page 1 of 6 INTRODUCTION When Rackspace set out to build the Cloud Databases product, we asked many
More informationNext Generation Now: Red Hat Enterprise Linux 6 Virtualization A Unique Cloud Approach. Jeff Ruby Channel Manager jruby@redhat.com
Next Generation Now: Virtualization A Unique Cloud Approach Jeff Ruby Channel Manager jruby@redhat.com Introducing Extensive improvements in every dimension Efficiency, scalability and reliability Unprecedented
More informationVirtual Machines. www.viplavkambli.com
1 Virtual Machines A virtual machine (VM) is a "completely isolated guest operating system installation within a normal host operating system". Modern virtual machines are implemented with either software
More informationVirtualization. P. A. Wilsey. The text highlighted in green in these slides contain external hyperlinks. 1 / 16
Virtualization P. A. Wilsey The text highlighted in green in these slides contain external hyperlinks. 1 / 16 Conventional System Viewed as Layers This illustration is a common presentation of the application/operating
More informationVirtual Machines. COMP 3361: Operating Systems I Winter 2015 http://www.cs.du.edu/3361
s COMP 3361: Operating Systems I Winter 2015 http://www.cs.du.edu/3361 1 Virtualization! Create illusion of multiple machines on the same physical hardware! Single computer hosts multiple virtual machines
More informationParallels Virtuozzo Containers
Parallels Virtuozzo Containers White Paper Top Ten Considerations For Choosing A Server Virtualization Technology www.parallels.com Version 1.0 Table of Contents Introduction... 3 Technology Overview...
More informationWIND RIVER SECURE ANDROID CAPABILITY
WIND RIVER SECURE ANDROID CAPABILITY Cyber warfare has swiftly migrated from hacking into enterprise networks and the Internet to targeting, and being triggered from, mobile devices. With the recent explosion
More informationMark Bennett. Search and the Virtual Machine
Mark Bennett Search and the Virtual Machine Agenda Intro / Business Drivers What to do with Search + Virtual What Makes Search Fast (or Slow!) Virtual Platforms Test Results Trends / Wrap Up / Q & A Business
More informationCompromise-as-a-Service
ERNW GmbH Carl-Bosch-Str. 4 D-69115 Heidelberg 3/31/14 Compromise-as-a-Service Our PleAZURE Felix Wilhelm & Matthias Luft {fwilhelm, mluft}@ernw.de ERNW GmbH Carl-Bosch-Str. 4 D-69115 Heidelberg Agenda
More informationVMware and CPU Virtualization Technology. Jack Lo Sr. Director, R&D
ware and CPU Virtualization Technology Jack Lo Sr. Director, R&D This presentation may contain ware confidential information. Copyright 2005 ware, Inc. All rights reserved. All other marks and names mentioned
More informationIntroduction to the NI Real-Time Hypervisor
Introduction to the NI Real-Time Hypervisor 1 Agenda 1) NI Real-Time Hypervisor overview 2) Basics of virtualization technology 3) Configuring and using Real-Time Hypervisor systems 4) Performance and
More informationVirtualization. Types of Interfaces
Virtualization Virtualization: extend or replace an existing interface to mimic the behavior of another system. Introduced in 1970s: run legacy software on newer mainframe hardware Handle platform diversity
More informationCSE 501 Monday, September 09, 2013 Kevin Cleary kpcleary@buffalo.edu
CSE 501 Monday, September 09, 2013 Kevin Cleary kpcleary@buffalo.edu What is Virtualization? Practical Uses What can be virtualized Popular virtualization products Demo Question, answer, discussion Can
More informationWhat is virtualization
Virtualization Concepts Virtualization Virtualization is the process of presenting computing resources in ways that users and applications can easily get value out of them, rather than presenting them
More informationSatish Mohan. Head Engineering. AMD Developer Conference, Bangalore
Satish Mohan Head Engineering AMD Developer Conference, Bangalore Open source software Allows developers worldwide to collaborate and benefit. Strategic elimination of vendor lock in OSS naturally creates
More informationwww.see-grid-sci.eu Regional SEE-GRID-SCI Training for Site Administrators Institute of Physics Belgrade March 5-6, 2009
SEE-GRID-SCI Virtualization and Grid Computing with XEN www.see-grid-sci.eu Regional SEE-GRID-SCI Training for Site Administrators Institute of Physics Belgrade March 5-6, 2009 Milan Potocnik University
More informationRapidly Growing Linux OS: Features and Reliability
Rapidly Growing Linux OS: Features and Reliability V Norio Kurobane (Manuscript received May 20, 2005) Linux has been making rapid strides through mailing lists of volunteers working in the Linux communities.
More informationWHITE PAPER Mainstreaming Server Virtualization: The Intel Approach
WHITE PAPER Mainstreaming Server Virtualization: The Intel Approach Sponsored by: Intel John Humphreys June 2006 Tim Grieser IDC OPINION Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200
More informationTHE RTOS AS THE ENGINE POWERING THE INTERNET OF THINGS
THE RTOS AS THE ENGINE POWERING THE INTERNET OF THINGS By Bill Graham and Michael Weinstein INNOVATORS START HERE. EXECUTIVE SUMMARY Driven by the convergence of cloud technology, rapidly growing data
More informationParallels Virtuozzo Containers
Parallels Virtuozzo Containers White Paper Virtual Desktop Infrastructure www.parallels.com Version 1.0 Table of Contents Table of Contents... 2 Enterprise Desktop Computing Challenges... 3 What is Virtual
More informationMirror File System for Cloud Computing
Mirror File System for Cloud Computing Twin Peaks Software Abstract The idea of the Mirror File System (MFS) is simple. When a user creates or updates a file, MFS creates or updates it in real time on
More informationVirtualization: Hypervisors for Embedded and Safe Systems. Hanspeter Vogel Triadem Solutions AG
1 Virtualization: Hypervisors for Embedded and Safe Systems Hanspeter Vogel Triadem Solutions AG 2 Agenda Use cases for virtualization Terminology Hypervisor Solutions Realtime System Hypervisor Features
More informationCloud Computing CS 15-319
Cloud Computing CS 15-319 Virtualization Case Studies : Xen and VMware Lecture 20 Majd F. Sakr, Mohammad Hammoud and Suhail Rehman 1 Today Last session Resource Virtualization Today s session Virtualization
More informationThe Benefits of Virtualizing Citrix XenApp with Citrix XenServer
White Paper The Benefits of Virtualizing Citrix XenApp with Citrix XenServer This white paper will discuss how customers can achieve faster deployment, higher reliability, easier management, and reduced
More informationBuilding Docker Cloud Services with Virtuozzo
Building Docker Cloud Services with Virtuozzo Improving security and performance of application containers services in the cloud EXECUTIVE SUMMARY Application containers, and Docker in particular, are
More informationDesktop Virtualization. The back-end
Desktop Virtualization The back-end Will desktop virtualization really fit every user? Cost? Scalability? User Experience? Beyond VDI with FlexCast Mobile users Guest workers Office workers Remote workers
More informationLustre Networking BY PETER J. BRAAM
Lustre Networking BY PETER J. BRAAM A WHITE PAPER FROM CLUSTER FILE SYSTEMS, INC. APRIL 2007 Audience Architects of HPC clusters Abstract This paper provides architects of HPC clusters with information
More informationVirtualization for Hard Real-Time Applications Partition where you can Virtualize where you have to
Virtualization for Hard Real-Time Applications Partition where you can Virtualize where you have to Hanspeter Vogel Triadem Solutions AG Real-Time Systems GmbH Gartenstrasse 33 D-88212 Ravensburg Germany
More informationVIRTUALIZATION, The next step for online services
Scientific Bulletin of the Petru Maior University of Tîrgu Mureş Vol. 10 (XXVII) no. 1, 2013 ISSN-L 1841-9267 (Print), ISSN 2285-438X (Online), ISSN 2286-3184 (CD-ROM) VIRTUALIZATION, The next step for
More informationHow Solace Message Routers Reduce the Cost of IT Infrastructure
How Message Routers Reduce the Cost of IT Infrastructure This paper explains how s innovative solution can significantly reduce the total cost of ownership of your messaging middleware platform and IT
More informationBefore we can talk about virtualization security, we need to delineate the differences between the
1 Before we can talk about virtualization security, we need to delineate the differences between the terms virtualization and cloud. Virtualization, at its core, is the ability to emulate hardware via
More informationUnderstanding Full Virtualization, Paravirtualization, and Hardware Assist. Introduction...1 Overview of x86 Virtualization...2 CPU Virtualization...
Contents Introduction...1 Overview of x86 Virtualization...2 CPU Virtualization...3 The Challenges of x86 Hardware Virtualization...3 Technique 1 - Full Virtualization using Binary Translation...4 Technique
More informationData Protection in a Virtualized Environment
The Essentials Series: Virtualization and Disaster Recovery Data Protection in a Virtualized Environment sponsored by by J. Peter Bruzzese Da ta Protection in a Virtualized Environment... 1 An Overview
More informationWindows Server Virtualization & The Windows Hypervisor
Windows Server Virtualization & The Windows Hypervisor Brandon Baker Lead Security Engineer Windows Kernel Team Microsoft Corporation Agenda - Windows Server Virtualization (WSV) Why a hypervisor? Quick
More informationVirtual Machine Environments: Data Protection and Recovery Solutions
The Essentials Series: The Evolving Landscape of Enterprise Data Protection Virtual Machine Environments: Data Protection and Recovery Solutions sponsored by by Dan Sullivan Vir tual Machine Environments:
More informationRPM Brotherhood: KVM VIRTUALIZATION TECHNOLOGY
RPM Brotherhood: KVM VIRTUALIZATION TECHNOLOGY Syamsul Anuar Abd Nasir Fedora Ambassador Malaysia 1 ABOUT ME Technical Consultant for Warix Technologies - www.warix.my Warix is a Red Hat partner Offers
More informationMigration and Disaster Recovery Underground in the NEC / Iron Mountain National Data Center with the RackWare Management Module
Migration and Disaster Recovery Underground in the NEC / Iron Mountain National Data Center with the RackWare Management Module WHITE PAPER May 2015 Contents Advantages of NEC / Iron Mountain National
More informationUsing Multipathing Technology to Achieve a High Availability Solution
Using Multipathing Technology to Achieve a High Availability Solution Table of Contents Introduction...3 Multipathing Technology...3 Multipathing I/O Implementations...5 Storage Redundancy...5 Infortrend
More informationTOP TEN CONSIDERATIONS
White Paper TOP TEN CONSIDERATIONS FOR CHOOSING A SERVER VIRTUALIZATION TECHNOLOGY Learn more at www.swsoft.com/virtuozzo Published: July 2006 Revised: July 2006 Table of Contents Introduction... 3 Technology
More informationRED HAT ENTERPRISE VIRTUALIZATION FOR SERVERS: COMPETITIVE FEATURES
RED HAT ENTERPRISE VIRTUALIZATION FOR SERVERS: COMPETITIVE FEATURES RED HAT ENTERPRISE VIRTUALIZATION FOR SERVERS Server virtualization offers tremendous benefits for enterprise IT organizations server
More informationDistributed and Cloud Computing
Distributed and Cloud Computing K. Hwang, G. Fox and J. Dongarra Chapter 3: Virtual Machines and Virtualization of Clusters and datacenters Adapted from Kai Hwang University of Southern California March
More informationChapter 5 Cloud Resource Virtualization
Chapter 5 Cloud Resource Virtualization Contents Virtualization. Layering and virtualization. Virtual machine monitor. Virtual machine. Performance and security isolation. Architectural support for virtualization.
More informationMasters Project Proposal
Masters Project Proposal Virtual Machine Storage Performance Using SR-IOV by Michael J. Kopps Committee Members and Signatures Approved By Date Advisor: Dr. Jia Rao Committee Member: Dr. Xiabo Zhou Committee
More informationVirtualization. Dr. Yingwu Zhu
Virtualization Dr. Yingwu Zhu What is virtualization? Virtualization allows one computer to do the job of multiple computers. Virtual environments let one computer host multiple operating systems at the
More informationThe Art of Virtualization with Free Software
Master on Free Software 2009/2010 {mvidal,jfcastro}@libresoft.es GSyC/Libresoft URJC April 24th, 2010 (cc) 2010. Some rights reserved. This work is licensed under a Creative Commons Attribution-Share Alike
More informationDevelop a process for applying updates to systems, including verifying properties of the update. Create File Systems
RH413 Manage Software Updates Develop a process for applying updates to systems, including verifying properties of the update. Create File Systems Allocate an advanced file system layout, and use file
More informationParallels VDI Solution
Parallels VDI Solution White Paper Version 1.0 April 2009 Table of Contents Enterprise Desktop Computing Challenges... 3 What is Virtual Desktop Infrastructure (VDI)... 3 Benefits of Virtual Desktop Infrastructure...
More informationKVM: Kernel-based Virtualization Driver
KVM: Kernel-based Virtualization Driver White Paper Overview The current interest in virtualization has led to the creation of several different hypervisors. Most of these, however, predate hardware-assisted
More informationA Study on Detection of Hacking and Malware Codes in Bare Metal Hypervisor for Virtualized Internal Environment of Cloud Service
78 A Study on Detection of Hacking and Malware Codes in Bare Metal Hypervisor for Virtualized Internal Environment of Cloud Service Jung-oh Park Dept. of Information Communications, DONGYANG MIRAE University,
More informationSDN software switch Lagopus and NFV enabled software node
SDN software switch Lagopus and NFV enabled software node Kazuaki OBANA NTT Network Innovation Laboratories SDN software switch Lagopus 1 Motivation Agile and flexible networking Full automation in provisioning,
More informationBasics in Energy Information (& Communication) Systems Virtualization / Virtual Machines
Basics in Energy Information (& Communication) Systems Virtualization / Virtual Machines Dr. Johann Pohany, Virtualization Virtualization deals with extending or replacing an existing interface so as to
More informationKVM: A Hypervisor for All Seasons. Avi Kivity avi@qumranet.com
KVM: A Hypervisor for All Seasons Avi Kivity avi@qumranet.com November 2007 Virtualization Simulation of computer system in software Components Processor: register state, instructions, exceptions Memory
More informationData Centers and Cloud Computing
Data Centers and Cloud Computing CS377 Guest Lecture Tian Guo 1 Data Centers and Cloud Computing Intro. to Data centers Virtualization Basics Intro. to Cloud Computing Case Study: Amazon EC2 2 Data Centers
More informationHP Data Protector software. Assuring Business Continuity in Virtualised Environments
HP Data Protector software Assuring Business Continuity in Virtualised Environments Would not it be great if your virtual server environment actually translated to a better reality? One where you could
More informationVirtualization: What does it mean for SAS? Karl Fisher and Clarke Thacher, SAS Institute Inc., Cary, NC
Paper 347-2009 Virtualization: What does it mean for SAS? Karl Fisher and Clarke Thacher, SAS Institute Inc., Cary, NC ABSTRACT SAS groups virtualization into four categories: Hardware Virtualization,
More informationEnhancing Hypervisor and Cloud Solutions Using Embedded Linux Iisko Lappalainen MontaVista
Enhancing Hypervisor and Cloud Solutions Using Embedded Linux Iisko Lappalainen MontaVista Setting the Stage This presentation will discuss the usage of Linux as a base component of hypervisor components
More informationCycurHSM An Automotive-qualified Software Stack for Hardware Security Modules
CycurHSM An Automotive-qualified Software Stack for Hardware Security Modules Dr. Frederic Stumpf, ESCRYPT GmbH Embedded Security, Stuttgart, Germany 1 Introduction Electronic Control Units (ECU) are embedded
More informationVirtualization. Pradipta De pradipta.de@sunykorea.ac.kr
Virtualization Pradipta De pradipta.de@sunykorea.ac.kr Today s Topic Virtualization Basics System Virtualization Techniques CSE506: Ext Filesystem 2 Virtualization? A virtual machine (VM) is an emulation
More informationVMware Security Briefing. Rob Randell, CISSP Senior Security Specialist SE
VMware Security Briefing Rob Randell, CISSP Senior Security Specialist SE Agenda Security Advantages of Virtualization Security Concepts in Virtualization Architecture Operational Security Issues with
More informationVersion 3.7 Technical Whitepaper
Version 3.7 Technical Whitepaper Virtual Iron 2007-1- Last modified: June 11, 2007 Table of Contents Introduction... 3 What is Virtualization?... 4 Native Virtualization A New Approach... 5 Virtual Iron
More informationOracle Database Scalability in VMware ESX VMware ESX 3.5
Performance Study Oracle Database Scalability in VMware ESX VMware ESX 3.5 Database applications running on individual physical servers represent a large consolidation opportunity. However enterprises
More informationVMware Virtual Infrastucture From the Virtualized to the Automated Data Center
VMware Virtual Infrastucture From the Virtualized to the Automated Data Center Senior System Engineer VMware Inc. ngalante@vmware.com Agenda Vision VMware Enables Datacenter Automation VMware Solutions
More informationCPET 581 Cloud Computing: Technologies and Enterprise IT Strategies. Virtualization of Clusters and Data Centers
CPET 581 Cloud Computing: Technologies and Enterprise IT Strategies Lecture 4 Virtualization of Clusters and Data Centers Text Book: Distributed and Cloud Computing, by K. Hwang, G C. Fox, and J.J. Dongarra,
More informationSURVEY ON VIRTUALIZATION VULNERABILITIES
SURVEY ON VIRTUALIZATION VULNERABILITIES Indumathy M Department of MCA, Acharya Institute of Technology, Bangalore, (India) ABSTRACT Virtualization plays a major role in serving the organizations to reduce
More informationVirtual Machine Security
Virtual Machine Security CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07/ 1 Operating System Quandary Q: What is the primary goal
More informationPresentation of Diagnosing performance overheads in the Xen virtual machine environment
Presentation of Diagnosing performance overheads in the Xen virtual machine environment September 26, 2005 Framework Using to fix the Network Anomaly Xen Network Performance Test Using Outline 1 Introduction
More informationOn- Prem MongoDB- as- a- Service Powered by the CumuLogic DBaaS Platform
On- Prem MongoDB- as- a- Service Powered by the CumuLogic DBaaS Platform Page 1 of 16 Table of Contents Table of Contents... 2 Introduction... 3 NoSQL Databases... 3 CumuLogic NoSQL Database Service...
More informationThe Review of Virtualization in an Isolated Computer Environment
The Review of Virtualization in an Isolated Computer Environment Sunanda Assistant professor, Department of Computer Science & Engineering, Ludhiana College of Engineering & Technology, Ludhiana, Punjab,
More informationVirtualization. Michael Tsai 2015/06/08
Virtualization Michael Tsai 2015/06/08 What is virtualization? Let s first look at a video from VMware http://bcove.me/x9zhalcl Problems? Low utilization Different needs DNS DHCP Web mail 5% 5% 15% 8%
More informationHypervisors and Virtual Machines
Hypervisors and Virtual Machines Implementation Insights on the x86 Architecture DON REVELLE Don is a performance engineer and Linux systems/kernel programmer, specializing in high-volume UNIX, Web, virtualization,
More informationUses for Virtual Machines. Virtual Machines. There are several uses for virtual machines:
Virtual Machines Uses for Virtual Machines Virtual machine technology, often just called virtualization, makes one computer behave as several computers by sharing the resources of a single computer between
More informationKVM KERNEL BASED VIRTUAL MACHINE
KVM KERNEL BASED VIRTUAL MACHINE BACKGROUND Virtualization has begun to transform the way that enterprises are deploying and managing their infrastructure, providing the foundation for a truly agile enterprise,
More informationHypervisor Software and Virtual Machines. Professor Howard Burpee SMCC Computer Technology Dept.
Hypervisor Software and Virtual Machines Learning Objectives Understand the common features of today s desktop virtualization products Select and implement a desktop virtualization option on a Linux, Mac,
More informationChapter 14 Virtual Machines
Operating Systems: Internals and Design Principles Chapter 14 Virtual Machines Eighth Edition By William Stallings Virtual Machines (VM) Virtualization technology enables a single PC or server to simultaneously
More informationUNCLASSIFIED Version 1.0 May 2012
Secure By Default: Platforms Computing platforms contain vulnerabilities that can be exploited for malicious purposes. Often exploitation does not require a high degree of expertise, as tools and advice
More informationRed Hat Enterprise Linux 6. Stanislav Polášek ELOS Technologies sp@elostech.cz
Stanislav Polášek ELOS Technologies sp@elostech.cz Red Hat - an Established Global Leader Compiler Development Identity & Authentication Storage & File Systems Middleware Kernel Development Virtualization
More informationvsphere 6.0 Advantages Over Hyper-V
v3c Advantages Over Hyper-V The most trusted and complete virtualization platform 2015 Q1 2015 VMware Inc. All rights reserved. The Most Trusted Virtualization Platform Hypervisor Architecture Broad Support
More informationFeature Comparison. Windows Server 2008 R2 Hyper-V and Windows Server 2012 Hyper-V
Comparison and Contents Introduction... 4 More Secure Multitenancy... 5 Flexible Infrastructure... 9 Scale, Performance, and Density... 13 High Availability... 18 Processor and Memory Support... 24 Network...
More informationVirtual machines and operating systems
V i r t u a l m a c h i n e s a n d o p e r a t i n g s y s t e m s Virtual machines and operating systems Krzysztof Lichota lichota@mimuw.edu.pl A g e n d a Virtual machines and operating systems interactions
More information