Building Trusted and Real Time ARM Guests Execution Environments for Mixed Criticality With T-KVM, a hypervisor architecture that implements an hardware isolated secure and real time environment

Paolino, Michele; Chappuis, Kevin; Rigo, Alvise; Spyridakis, Alexander; Fanguède, Jérémy; Lalov, Petar; Raho, Daniel

Home // International Journal On Advances in Security, volume 8, numbers 3 and 4, 2015 // View article

Building Trusted and Real Time ARM Guests Execution Environments for Mixed Criticality With T-KVM, a hypervisor architecture that implements an hardware isolated secure and real time environment

Authors:
Michele Paolino
Kevin Chappuis
Alvise Rigo
Alexander Spyridakis
Jérémy Fanguède
Petar Lalov
Daniel Raho

Keywords: Trusted KVM; ARMv8 Trusted Computing; ARM Virtualization; Mixed Criticality; Real Time

Abstract:
The new ARMv8 architecture is targeting the server, Network Functions Virtualization (NFV), Mobile Edge Comput- ing (MEC) and In-Vehicle Infotainment (IVI) market segments. At the same time, it will empower Internet of Things (IoT), Cyber Physical Systems (CPS), automotive Electronic Control Units (ECU), avionics and mixed criticality devices. In this context, virtualization is a key feature to enable the cloud delivery model, to implement multitenancy, to isolate differ- ent execution environments and to improve hardware/software standardization and consolidation. Since guaranteeing a strict isolation of both the data and the code executed in Virtual Machines (VMs) counts today more than ever, the security of the hypervisor and its guests has become dramatically important. This paper extends Trusted Kernel-based Virtual Machine (T- KVM) [1], an architecture for the KVM-on-ARM hypervisor proposed to satisfy the above market trends, in the direction of an efficient and high performance interrupt management. T- KVM integrates software/hardware components to isolate guest Operating Systems (OSes) and enable Trusted Computing along with mixed criticality in ARM virtual machines. It combines four isolation layers: ARM Virtualization and Security Extensions (also known as ARM VE and TrustZone), GlobalPlatform Trusted Execution Environment (TEE) APIs and SELinux Mandatory Access Control (MAC) security policy. In this paper, the T-KVM architecture and its interrupt management features are described in detail, as well as its key implementation challenges and system security considerations. Lastly, a performance evaluation of the proposed solution is presented.

Pages: 130 to 140

Publication date: December 30, 2015

Published in: journal

ISSN: 1942-2636