Abstract
This paper presents the first results from the ongoing research project HASPOC, developing a high assurance virtualization platform for the ARMv8 CPU architecture. Formal verification at machine code level guarantees information isolation between different guest systems (e.g. OSs) running on the platform. To use the platform in networking scenarios, we allow guest systems to securely communicate with each other via platform-provided communication channels and to take exclusive control of peripherals for communication with the outside world. The isolation is shown to be formally equivalent to that of guests executing on physically separate platforms with dedicated communication channels crossing the air-gap. Common Criteria (CC) assurance methodology is applied by preparing the CC documentation required for an EAL6 evaluation of products using the platform. Besides the hypervisor, a secure boot component is included and verified to ensure system integrity.
| Original language | English |
|---|---|
| Title of host publication | 2016 European Conference on Networks and Communications (EuCNC) |
| Publisher | IEEE - Institute of Electrical and Electronics Engineers Inc. |
| Pages | 210-214 |
| Number of pages | 5 |
| ISBN (Electronic) | 9781509028931 |
| ISBN (Print) | 9781509028948 |
| DOIs | |
| Publication status | Published - 2016 Sept 6 |
| Externally published | Yes |
| Event | 2016 European Conference on Networks and Communications, EUCNC 2016 - Athens, Greece Duration: 2016 Jun 27 → 2016 Jun 30 |
Conference
| Conference | 2016 European Conference on Networks and Communications, EUCNC 2016 |
|---|---|
| Country/Territory | Greece |
| City | Athens |
| Period | 2016/06/27 → 2016/06/30 |
Free keywords
- ARMv8
- assurance
- Common Criteria
- formal verification
- hypervisor
- isolation