| Title: |
Executing Secured Virtual Machines within a Manycore Architecture |
| Authors: |
Dévigne, Clément, L; Bréjon, Jean-Baptiste, L; Meunier, Quentin L.; Wajsbürt, Franck, L |
| Contributors: |
Architecture et Logiciels pour Systèmes Embarqués sur Puce (ALSOC); Laboratoire d'Informatique de Paris 6 (LIP6); Université Pierre et Marie Curie - Paris 6 (UPMC)-Centre National de la Recherche Scientifique (CNRS)-Université Pierre et Marie Curie - Paris 6 (UPMC)-Centre National de la Recherche Scientifique (CNRS); ANR-13-INSE-0002,TSUNAMY,Gestion logicielle et matérielle de la sécurité des données pour des plateformes manycore(2013) |
| Source: |
ISSN: 0141-9331 ; EISSN: 1872-9436. |
| Publisher Information: |
CCSD; Elsevier |
| Publication Year: |
2016 |
| Subject Terms: |
[INFO.INFO-AR]Computer Science [cs]/Hardware Architecture [cs.AR] |
| Description: |
International audience ; Manycore processors are a way to face the always growing demand in digital data processing. However, by putting closer distinct and possibly private data, they open up new security breaches. Splitting the architecture into several partitions managed by a hypervisor is a way to enforce isolation between the running virtual machines. Thanks to their high number of cores, these architectures can mitigate the impact of dedicating cores both to the virtual machines and the hypervisor, while allowing an efficient execution of the virtualized operating systems. We present such an architecture allowing the execution of fully virtualized multicore operating systems benefiting of hardware cache coherence. The physical isolation is made by the means of address space via the introduction of a light hardware module similar to a memory-management unit at the network-on-chip entrance, but without the drawback of relying on a page table. We designed a cycle-accurate virtual prototype of the architecture , controlled by a light blind hypervisor with minimum rights, only able to start and stop virtual machines. Experiments made on our virtual prototype shows that our solution has a low time overhead – typically 3% on average. |
| Document Type: |
article in journal/newspaper |
| Language: |
English |
| DOI: |
10.1016/j.micpro.2016.09.008 |
| Availability: |
https://hal.sorbonne-universite.fr/hal-01382444; https://hal.sorbonne-universite.fr/hal-01382444v1/document; https://hal.sorbonne-universite.fr/hal-01382444v1/file/micpro.pdf; https://doi.org/10.1016/j.micpro.2016.09.008 |
| Rights: |
info:eu-repo/semantics/OpenAccess |
| Accession Number: |
edsbas.29AB3328 |
| Database: |
BASE |