Increasingly, all large-scale computing activities, including critical enterprise, financial, and public services, are being transitioned to cloud computing. Cloud computing is based on the technology of virtual machines, which enforces separation between the clients of a cloud service provider. Trust in cloud computing services depends on the security of the virtual machine implementation, of which virtual devices are building blocks. This project designs software tools that can automatically detect flaws in virtual device implementations, within a virtual machine platform. The inaccessible state of physical devices is represented as symbolic values in symbolic execution over the virtual device code, allowing for comparison of virtual and physical device states after subjecting each to a set of test events, without requiring measurements that interfere with the physical device state.

By detecting hidden flaws and vulnerabilities in virtual devices, this project reduces the risk of potential attacks that threaten the security of virtual machines and cloud services. The release of software tools as open source allows other researchers and practitioners to build on the results. In addition, the project integrates the research with educational and outreach activities, including a new course on troubleshooting in virtualized environment, recruitment of student participants from underrepresented groups, and participation in community organizations related to information technology and security.

Agency
National Science Foundation (NSF)
Institute
Division of Computer and Network Systems (CNS)
Type
Standard Grant (Standard)
Application #
1319115
Program Officer
M. Mimi McClure
Project Start
Project End
Budget Start
2013-10-01
Budget End
2017-09-30
Support Year
Fiscal Year
2013
Total Cost
$440,725
Indirect Cost
Name
University of Georgia
Department
Type
DUNS #
City
Athens
State
GA
Country
United States
Zip Code
30602