Increasingly, all large-scale computing activities, including critical enterprise, financial, and public services, are being transitioned to cloud computing. Cloud computing is based on the technology of virtual machines, which enforces separation between the clients of a cloud service provider. Trust in cloud computing services depends on the security of the virtual machine implementation, of which virtual devices are building blocks. This project designs software tools that can automatically detect flaws in virtual device implementations, within a virtual machine platform. The inaccessible state of physical devices is represented as symbolic values in symbolic execution over the virtual device code, allowing for comparison of virtual and physical device states after subjecting each to a set of test events, without requiring measurements that interfere with the physical device state.
By detecting hidden flaws and vulnerabilities in virtual devices, this project reduces the risk of potential attacks that threaten the security of virtual machines and cloud services. The release of software tools as open source allows other researchers and practitioners to build on the results. In addition, the project integrates the research with educational and outreach activities, including a new course on troubleshooting in virtualized environment, recruitment of student participants from underrepresented groups, and participation in community organizations related to information technology and security.
