Multikernel Simulation: A New Approach to Study Rollback Sensitive Memory Architecture

In today's cloud centred business environment, security of cloud solutions is a critical issue. Since virtualization is the foundational element of cloud computing and helps to achieve the benefits of cloud computing, security from virtualization becomes a major goal for the cloud based systems. Virtualization aims to create virtual versions of resources such as processors, memory, storage, network interfaces and devices for virtual machines (VMs), allowing the same set of resources to be shared among various VMs so that they can run together on the same hardware without knowing about each other's presence. Despite its indisputable benefits, data security vulnerabilities and performance degradation from the user's viewpoint, remain the main cause of concern, motivating fervent research involving hardware and software improvements for alleviating the two concerns. However, implementation and proper testing of these innovations is not easy with hardware, hybrid or API based software simulators, due to high implementation costs, absence of simulators capable of testing solutions that span multiple levels of hardware and software, and the different privilege levels of instructions. This is more relevant when the improvements proposed include instruction set modifications at different privilege levels. In this paper, we propose a different simulation approach - multikernel simulation approach. This is different from the conventional software-based simulation techniques in that we utilize the different privilege levels of the various kernels running on the server, and leverage them to distribute the components and logic that need to be simulated, into different levels of software, to simulate the effect of using it on the required privilege level. To accomplish this, we identify unused bits in the kernel software and use them to simulate hardware conditions. We implement and demonstrate this simulation technique for the Extended- HyperWall and RSDM architecture [1], [2], which is a hardware-based solution to improve the security of virtual machines in a fully virtualized environment, in the presence of an untrusted hypervisor (an entity that manages VMs), against rollback based attacks. Our simulation works in a fully virtualized environment and demonstrates the security of the proposed enhancement, without hardware prototypes, in a cost effective manner.