Loading…
View More Details & Registration
Please note: All Sessions are in Japan Standard Time Zone (UTC+09:00)
Back To Schedule
Wednesday, December 2 • 13:20 - 14:10
A Leap in Automotive Security through Unikernel-based Disaggregation - Michalis Pappas, OpenSynergy GmbH
Feedback form is now closed.
A common approach to secure system consolidation in the automotive industry is to run functionality on top of a hypervisor, using virtual machines to provide isolation between components. In practice, however, a system that entirely consists of isolated guests rarely exists. In addition, such guests often tend to be based on general-purpose OSes such as Linux, whose large code base introduces a large attack surface. In this talk we show that virtualized automotive systems can benefit from component disaggregation through unikernels. We present how COQOSHV, a secure and functionally safe ASIL-B Type-1 hypervisor, can leverage the Unikraft unikernel project to provide highly compartmentalized systems. Unikraft provides the ability to build specialized VMs targeting a single application, thus producing VMs that are not only extremely efficient but also have a minimal TCB. We will show that Unikraft VMs running on top of COQOSHV can boot extremely fast, consume little memory, and have a smaller attack surface than general-purpose OSes. We finally present how COQOSHV can delegate functionality to small isolated unikernel Service VMs, and illustrate their potential by example use-cases.

Speakers
avatar for Michalis Pappas

Michalis Pappas

Senior Software Engineer, OpenSynergy GmbH
Michalis is a Senior Software Engineer at OpenSynergy's Virtualization CC, focusing on Operating Systems and Trusted Execution Environments.


Wednesday December 2, 2020 13:20 - 14:10 JST
Virtual 8