We propose a framework that provides a programming interface to perform complex dynamic system-level analyses of deployed production systems. By leveraging hardware support for virtualization available nowadays on all commodity machines, our framework is completely transparent to the system under analysis and it guarantees isolation of the analysis tools running on top of it. Thus, the internals of the kernel of the running system needs not to be modified and the whole platform runs unaware of the framework. Moreover, errors in the analysis tools do not affect the running system and the framework. This is accomplished by installing a minimalistic virtual machine monitor and migrating the system, as it runs, into a virtual machine. In order to demonstrate the potentials of our framework we developed an interactive kernel debugger, named HyperDdg. HyperDbg can be used to debug any critical kernel component, and even to single step the execution of exception and interrupt handlers.
Dynamic and transparent analysis of commodity production systems / A. Fattori, R. Paleari, L. Martignoni, M. Monga - In: ASE 10 : proceedings of the IEEE/ACM international conference on automated software engineering, september 20-24, 2010, Antwerp, BelgiumNew York, USA : ACM, 2010. - ISBN 9781450301169. - pp. 417-426 (( Intervento presentato al 25. convegno International Conference on Automated Software Engineering tenutosi a Antwerp, Belgium nel 2010 [10.1145/1858996.1859085].
Dynamic and transparent analysis of commodity production systems
R. Paleari;M. Monga
2010
Abstract
We propose a framework that provides a programming interface to perform complex dynamic system-level analyses of deployed production systems. By leveraging hardware support for virtualization available nowadays on all commodity machines, our framework is completely transparent to the system under analysis and it guarantees isolation of the analysis tools running on top of it. Thus, the internals of the kernel of the running system needs not to be modified and the whole platform runs unaware of the framework. Moreover, errors in the analysis tools do not affect the running system and the framework. This is accomplished by installing a minimalistic virtual machine monitor and migrating the system, as it runs, into a virtual machine. In order to demonstrate the potentials of our framework we developed an interactive kernel debugger, named HyperDdg. HyperDbg can be used to debug any critical kernel component, and even to single step the execution of exception and interrupt handlers.
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
