HyperTP: Mitigating vulnerability windows with hypervisor transplant
Invited talk: Alain Tchana presented "HyperTP: Mitigating vulnerability windows with hypervisor transplant" at TSP/Palaiseau - 1C43 the 19/10/2020 at 16h15.
The vulnerability window of a hypervisor regarding a given security flaw is the time between the identification of the flaw and the integration of a correction/patch in the running hypervisor. Most vulnerability windows, regardless of severity, are long enough (several days) that attackers have time to perform exploits. Nevertheless, the number of critical vulnerabilities per year is low enough to allow an exceptional solution. This paper introduces hypervisor transplant, a solution for addressing vulnerability window of critical flaws. It involves temporarily replacing the current datacenter hypervisor (e.g., Xen) which is subject to a critical security flaw, by a different hypervisor (e.g., KVM) which is not subject to the same vulnerability. We build HyperTP, a generic framework which combines in a unified way two approaches: in-place server micro-rebootbased hypervisor transplant (noted InPlaceTP) and live VM migration-based hypervisor transplant (noted MigrationTP). We describe the implementation of HyperTP and its extension for transplanting Xen with KVM and vice versa. We also show that HyperTP is easy to integrate with the OpenStack cloud computing platform. Our evaluation results show that HyperTP delivers satisfactory performance: (1) MigrationTP takes the same time and impacts virtual machines (VMs) with the same performance degradation as normal live migration.(2) the downtime imposed by InPlaceTP on VMs is in the same order of magnitude (1.7 seconds for a VM with 1 vCPU and 1 GB of RAM) as in-place upgrade of homogeneous hypervisors based on server micro-reboot.
Alain Tchana is a Systems research person: he builds stuff (to paraphrase Timothy Roscoe from ETH). His main research domain is virtualization. He aims at minimizing energy consumption, improving performance and protecting applications. Alain Tchana received his Ph.D. in computer science in 2011 at Institut National Polytechnique de Toulouse (France). During his Ph.D. thesis, he worked on building an autonomic computing system for cloud environments. He then spent two years as a postdoc at Université Joseph Fourier in Grenoble (France). During that time, he worked on building benchmarking systems. Since he was recruited as an Associate Professor in 2013 at Institut National Polytechnique de Toulouse (France), he moved to low-level Systems layers. In 2018, he was recruited as full professor at Université de Nice Sophia-Antipolis. Since September 2019, he is full professor at Ecole Normale Supérieure de Lyon (ensL).