GrammaTech Awarded Air Force Contract for Hypervisor Hardening

GrammaTech, Inc., a leading maker of tools that improve and accelerate software development, today announced that the company has been awarded an SBIR contract from the United States Air Force. This research project will address cyber-security concerns of cloud computing, which promises dramatic savings through economies of scale, but which brings substantial concerns with regard to security.

Particularly, there is a need to prevent attacks on one virtual machine (VM) from affecting VMs of other users. Hypervisors are extremely useful in the context of the cloud, but unfortunately, like most software, hypervisors contain vulnerabilities, which make them particularly dangerous to cloud computing. A client can, for example, submit a malicious guest operating system to run as a VM on a hypervisor, which can then break out of the hypervisor and into other systems.

Within this research project, GrammaTech will address the security of hypervisors. Existing work that has been done building hypervisors with a limited attack surface includes sacrificing features that you ideally want to have in a hypervisor. GrammaTech’s goal is to restore some of these capabilities, while still keeping the security guarantees necessary for hypervisors in the cloud.

Specifically, GrammaTech will develop a more secure virtualization system which will isolate VMs from the controlling hypervisor. Although isolated, the system will maintain the ability to perform control tasks, such as the ability to migrate a VM from one piece of hardware to another.

About GrammaTech:
Originally founded as a spin-off from Cornell University to commercialize software developed by Tim Teitelbaum and Thomas Reps at Cornell’s computer science lab, GrammaTech is a leading developer of software-assurance tools and advanced cyber-security solutions. GrammaTech’s tools are used by software developers worldwide, spanning a myriad of industries including avionics, medical, industrial control, and other applications where reliability and security are paramount. With both static and dynamic analysis techniques that analyze source code as well as binary executables, GrammaTech provides superior static analysis for better software.