Trustworthy Virtualization
System virtualization supports execution of computer program code, from applications to entire operating systems, in a software-controlled environment. Such a Virtual Machine (VM) environment abstracts available system resources (memory, storage, CPU core, I/O, etc.) and presents them in a regular fashion, such that “guest” software cannot distinguish VM-based execution from running on bare physical hardware. In embedded systems, virtualization has a variety of benefits, including hardware cost reduction, multiple operating system design, and enhanced reuse of legacy software. Trustworthy Virtualization is system virtualization with the following additional attributes:
- Complex systems are composed of multiple virtual machines, each running a guest operating system and higher-level applications.
- All guest operating systems run de-privileged and completely at user level.
- All device drivers run at user level.
- Privileged-mode code is minimized and limited to the hypervisor itself.
- OK Labs provides hypervisor source code for inspection and analysis.
Open Kernel Labs Trustworthy Virtualization solution is realized in the following products:
- OKL4: A high-performance system software platform built using cutting-edge microkernel technology, which provides trustworthy virtualization and secure decomposition capability for embedded systems
- OK Linux: A pre-built and paravirtualized version of the Linux kernel and base libraries, ready to run as a guest OS under OKL4