A Study on Para-Pass-Through Virtual Machine Monitor

• Project/Area Number: 16H02798
• Research Category: Grant-in-Aid for Scientific Research (B)
• Allocation Type: Single-year Grants
• Section: 一般
• Research Field: Software
• Research Institution: The University of Tokyo
• Principal Investigator: Shinagawa Takahiro 東京大学, 情報基盤センター, 准教授 (40361745)
• Co-Investigator(Kenkyū-buntansha): 加藤 和彦 筑波大学, システム情報系, 教授 (90224493)
• Project Period (FY): 2016-04-01 – 2021-03-31
• Project Status: Completed (Fiscal Year 2020)
• Budget Amount: ¥16,770,000 (Direct Cost: ¥12,900,000、Indirect Cost: ¥3,870,000); Fiscal Year 2020: ¥3,120,000 (Direct Cost: ¥2,400,000、Indirect Cost: ¥720,000); Fiscal Year 2019: ¥3,250,000 (Direct Cost: ¥2,500,000、Indirect Cost: ¥750,000); Fiscal Year 2018: ¥3,250,000 (Direct Cost: ¥2,500,000、Indirect Cost: ¥750,000); Fiscal Year 2017: ¥3,380,000 (Direct Cost: ¥2,600,000、Indirect Cost: ¥780,000); Fiscal Year 2016: ¥3,770,000 (Direct Cost: ¥2,900,000、Indirect Cost: ¥870,000)
• Keywords: 仮想化技術 / オンデマンドネステッド仮想化 / オペレーティングシステム

Outline of Final Research Achievements

We have been researching and developing BitVisor, a virtual machine monitor with a unique para-pass-through architecture. Based on that, we conducted research to realize a secure and lightweight software platform that complements the functionality of complex operating systems to improve the safety, functionality, and performance of the overall system. As a result, we demonstrated the effectiveness of the para-pass-through architecture in various cases, such as live migration in bare metal cloud, prevention of attacks against hardware in bare metal cloud, improvement of OS device driver reliability against hardware failures, and distributed filtering by BPF. The results were published in international conferences and journal papers.

Academic Significance and Societal Importance of the Research Achievements

コンピュータシステムはますます複雑化しており、そのセキュリティを担保したり適切に管理することは依然として難しい。本研究では、我々が提案した準パススルー型という独創的なアーキテクチャを応用することで、ブラックボックスとなっているオペレーティングシステム（OS）の機能に依存することなく、様々なセキュリティ機能や管理機能をあとから追加できる枠組みを実現できることを様々なユースケースで実証した。これにより、既存のOSをそのまま再利用しつつ、それを補完する形で独自の強力なセキュリティ機能や管理機能をオープンに実現することが可能になり、現在のシステムをすぐに強化できる実用的なシステムの実現可能性を示した。

Research Products

• [Journal Article] Practical Quick File Server Migration (2020)
  • Author(s): Matsuzawa Keiichi、Hayasaka Mitsuo、Shinagawa Takahiro
  • Journal Title: ACM Transactions on Storage Volume: 16 Issue: 2 Pages: 1-30
  • DOI: 10.1145/3377322
  • Peer Reviewed
• [Journal Article] Multi-resource Low-Latency Cluster Scheduling without Execution Time Estimation (2020)
  • Author(s): Hidehito Yabuuchi, Takahiro Shinagawa
  • Journal Title: 20th IEEE/ACM International Symposium on Cluster, Cloud and Internet Computing (CCGRID) Volume: - Pages: 310-319
  • DOI: 10.1109/ccgrid49817.2020.00-62
  • Peer Reviewed
• [Journal Article] A robust and flexible operating system compatibility architecture (2020)
  • Author(s): Saeki Takaya、Nishiwaki Yuichi、Shinagawa Takahiro、Honiden Shinichi
  • Journal Title: In Proceedings of the 16th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments (VEE 2020) Volume: - Pages: 129-142
  • DOI: 10.1145/3381052.3381327
  • Peer Reviewed
• [Journal Article] Live Migration in Bare-metal Clouds (2018)
  • Author(s): Fukai Takaaki、Shinagawa Takahiro、Kato Kazuhiko
  • Journal Title: IEEE Transactions on Cloud Computing Volume: 1 Issue: 1 Pages: 1-1
  • DOI: 10.1109/tcc.2018.2848981
  • Peer Reviewed / Open Access
• [Journal Article] FaultVisor2: Testing Hypervisor Device Drivers Against Real Hardware Failures (2018)
  • Author(s): Misono Masanori、Ogino Masahiro、Fukai Takaaki、Shinagawa Takahiro
  • Journal Title: In Proceedings of the 10th IEEE International Conference on Cloud Computing Technology and Science (CloudCom 2018) Volume: 1 Pages: 1-1
  • DOI: 10.1109/cloudcom2018.2018.00048
  • Peer Reviewed
• [Journal Article] Distributed Denial of Service Attack Prevention at Source Machines (2018)
  • Author(s): Misono Masanori、Yoshida Kaito、Hwang Juho、Shinagawa Takahiro
  • Journal Title: In Proceedings of the 16th IEEE International Conference on Dependable, Autonomic and Secure Computing (DASC 2018) Volume: 1 Pages: 1-1
  • DOI: 10.1109/dasc/picom/datacom/cyberscitec.2018.00096
  • Peer Reviewed
• [Journal Article] Unified hardware abstraction layer with device masquerade (2018)
  • Author(s): Yoneji Iori、Fukai Takaaki、Shinagawa Takahiro、Kato Kazuhiko
  • Journal Title: In Proceedings of the 33rd ACM Symposium On Applied Computing (ACM SAC 2018) Volume: 1 Pages: 1-1
  • DOI: 10.1145/3167132.3167250
  • Peer Reviewed
• [Presentation] Toward On-demand Nested Virtualization for Live-Refreshing Cloud Systems (2020)
  • Author(s): Ryosuke Yasuoka, Takaaki Fukai and Takahiro Shinagawa
  • Organizer: The European Conference on Computer Systems 2020 (Poster)
  • Int'l Joint Research
• [Presentation] ハードウェアウェアによるメモリ監視を強制するための IOMMU 保護機構 (2019)
  • Author(s): 荻野堯, 味曽野雅史, 品川高廣
  • Organizer: 第31回コンピュータシステム・シンポジウム (ComSys2019)
• [Presentation] ハードウェア障害に対するハイパーバイザの対故障性検証． (2018)
  • Author(s): 荻野 将拓, 味曽野 雅史, 深井 貴明, 品川 高廣．
  • Organizer: 第143回システムソフトウェアとオペレーティング・システム研究会．
• [Presentation] DMA 機構の故障に対するデバイスドライバの耐性検証 (2018)
  • Author(s): 畑中 俊輝, 味曽野 雅史, 品川 高廣．
  • Organizer: 第30回コンピュータシステム・シンポジウム (ComSys2018)
• [Presentation] JITコンパイラに対する1バイト定数攻撃とその防御手法． (2018)
  • Author(s): 鈴木 悠希, 味曽野 雅史, 中山 智之, 品川 高廣．
  • Organizer: 第30回コンピュータシステム・シンポジウム (ComSys2018)
• [Presentation] ホストマシンの NUMA トポロジーに基づく vCPU スケジューリング (2018)
  • Author(s): 林 遼, 味曽野 雅史, 品川 高廣．
  • Organizer: 第30回コンピュータシステム・シンポジウム (ComSys2018)，
• [Presentation] The Quick Migration of File Servers (2018)
  • Author(s): Keiichi Matsuzawa, Mitsuo Hayasaka, Takahiro Shinagawa
  • Organizer: 11th ACM International Systems and Storage Conference (SYSTOR 2018)
  • Int'l Joint Research
• [Presentation] Unified Hardware Abstraction Layer with Device Masquerade (2018)
  • Author(s): Iori Yoneji, Takaaki Fukai, Takahiro Shinagawa and Kazuhiko Kato.
  • Organizer: 33rd ACM Symposium On Applied Computing (ACM SAC 2018)
  • Int'l Joint Research
• [Presentation] BMCArmor: A Hardware Protection Scheme for Bare-metal Clouds. (2017)
  • Author(s): Takaaki Fukai, Satoru Takekoshi, Kohei Azuma, Takahiro Shinagawa, Kazuhiko Kato
  • Organizer: 9th IEEE International Conference on Cloud Computing Technology and Science (CloudCom 2017)
  • Int'l Joint Research
• [Presentation] VM-aware Adaptive Storage Cache Prefetching. (2017)
  • Author(s): Keiichi Matsuzawa, Takahiro Shinagawa.
  • Organizer: 9th IEEE International Conference on Cloud Computing Technology and Science (CloudCom 2017)
  • Int'l Joint Research
• [Presentation] Bash on Ubuntu on macOS (2017)
  • Author(s): Takaya Saeki, Yuichi Nishiwaki, Takahiro Shinagawa, Shinichi Honiden
  • Organizer: 8th ACM SIGOPS Asia-Pacific Workshop on Systems (APSys 2017)
• [Presentation] 仮想マシン内のデータ配置を活用した先読み型ストレージ階層管理． (2016)
  • Author(s): 松沢 敬一, 品川 高廣
  • Organizer: 第28回コンピュータシステム・シンポジウム (ComSys2016)
  • Place of Presentation: 法政大学（東京都・千代田区）
  • Year and Date: 2016-11-28
• [Presentation] ネットワークスタックと不揮発性メモリの統合による永続性 Key-Value Store の高速化 (2016)
  • Author(s): 味曽野 雅史, 品川 高廣
  • Organizer: 第28回コンピュータシステム・シンポジウム (ComSys2016)
  • Place of Presentation: 法政大学（東京都・千代田区）
  • Year and Date: 2016-11-28
• [Presentation] ネステッド仮想化の動的 ON/OFF による仮想マシンモニタ若化 (2016)
  • Author(s): 安岡 亮輔, 深井 貴明, 品川 高廣, 加藤 和彦
  • Organizer: 第28回コンピュータシステム・シンポジウム (ComSys2016)
  • Place of Presentation: 法政大学（東京都・千代田区）
  • Year and Date: 2016-11-28
• [Presentation] Testing Device Drivers against Hardware Failures in Real Environments. (2016)
  • Author(s): Satoru Takekoshi, Takahiro Shinagawa, Kazuhiko Kato.
  • Organizer: 31st ACM Symposium On Applied Computing (ACM SAC 2016)
  • Place of Presentation: ピサ（イタリア）
  • Year and Date: 2016-04-04
  • Int'l Joint Research
• [Remarks] 東京大学 品川研究室
  • URL: https://www.os.ecc.u-tokyo.ac.jp/