IEEE 8th World Forum on Internet of Things
“SSRC pushing barriers on today's virtualization challenges.
“The research center is organizing a Special Session in collaboration with two top leaders Universities that are driving cutting-edge virtualization research for Internet of Things."
26 October–11 November 2022
Virtualization today plays a critical role in the IoT. From the cloud to the edge, solutions are deployed by leveraging virtualization technologies. The applicability of these technologies along with their interoperability raises concerns regarding security and safety. The claim that hypervisors bring security is not always true, sometimes misunderstood and underlooked. Hypervisors can bring security but it strongly depends on the selected hypervisor type, architecture, and configuration as well as the development processes in place while building it up. Security does not come for free, and it has to be employed from ground up throughout systematic and expensive stages and most of the time results in a tradeoff between features, performance, and flexibility. For example, a single backdoor found in the hypervisor codebase can be exploited to compromise an entire system with different criticality VMs or even be spread over a cluster of devices in the sense that those devices have similarities.
Although the development and applicability of secure virtualization solutions have different use-cases and requirements, the idea is to welcome innovative research that is modular, portable, and scalable. The special session welcomes contributions from top-notch virtualization leaders to bring their academic or industry experience and give a better view of today’s virtualization challenges, always keeping an eye for what is coming next. Valuable research topics can come out of this but also potential collaborations could be a good outcome.
Biography and photograph of the organizers
Everton De Matos received a Ph.D. in Computer Science from the Pontifical Catholic University of Rio Grande do Sul (PUCRS). He was awarded a Fulbright scholarship to develop part of his doctoral dissertation at the University of Southern California (USC). He is currently a Senior Security Research Engineer at Technology Innovation Institute, United Arab Emirates, in the Secure Systems Research Center department. He is currently focusing his research on the virtualization for Embedded Systems topic, on the seL4 Microkernel. He has several publications in important conferences and journals. His areas of interest are security for embedded systems security, Internet of Things, virtualization, and context-aware security.
Jorge Pereira is a Principal Virtualization Researcher at Secure Systems Research Center in Technology Innovation Institute, United Arab Emirates. He is currently contributing to drive innovative research on seL4 Microkernel towards its maturity and widespread adoption. Jorge is an enthusiast with 10 years of hands-on experience and in-depth background in commercial and open-source hypervisors. In his past, he has worked as a senior R&D engineer at PROVE & RUN in their formally-verified microkernel - ProvenVisor- and senior Security Architect at NXP SEMICONDUCTORS where he was contributing particularly for LTI virtualization projects - with Jailhouse and Xen-, security of i.MX8 HSMs, among other security-oriented projects. Jorge holds an McS in Electronics Engineering and Computer from University of Minho, Portugal, and post-graduation at Jilin University in China. He has 11 publications in secure hypervisors, hardware-assisted operating systems, and trusted execution environments.
Sandro Pinto is an Associate Research Professor at the University of Minho, Portugal. He holds a Ph.D. in Electronics and Computer Engineering. Sandro has a deep academic background and several years of industry collaboration focusing on operating systems, virtualization, and security for embedded, cyber-physical, and IoT-based systems. He has published 70+ scientific papers in top-tier conferences/journals (e.g., IEEE S&P, Usenix Security, IEEE IoT Journal, etc) and is a skilled presenter with speaking experience in several academic and industrial conferences (RISC-V Summit, Embedded World, Black Hat, Hardwear.io, etc). Sandro is a long-term supporter of open source projects and is currently helping several companies and institutions to make security practical at scale.
Fabiano Hessel is a Full Professor of Computer Science at PUCRS - School of Technology, Research Productivity Scholarship from CNPq, Coordinator of the FAPERGS Advisory Committee for the areas of Mathematics, Statistics and Computing. Professor Hessel was an advisor to the Dean of Research at PUCRS in the areas of Innovation, Development, and Cooperative Projects with industry. He served as a guest expert (2020-2021) with the Secretary of Innovation, Science and Technology of the State of Rio Grande do Sul to establish the foundations of the TEC4B (Technology for Business) program. He received a PhD in computer science from the University Grenoble Alpes, France (2000). He is the leader of the IoT, Blockchain, and Cybersecurity research group. Professor Hessel is a speaker on the topics of IoT, Industry 4.0, Blockchain/Smart contracts, Web 3.0 and Cybersecurity.
The Internet of Things (IoT) is a well-established paradigm disrupting many computational fields. Many solutions have been developed addressing interoperability, data management, and scalability. Also, considering the continuous rise in the number of IoT devices that are present in our everyday life, security is today a hot topic and a paramount area of research and development because of its intrinsic connectivity. Among different technologies, virtualization is being leveraged to provide security that scales down from the high-end computational power cloud environments to the low-end embedded devices at the edge.
Virtualization technology enables the execution of multiple Virtual Machines (VMs) onto the same hardware platform. Resources are securely partitioned, and multiplexed to those VMs in a time- and space- isolated manner. It provides security by isolation and makes it harder for an attacker to get full control of an entire system. Also, the result of its deployment brings several benefits such as resource utilization, and modularity, among others as portability, scalability, and maintainability. This technology is widely adopted in cloud computing and relatively recent advances in hardware platforms make it possible to host a virtualization layer on top of some IoT devices, including autonomous systems, medical appliances, smart cards, consumables, mobile phones, etc. However, traditional virtualization approaches do not meet the new security requirements of IoT devices. Besides security, intrinsic requirements (memory constraints, real-time, and performance) of such applications also co-exist and have motivated new and more simplistic approaches for virtualization.
Improvements in secure virtualization for IoT devices are welcome and are considered innovations in the field. Many hypervisors are in an evolving stage to reach a solid state for being applied in different application scenarios and applied in products. The novelty and technical innovations presented in this special session can be seen in the following topics leveraging hypervisors: (i) portable and modular components in hypervisors, (ii) scalability of virtualization solutions and VMs, (iii) Hardening techniques for secure hypervisors, (iv) hypervisor support on emerging hardware technologies, (v) machine learning applied to hypervisors to enhance its security, (vi) Performant, hypervisor-agnostic and support for I/O Virtualization.
Call for Papers
Prospective authors, from academia and industry, are invited to submit original papers on topics including, but not limited to:
- Hypervisor support on emerging hardware technologies;
- Hardening and Secure hypervisor solutions on IoT devices;
- Virtualization technologies and innovative architectural approaches;
- Sharing devices virtualization approaches (e.g. QEMU, virtIO);
- Testing frameworks for embedded hypervisors;
- Best practices in Secure Hypervisor Development Life Cycle;
- Deployment of mainstream hypervisors for IoT use-cases;
- Vulnerabilities and mitigations on commercial and open-source virtualization technologies.
Please submit your paper for this Special Session using the link to eWorks: