GGrantIndex
← Search

CSR: Small: Split Virtual Machine Execution for Reliability and Security

$227,574FY2014CSENSF

Yale University, New Haven CT

Investigators

Abstract

Data centers are the backbone of cloud computing, which has become an important computing paradigm due to its economic benefits. Reliability and security aspects of cloud computing, however, still need more investigation. In cloud computing, virtual machines (also called virtual servers or VMs) are one of the primary units of computation: customers lease VMs, each encapsulating an operating system and a customer's applications. In cloud computing data centers, many physical servers - each running hypervisor virtualization software - provide compute resources needed to run the virtual servers. In emergency situations like hardware failure or the security breach of a physical server, a VM needs to be immediately moved away from the affected physical server on which it is running. However, no single unaffected physical server may have the exact resources needed to run the VM at that exact instance in time. Meanwhile, two or more servers may collectively have the resources needed to run the VM. This project aims to allow a VM to be split so it can be run on two or more servers together in such a situation. This has promise of increasing the reliability, security and utilization of private, commercial and government cloud computing providers. This project will explore an innovative idea of Split-VM execution, a new technique that will allow for a VM to be broken up into smaller pieces and to continue executing as one, while the pieces are on different physical servers. A particular focus of the project will be on splitting a VM into two pieces and showing that such operation can be done transparently and efficiently. Issues of memory coherency and interrupt management among the split pieces of the VM residing on different physical severs will be addressed in this research as well. New protocols for synchronizing and controlling the two pieces of the VM will be developed so that the underlying virtualization software running on different physical servers can manage the VMs while they are operating in the Split-VM mode enabling both pieces of a Split-VM to have same view of the memory, and events, such as interrupts, to be seamlessly delivered between the two. The broader impacts of this project will offer insight into transparently splitting a VM into parts that can run on separate physical servers. These splitting mechanisms will be developed and prototyped on popular open-source Linux operating system and on open-source Xen virtualization software, with new code shared back to the community. Performance of the splitting operation and also of the execution of the VM after splitting will be evaluated to give insights into the performance of the proposed idea and to help quantify its reliability and security benefits. The proposed work will also be a stepping-stone to guide future research on splitting VMs into many pieces, not just two. This Split-VM project is thus a first step towards improving cloud data center utilization, reliability and security by enabling commodity VMs to be transparently split among different physical servers.

View original record on NSF Award Search →