This talk introduces VERTIGO: a modular custom thin-microvisor for the ARM architecture. It is installed through an Operating System (OS) specific loader that dynamically suspends execution, decouples the OS from its underlying hardware and hoists it into a state analogous to a virtual machine. VERTIGO is considered a virtualization technology but is unique as it does not require any source code modifications of the underlying OS to maintain control and synchronization, unlike OKL4 and CODEZERO. The microvisor targets the Cortex -A8 and -A9 series SoCs and has been tested with the Apple iPhone 4 (iOS 5.1.1) and Samsung Galaxy SIII (Android 4.0.4).
The VERTIGO microvisor represents a unique capability that showcases what is possible at the architectural level. While its primary purpose is to aid in reverse engineering and other security related research tasks, the techniques could be misused to assist with nefarious activities. The benefits of exposing this capability will hopefully be twofold. First, advance the state-of-the-art in tools available when performing reverse engineering and other security related research tasks. Second, allow mitigation technologies to be designed and developed to prevent malicious software from leveraging the same techniques.
Kirk is a Principal Scientist at Siege Technologies, with a Master’s degree in Computer Science. He has technical experience on multiple efforts for the Air Force Research Laboratory (AFRL) and other customers in the Department of Defense (DoD). His expertise includes: Virtualization (x86 [Intel-VT/AMD- V] and ARM), Trusted Computing Technologies (Intel TXT, ARM TrustZone and TPM), Boot Technologies and Computer Architecture. Prior work involves the design and construction of multiple custom thin-hyper- / thin-micro- visors for ARM and x86 which provide the foundation for advanced dynamic analysis of hardware peripherals and kernel software as well as enhanced security capabilities. Hardware experience includes: FPGA development, hot-air reflow and soldering of surface mount ICs and the construction of custom tools, such as SPI/I2C flash chip programmers. He led research which resulted in the discovery of a new AES flow interception attack that undermines the Intel AES-NI instruction set extension. Mr. Swidowski has designed and developed multiple commercialized mobile applications, one of which was published in “A Windows Mobile Wish List”, Smartphone & Pocket PC Magazine.