Ecosystem

2016

2015

2014

VM Introspection, Hypervisor support for Introspection using Hardware Virtualization Extensions

2013

Multi-Level (MLS) Hypervisor for Server

2012

  • Xen Summit, μ-Xen, Ian Pratt

Micro-Virtualization, Type-2 Hypervisor, VM Fork, Deprivileged Windows Host

Client Virtualization, VPN VM, Linux Stub Domains, Graphics Virtualization, Inter-VM Communication, SE Linux, Xen Security Modules (XSM), Dynamic Root of Trust Measurement (DRTM), Service VMs, Intel VT-d, Intel TXT.

2010

Secure GUI, Secure networking, Secure storage, Analysis of potential attack vectors

2009

Type-2 Hypervisor for Windows Host

2007

1986

Research Papers

2013

2011

“We present Xoar, a modified version of Xen that retrofits the modularity and isolation principles used in microkernels onto a mature virtualization platform. Xoar breaks the control VM into single-purpose components called service VMs. We show that this componentized abstraction brings a number of benefits: sharing of service components by guests is configurable and auditable, making exposure to risk explicit, and access to the hypervisor is restricted to the least privilege required for each component.”

“This paper describes a minimalist operating system design aimed at scalable multi-processor systems whose primary goal is resilience. The design is expressly targeted toward critical military applications for the purpose of operating through failures, errors, and malicious attacks.”

2010

2008

“We introduce our work to disaggregate the management virtual machine in a Xen-based system … moves the domain builder, the most important privileged component, into a minimal trusted compartment. We illustrate how this approach may be used to implement “trusted virtualisation” and improve the security of virtual TPM implementations.

2007

2006

2005

2003

“This paper presents Xen, an x86 virtual machine monitor which allows multiple commodity operating systems to share conventional hardware in a safe and resource managed fashion, but without sacricing either performance or functionality.”

1998

1991

1981