HypervisorLang : Attack Simulations of the OpenStack Nova Compute Node

Sammanfattning: Cloud services are growing in popularity and the global public cloud services are forecasted to increase by 17% in 2020[1]. The popularity of cloud services is due to the improved resource allocation for providers and simplicity of use for the customer. Due to the increasing popularity of cloud services and its increased use by companies, the security assessment of the services is strategically becoming more critical. Assessing the security of a cloud system can be problematic because of its complexity since the systems are composed of many different technologies. One way of simplifying the security assessment is attack simulations, covering cyberattacks of the investigated system. This thesis will make use of Meta Attack language (MAL) to create the Domain- Specific Language (DLS) HypervisorLang that models the virtualisation layer in an OpenStack Nova setup. The result of this thesis is a proposed DSL HypervisorLang which uses attack simulation to model hostile usage of the service and defences to evade those. The hostile usage covers attacks such as a denial of services, buffer overflows and out-of-bound-read and are sourced via known vulnerabilities. To implement the main components of the Nova module into HypervisorLang, literature studies where performed and included components in Nova together with threat modelling. Evaluating the correctness of HypervisorLang was performed by implementing test cases to display the different attack steps included in the model. However, the results also show that some limitations of the evaluations have been found and are proposed for further research.