Binary Static Previrtualization
Navy SBIR FY2013.1

Sol No.: Navy SBIR FY2013.1
Topic No.: N131-061
Topic Title: Binary Static Previrtualization
Proposal No.: N131-061-0524
Firm: Galois, Inc.
421 SW Sixth
Suite 300
Portland, Oregon 97204
Contact: Joe Hendrix
Phone: (503) 626-6616
Web Site:
Abstract: Modular software development helps enable application developers to quickly write sophisticated applications. However, in most instances only a small fraction of the functionality included in a particular software components is needed. Not only is there a performance cost, but the prevalence of security vulnerabilities suggests that even unused functionality in binaries and shared libraries can be dangerous. To address the problem of extraneous functionality, SRI International has developed, static previrtualization, a static analysis and code specialization technique that uses partial evaluation to remove unused functionality. SRI has developed a prototype tool, Occam, that performs static previrtualization on LLVM bytecode. Galois proposes to work with SRI to extend Occam to support static previrtualization of binaries. Galois will develop a binary disassembler capable of generating LLVM bytecode from binary machine code. This will allow Occam and other LLVM-based optimization tools to be applied to existing compiled machine code. This will make it easier for static previrtualization to be adopted in industry, and facilitate applying previrtualization to entire systems.
Benefits: Software complexity poses significant costs. Complexity makes it more difficult to change systems without breaking existing functionality, hire new developers to work on them, and makes it difficult to ensure overall system security. There are several large projects aimed at reducing system complexity by allowing users to create minimal systems to run particular applications. However, current solutions fall short of the goals outlined in the SBIR's problem statement. Existing solutions either: (1) are course grained and focus on reducing complexity at the package level rather than within individual packages; (2) require developers to add extra complexity to selectively enable or disable features; or (3) require source code access and the ability to rebuild packages using specialized tools. Our proposed solution, binary static previrtualization, will be capable of automatically minimizing applications in a fine grained manner without access to source code. It can naturally complement existing package-based attempts to minimize dependencies and reduce the complexity. It could be of interest to customers who want smaller systems with less software bloat. This includes those who want to run a large number of specific application virtual machines while minimizing the number of servers needed, and developers of small devices that may tight have power, size, and weight restrictions.