The NOVA OS Virtualization Architecture
is a research project aimed at constructing a secure virtualization
environment with a small trusted computing base. NOVA consists of a
microhypervisor and an unprivileged multi-server user environment
running on top of it.
Like third-generation microkernels, the NOVA microhypervisor uses a
capability-based authorization model and provides only basic mechanisms
for virtualization, spatial and temporal separation, scheduling,
communication and delegation of platform resources. The disaggregated
user environment implements additional functionality, such as device
drivers, system services and policies. On machines with hardware
virtualization features, NOVA can run multiple unmodified guest
operating systems concurrently. Each VM has its own associated
virtual-machine monitor (VMM) that runs as an unprivileged user
application on top of the microhypervisor.