Name: violet
Author: OrderLab

Primary Use Case

Violet is designed for system administrators, developers, and security engineers who need to identify and assess specious or misconfigured performance settings in complex software systems. It automates the reasoning about configuration parameters to detect risky or harmful configurations that could degrade system performance or reliability.

Key Features

Selective symbolic execution engine and tracer built on S2E

Static analyzer based on LLVM for configuration metadata extraction

Standalone C++ trace analyzer module for analyzing execution traces

Python-based checker module for detecting specious configurations

Automated derivation of performance models for configuration parameters

Integration with QEMU guest images for system-level analysis

Supports large systems with complex configuration spaces

Detailed workflow for symbolic execution and trace analysis

Insights & Recommendations

Violet is tested primarily on Ubuntu 16.04; running on newer versions like 18.04 may require additional effort. The build process is resource-intensive, requiring over 10GB of disk space and considerable time. It is recommended to run Violet on physical machines rather than virtualized environments to avoid known issues. Users should consult the OSDI '20 paper for detailed technical design and cite it when using Violet in research.

Installation

Clone the repository: git clone https://github.com/OrderLab/violet.git
Initialize submodules: git submodule update --init --recursive
Add S2E local build path to PATH: export PATH=$HOME/.local/bin:$PATH
Re-login shell to apply PATH changes
Run build script: ./build.sh (tested on Ubuntu 16.04)
Build QEMU guest images as per instructions
Build target system following the documented steps

Usage

git clone https://github.com/OrderLab/violet.git

Clones the Violet root repository to local machine.

git submodule update --init --recursive

Initializes and updates all submodules required by Violet.

export PATH=$HOME/.local/bin:$PATH

Adds the local S2E build directory to the system PATH.

./build.sh

Builds S2E and Violet components; a lengthy process requiring significant disk space.

Build QEMU guest images

Prepares virtual machine images for symbolic execution analysis.

Create an analysis project and initialize it

Sets up a new project for symbolic execution and configuration analysis.

Run symbolic execution

Executes the symbolic execution engine to derive performance models.

Build and run trace analyzer

Analyzes collected execution traces to detect specious configurations.

Run static analyzer

Extracts related configuration files and metadata from the target system.

Re-run symbolic execution with related configurations

Performs targeted symbolic execution based on static analysis results.

Smart Usage Notes

Integrate Violet into CI/CD pipelines to automate detection of risky performance misconfigurations before deployment.Use Violet's symbolic execution capabilities to proactively identify configuration weaknesses that could be exploited or cause system degradation.Combine Violet outputs with vulnerability management tools to prioritize remediation efforts based on configuration risk.Leverage Violet for purple team exercises to simulate misconfiguration-based attack scenarios and improve detection capabilities.Extend Violet's trace analysis to monitor live systems for configuration drift and automate alerting on deviations.

OpenSec Atlas

violet

About This Tool

Primary Use Case

Key Features

Insights & Recommendations

Installation

Usage

Smart Usage Notes

Security Capability Profile

Tags

You Might Also Like