Diversity and sophistication in software attacks are growing at fast pace, therefore security systems need to evolve as well. A way to increase system’s robustness system is to, not only to prevent attacks, but also to be able to detect them in runtime and take the necessary actions to recover the system when it happens, creating a vigilant and resilient system.
This work will focus on identifying the vulnerabilitiesinherent to hypervisors and, based on that, model and develop a security monitoring system capable of analyzing activity patterns to detect attacks and take the appropriate measures to restore the system. This implementation aims to ensure Control Flow Integrity (CFI). The CFI security policy dictates that software execution must follow a path of a Control-Flow Graph (CFG) determined ahead of time [1].
The level of complexity in embedded systems is rising and with it the necessity for automation when generating the final system. So, an ontology-driven domain specific language, developed in a collaborative environment, that also establishes variability and flexibility to the system will be used.

[1] M. Abadi, S. Cruz, M. Budi  ́ u, U. Erlingsson, and J. Ligatti, “Control-Flow Integrity
Principles, Implementations, and Applications.”