29,155 research outputs found
Dynamic and Transparent Analysis of Commodity Production Systems
We propose a framework that provides a programming interface to perform
complex dynamic system-level analyses of deployed production systems. By
leveraging hardware support for virtualization available nowadays on all
commodity machines, our framework is completely transparent to the system under
analysis and it guarantees isolation of the analysis tools running on its top.
Thus, the internals of the kernel of the running system needs not to be
modified and the whole platform runs unaware of the framework. Moreover, errors
in the analysis tools do not affect the running system and the framework. This
is accomplished by installing a minimalistic virtual machine monitor and
migrating the system, as it runs, into a virtual machine. In order to
demonstrate the potentials of our framework we developed an interactive kernel
debugger, nicknamed HyperDbg. HyperDbg can be used to debug any critical kernel
component, and even to single step the execution of exception and interrupt
handlers.Comment: 10 pages, To appear in the 25th IEEE/ACM International Conference on
Automated Software Engineering, Antwerp, Belgium, 20-24 September 201
Building real-time embedded applications on QduinoMC: a web-connected 3D printer case study
Single Board Computers (SBCs) are now emerging
with multiple cores, ADCs, GPIOs, PWM channels, integrated
graphics, and several serial bus interfaces. The low power
consumption, small form factor and I/O interface capabilities of
SBCs with sensors and actuators makes them ideal in embedded
and real-time applications. However, most SBCs run non-realtime
operating systems based on Linux and Windows, and do
not provide a user-friendly API for application development. This
paper presents QduinoMC, a multicore extension to the popular
Arduino programming environment, which runs on the Quest
real-time operating system. QduinoMC is an extension of our earlier
single-core, real-time, multithreaded Qduino API. We show
the utility of QduinoMC by applying it to a specific application: a
web-connected 3D printer. This differs from existing 3D printers,
which run relatively simple firmware and lack operating system
support to spool multiple jobs, or interoperate with other devices
(e.g., in a print farm). We show how QduinoMC empowers devices with the capabilities to run new services without impacting their timing guarantees. While it is possible to modify existing operating systems to provide suitable timing guarantees, the effort to do so is cumbersome and does not provide the ease of programming afforded by QduinoMC.http://www.cs.bu.edu/fac/richwest/papers/rtas_2017.pdfAccepted manuscrip
Glider: A GPU Library Driver for Improved System Security
Legacy device drivers implement both device resource management and
isolation. This results in a large code base with a wide high-level interface
making the driver vulnerable to security attacks. This is particularly
problematic for increasingly popular accelerators like GPUs that have large,
complex drivers. We solve this problem with library drivers, a new driver
architecture. A library driver implements resource management as an untrusted
library in the application process address space, and implements isolation as a
kernel module that is smaller and has a narrower lower-level interface (i.e.,
closer to hardware) than a legacy driver. We articulate a set of device and
platform hardware properties that are required to retrofit a legacy driver into
a library driver. To demonstrate the feasibility and superiority of library
drivers, we present Glider, a library driver implementation for two GPUs of
popular brands, Radeon and Intel. Glider reduces the TCB size and attack
surface by about 35% and 84% respectively for a Radeon HD 6450 GPU and by about
38% and 90% respectively for an Intel Ivy Bridge GPU. Moreover, it incurs no
performance cost. Indeed, Glider outperforms a legacy driver for applications
requiring intensive interactions with the device driver, such as applications
using the OpenGL immediate mode API
Time Protection: the Missing OS Abstraction
Timing channels enable data leakage that threatens the security of computer
systems, from cloud platforms to smartphones and browsers executing untrusted
third-party code. Preventing unauthorised information flow is a core duty of
the operating system, however, present OSes are unable to prevent timing
channels. We argue that OSes must provide time protection in addition to the
established memory protection. We examine the requirements of time protection,
present a design and its implementation in the seL4 microkernel, and evaluate
its efficacy as well as performance overhead on Arm and x86 processors
Recommended from our members
A dynamic petri net model for iterative and interactive distributed multimedia presentation
Object Composition Petri Nets (OCPN), Priority Petri Nets (P-Net), Dynamic OCPN (DOCPN) and Enhanced P-Nets (EP-Net) have extended the original Petri Net to achieve the modeling of media synchronization and asynchronous user interactions during multimedia playback. Dynamic Petri Net (DPN) has been conceptualized to tackle existing problems in these two areas of modeling distributed multimedia systems. DPN features dynamic modeling elements which allows iteration and hence is able to reduce graph sizes of synchronous playback models while allowing greater details to be shown. DPN also introduces asynchronous event handling techniques that are powerful and effective. DPN was used in the design and modeling of a multimedia orchestration tool which is a typical representation of an application that works in a distributed multimedia system
- …