Abstract Timers and their Implementation onto the ARM Cor tex-M family of MCUs

Presented at Embed with Linux Workshop (EWiLi 2015). 4 to 9, Oct, 2015. Amsterdam, Netherlands.Real-Time For the Masses (RTFM) is a set of languages andto ols b eing develop ed to facilitate emb edded software development and provide highly efficient implementations gearedto static verification. The RTFM-kernel is an architecturedesigned to provide highly efficient and predicable Stack Resource Policy based scheduling, targeting bare metal (singlecore) platforms.We contribute b eyond prior work by intro ducing a platform independent timer abstraction that relies on existingRTFM-kernel primitives. We develop two alternative implementations for the ARM Cortex-M family of MCUs: ageneric implementation, using the ARM defined SysTick-/DWT hardware; and a target sp ecific implementation, using the match compare/free running timers. While sacrificing generality, the latter is more flexible and may reduceoverall overhead. Invariants for correctness are presented,and metho ds to static and run-time verification are discussed. Overhead is b ound and characterized. In b oth casesthe critical section from release time to dispatch is less than2us on a 100MHz MCU. Queue and timer mechanisms aredirectly implemented in the RTFM-core language and canb e included in system-wide scheduling analysis

The Lazarus Effect: Healing Compromised Devices in the Internet of Small Things

We live in a time when billions of IoT devices are being deployed and increasingly relied upon. This makes ensuring their availability and recoverability in case of a compromise a paramount goal. The large and rapidly growing number of deployed IoT devices make manual recovery impractical, especially if the devices are dispersed over a large area. Thus, there is a need for a reliable and scalable remote recovery mechanism that works even after attackers have taken full control over devices, possibly misusing them or trying to render them useless. To tackle this problem, we present Lazarus, a system that enables the remote recovery of compromised IoT devices. With Lazarus, an IoT administrator can remotely control the code running on IoT devices unconditionally and within a guaranteed time bound. This makes recovery possible even in case of severe corruption of the devices' software stack. We impose only minimal hardware requirements, making Lazarus applicable even for low-end constrained off-the-shelf IoT devices. We isolate Lazarus's minimal recovery trusted computing base from untrusted software both in time and by using a trusted execution environment. The temporal isolation prevents secrets from being leaked through side-channels to untrusted software. Inside the trusted execution environment, we place minimal functionality that constrains untrusted software at runtime. We implement Lazarus on an ARM Cortex-M33-based microcontroller in a full setup with an IoT hub, device provisioning and secure update functionality. Our prototype can recover compromised embedded OSs and bare-metal applications and prevents attackers from bricking devices, for example, through flash wear out. We show this at the example of FreeRTOS, which requires no modifications but only a single additional task. Our evaluation shows negligible runtime performance impact and moderate memory requirements.Comment: In Proceedings of the 15th ACM Asia Conference on Computer and Communications Security (ASIA CCS 20

The design and development of an ADCS OBC for a CubeSat

Thesis (MScEng)--Stellenbosch University, 2011.ENGLISH ABSTRACT: The Electronic Systems Laboratory at Stellenbosch University is currently developing a fully 3-axis controlled Attitude Determination and Control Subsystem (ADCS) for CubeSats. This thesis describes the design and development of an Onboard Computer (OBC) suitable for ADCS application. A separate dedicated OBC for ADCS purposes allows the main CubeSat OBC to focus only on command and data handling, communication and payload management. This thesis describes, in detail the development process of the OBC. Multiple Microcontroller Unit (MCU) architectures were considered before selecting an ARM Cortex-M3 processor due to its performance, power efficiency and functionality. The hardware was designed to be as robust as possible, because radiation tolerant and redundant components could not be included, due to their high cost and the technical constraints of a CubeSat. The software was developed to improve recovery from lockouts or component failures and to enable the operational modes to be configured in real-time or uploaded from the ground station. Ground tests indicated that the OBC can handle radiation-related problems such as latchups and bit-flips. The peak power consumption is around 500 mW and the orbital average is substantially lower. The proposed OBC is therefore not only sufficient in its intended application as an ADCS OBC, but could also stand in as a backup for the main OBC in case of an emergency.AFRIKAANSE OPSOMMING: Die Elektroniese Stelsels Laboratorium by die Universiteit van Stellenbosch is tans besig om ’n volkome 3-as gestabiliseerde oriëntasiebepaling en -beheerstelsel (Engels: ADCS) vir ’n CubeSat te ontwikkel. Hierdie tesis beskryf die ontwerp en ontwikkeling van ’n aanboordrekenaar (Engels: OBC) wat gebruik kan word in ’n ADCS. ’n Afsonderlike OBC wat aan die ADCS toegewy is, stel die hoof-OBC in staat om te fokus op beheer- en datahantering, kommunikasie en loonvragbestuur. Hierdie tesis beskryf breedvoerig die werkswyse waarvolgens die OBC ontwikkel is. Verskeie mikroverwerkers is as moontlike kandidate ondersoek voor daar op ’n ARM Cortex-M3-gebaseerde mikroverwerker besluit is. Hierdie mikroverwerker is gekies vanweë sy spoed, effektiewe kragverbruik en funksionaliteit. Die hardeware is ontwikkel om so robuust moontlik te wees, omdat stralingbestande en oortollige komponente weens kostebeperkings, asook tegniese beperkings van ’n CubeSat, nie ingesluit kon word nie. Die programmatuur is ontwikkel om van ’n uitsluiting en ’n komponentfout te kan herstel. Verder kan programme wat tydens vlug in werking is, verstel word en vanaf ’n grondstasie gelaai word. Grondtoetse het aangedui dat die OBC stralingverwante probleme, soos ’n vergrendeling (latchup) of bis-omkering (bit-flip), kan hanteer. Die maksimum kragverbruik is ongeveer 500 mW en die gemiddelde wentelbaankragverbruik is beduidend kleiner. Die voorgestelde OBC is dus voldoende as ADCS OBC asook hoof-OBC in geval van nood

PORTING OF FREERTOS ON A PYTHON VIRTUAL MACHINE FOR EMBEDDED AND IOT DEVICES

The fourth industrial revolution, The Industry 4.0, puts emphasis on the need of “Smart” and “Connected” objects through the use of services provided by Internet of Things, cyber-physical systems and cloud computing to optimize the cost, development time and remote connectivity. Development of highly scalable and flexible IoT applications is the need of time. These solutions require connectivity, less development time, time-to-market and at the same time offers a high performance and great reliability. Zerynth, a small company, provides its full stack for IoT solutions. Zerynth Virtual Machine is the core component among other components in stack which allow the programmers to code in python or hybrid C/Python coding with multithreaded Real Time OS with negligible memory footprint. The Python layer, Application Layer, is totally agnostic of underlying RTOS and hardware abstraction layer. This layered software architecture of Zerynth VM makes it totally compatible with new Industry 4.0 standard. The Hardware abstraction layer, VHAL, abstracts the hardware features of supported MCU and its peripherals while RTOS layer, VOSAL, uses the features of underlying Real Time OS. Zerynth VM can be ported with different Real Time OS and various hardware platforms depending upon the application’s cost, features and other relevant parameters. Configuring Kinetis MCU (MK64FN1M0VDC12) with existing VM became the first objective of my thesis. This configuration covers from scratch the clock, boot loading and peripheral support. Since previous version of Zerynth VM had a support of only Chibi2 OS which has certain dependency on the hardware layer underneath so this became another objective to separate the Chibi2 OS from VHAL layer for total independence. Finally, Porting of FreeRTOS on Zerynth VM with Hexiwear MCU as target board could a make a room for another RTOS hence enhancing the features and support of currently available VM. This thesis report describes all porting steps, procedures and testing methodologies starting from configuring a new hardware platform Hexiwear to FreeRTOS porting on Zerynth V

lLTZVisor: a lightweight TrustZone-assisted hypervisor for low-end ARM devices

Dissertação de mestrado em Engenharia Eletrónica Industrial e ComputadoresVirtualization is a well-established technology in the server and desktop space and has recently been spreading across different embedded industries. Facing multiple challenges derived by the advent of the Internet of Things (IoT) era, these industries are driven by an upgrowing interest in consolidating and isolating multiple environments with mixed-criticality features, to address the complex IoT application landscape. Even though this is true for majority mid- to high-end embedded applications, low-end systems still present little to no solutions proposed so far. TrustZone technology, designed by ARM to improve security on its processors, was adopted really well in the embedded market. As such, the research community became active in exploring other TrustZone’s capacities for isolation, like an alternative form of system virtualization. The lightweight TrustZone-assisted hypervisor (LTZVisor), that mainly targets the consolidation of mixed-criticality systems on the same hardware platform, is one design example that takes advantage of TrustZone technology for ARM application processors. With the recent introduction of this technology to the new generation of ARM microcontrollers, an opportunity to expand this breakthrough form of virtualization to low-end devices arose. This work proposes the development of the lLTZVisor hypervisor, a refactored LTZVisor version that aims to provide strong isolation on resource-constrained devices, while achieving a low-memory footprint, determinism and high efficiency. The key for this is to implement a minimal, reliable, secure and predictable virtualization layer, supported by the TrustZone technology present on the newest generation of ARM microcontrollers (Cortex-M23/33).Virtualização é uma tecnologia já bem estabelecida no âmbito de servidores e computadores pessoais que recentemente tem vindo a espalhar-se através de várias indústrias de sistemas embebidos. Face aos desafios provenientes do surgimento da era Internet of Things (IoT), estas indústrias são guiadas pelo crescimento do interesse em consolidar e isolar múltiplos sistemas com diferentes níveis de criticidade, para atender ao atual e complexo cenário aplicativo IoT. Apesar de isto se aplicar à maioria de aplicações embebidas de média e alta gama, sistemas de baixa gama apresentam-se ainda com poucas soluções propostas. A tecnologia TrustZone, desenvolvida pela ARM de forma a melhorar a segurança nos seus processadores, foi adoptada muito bem pelo mercado dos sistemas embebidos. Como tal, a comunidade científica começou a explorar outras aplicações da tecnologia TrustZone para isolamento, como uma forma alternativa de virtualização de sistemas. O "lightweight TrustZone-assisted hypervisor (LTZVisor)", que tem sobretudo como fim a consolidação de sistemas de criticidade mista na mesma plataforma de hardware, é um exemplo que tira vantagem da tecnologia TrustZone para os processadores ARM de alta gama. Com a recente introdução desta tecnologia para a nova geração de microcontroladores ARM, surgiu uma oportunidade para expandir esta forma inovadora de virtualização para dispositivos de baixa gama. Este trabalho propõe o desenvolvimento do hipervisor lLTZVisor, uma versão reestruturada do LTZVisor que visa em proporcionar um forte isolamento em dispositivos com recursos restritos, simultâneamente atingindo um baixo footprint de memória, determinismo e alta eficiência. A chave para isto está na implementação de uma camada de virtualização mínima, fiável, segura e previsível, potencializada pela tecnologia TrustZone presente na mais recente geração de microcontroladores ARM (Cortex-M23/33)

MakeCode and CODAL:Intuitive and Efficient Embedded Systems Programming for Education

Across the globe, it is now commonplace for educators to engage in the making (design and development) of embedded systems in the classroom to motivate and excite their students. This new domain brings its own set of unique requirements. Historically, embedded systems development requires knowledge of low-level programming languages, local installation of compilation toolchains, device drivers, and applications. For students and educators, these requirements can introduce insurmountable barriers. We present the motivation, requirements, implementation, and evaluation of a new programming platform that enables novice users to create software for embedded systems. The platform has two major components: 1) Microsoft MakeCode (www.makecode.com), a web app that encapsulates an entire beginner IDE for microcontrollers; and 2) CODAL, an efficient component-oriented C++ runtime for microcontrollers. We show how MakeCode and CODAL provide an accessible, cross-platform, installation-free programming experience for the BBC micro:bit and other embedded devices

High Speed Clock Glitching

In recent times, hardware security has drawn a lot of interest in the research community. With physical proximity to the target devices, various fault injection hardware attack methods have been proposed and tested to alter their functionality and trigger behavior not intended by the design. There are various types of faults that can be injected depending on the parameters being used and the level at which the device is tampered with. The literature describes various fault models to inject faults in clock of the target but there are no publications on overclocking circuits for fault injection. The proposed method bridges this gap by conducting high-speed clock fault injection on latest high-speed micro-controller units where the target device is overclocked for a short duration in the range of 4-1000 ns. This thesis proposes a method of generating a high-speed clock and driving the target device using the same clock. The properties of the target devices for performing experiments in this research are: Externally accessible clock input line and GPIO line. The proposed method is to develop a high-speed clock using custom bit-stream sent to FPGA and subsequently using external analog circuitry to generate a clock-glitch which can inject fault on the target micro-controller. Communication coupled with glitching allows us to check the target\u27s response, which can result in information disclosure.This is a form of non-invasive and effective hardware attack. The required background, methodology and experimental setup required to implement high-speed clock glitching has been discussed in this thesis. The impact of different overclock frequencies used in clock fault injection is explored. The preliminary results have been discussed and we show that even high-speed micro-controller units should consider countermeasures against clock fault injection. Influencing the execution of Tiva C Launchpad and STM32F4 micro-controller units has been shown in this thesis. The thesis details the method used for the testing a

Modular Electric Skateboard (MESB)

The Modular Electric Skateboard (MESB) allows the user to attach components tailored to specific demands. The MESB is equipped with two motors controlled by a handheld RC controller and is capable of achieving speeds as high as 20 mph. The deck can be disassembled and reassembled by hand to swap out major mechanical components of the board. The board\u27s electrical system includes a housing for mounting hot-swappable accessories, which can communicate to a database. A front end application was implemented that reads and writes to the aforementioned database, allowing visualization of aggregate data

Innovative intelligent sensors to objectively understand exercise interventions for older adults

The population of most western countries is ageing and, therefore, the ageing issue now matters more than ever. According to the reports of the United Nations in 2017, there were a total of 15.8 million (26.9%) people over 60 years of age in the United Kindom, and the numbers are projected to reach 23.5 million (31.5%) by 2050. Spending on medical treatment and healthcare for older adults accounts for two-fifths of the UK National Health Service (NHS) budget. Keeping older people healthy is a challenge. In general, exercise is believed to benefit both mental and physical health. Specifically, resistance band exercises are proven by many studies that they have potentially positive effects on both mental and physical health. However, treatment using resistance band exercise is usually done in unmonitored environments, such as at home or in a rehabilitation centre; therefore, the exercise cannot be measured and/or quantified accurately. Despite many years of research, the true effectiveness of resistance band exercises remains unclear. [Continues.]</div

Ultrasonic Positioning System for Electric Road System

Elonroad is a company that is looking into the possibility to charge electric vehicle on road. The conductor implemented on the driveway has a characteristic shape. The scope of this master thesis project is to identify the shape of the conductor and determine the relative position of the vehicle to the conductor using ultrasonic sensors. The goal is to have an update frequency of 30 Hz and a positioning error of maximum 2 cm. During the project a serial system containing 7 ultrasonic modules has been built. The sensor modules are mounted in an array and placed parallel to the road and perpendicular to the vehicles intended direction of travel. The ultrasonic modules are placed with a center distance of 10 cm on the array. A cross-correlation algorithm was implemented to determine the distance to the surface below each of the ultrasonic modules. The method to find the relative position of the vehicle uses a modified convolution algorithm which is proven to work under ideal circumstances. The distance measurement from the modules to ground can differ roughly +/-8 mm, this originates from the wavelength of the 40 kHz ultrasonic signal in air, the +/-8 mm error can, according to simulations give a positioning error of up to 5 cm. Simulations has indicated that +/-4 mm will give a positioning error less than, or equal to, 2 cm. The update frequency is assumed to be around 20 Hz, where the largest part is due to calculation time of the distance to ground. It can be lowered with more effective algorithms or with a more powerful microcontroller.Electric vehicles can charge their batteries on road by connecting to a conductor integrated in the roadway. In this specific case the integrated conductor consists in an elevated structure. This structures location relative the car needs to be tracked to ensure the car stays connected