Federated Embedded Systems – a review of the literature in related fields

This report is concerned with the vision of smart interconnected objects, a vision that has attracted much attention lately. In this paper, embedded, interconnected, open, and heterogeneous control systems are in focus, formally referred to as Federated Embedded Systems. To place FES into a context, a review of some related research directions is presented. This review includes such concepts as systems of systems, cyber-physical systems, ubiquitous computing, internet of things, and multi-agent systems. Interestingly, the reviewed fields seem to overlap with each other in an increasing number of ways

An Optimization Based Design for Integrated Dependable Real-Time Embedded Systems

Moving from the traditional federated design paradigm, integration of mixedcriticality software components onto common computing platforms is increasingly being adopted by automotive, avionics and the control industry. This method faces new challenges such as the integration of varied functionalities (dependability, responsiveness, power consumption, etc.) under platform resource constraints and the prevention of error propagation. Based on model driven architecture and platform based design’s principles, we present a systematic mapping process for such integration adhering a transformation based design methodology. Our aim is to convert/transform initial platform independent application specifications into post integration platform specific models. In this paper, a heuristic based resource allocation approach is depicted for the consolidated mapping of safety critical and non-safety critical applications onto a common computing platform meeting particularly dependability/fault-tolerance and real-time requirements. We develop a supporting tool suite for the proposed framework, where VIATRA (VIsual Automated model TRAnsformations) is used as a transformation tool at different design steps. We validate the process and provide experimental results to show the effectiveness, performance and robustness of the approach

Research and Education in Computational Science and Engineering

Over the past two decades the field of computational science and engineering (CSE) has penetrated both basic and applied research in academia, industry, and laboratories to advance discovery, optimize systems, support decision-makers, and educate the scientific and engineering workforce. Informed by centuries of theory and experiment, CSE performs computational experiments to answer questions that neither theory nor experiment alone is equipped to answer. CSE provides scientists and engineers of all persuasions with algorithmic inventions and software systems that transcend disciplines and scales. Carried on a wave of digital technology, CSE brings the power of parallelism to bear on troves of data. Mathematics-based advanced computing has become a prevalent means of discovery and innovation in essentially all areas of science, engineering, technology, and society; and the CSE community is at the core of this transformation. However, a combination of disruptive developments---including the architectural complexity of extreme-scale computing, the data revolution that engulfs the planet, and the specialization required to follow the applications to new frontiers---is redefining the scope and reach of the CSE endeavor. This report describes the rapid expansion of CSE and the challenges to sustaining its bold advances. The report also presents strategies and directions for CSE research and education for the next decade.Comment: Major revision, to appear in SIAM Revie

A dependable and secure approach for secret key establishment and operation in automotive CPS

Master of ScienceDepartment of Computer ScienceArslan MunirModern automobiles incorporate a network of electronic control units (ECUs) that provides a range of features such as safety, driver assistance, infotainment. Such network of ECUs in a vehicle are connected to each other through buses, forming interconnections called intra-vehicle network. Bus technologies that are widely used in modern day automobiles are controller area network (CAN), local interconnect network (LIN), and media oriented systems transport (MOST). These bus technologies, however, do not possess any security or dependability features, and thus are susceptible to vulnerabilities. Such vulnerabilities allow attackers to mount passive attacks (e.g., snooping) and/or active attacks (e.g., fault injection). In this study, we propose a scheme for secure authentication of automotive ECUs. Our proposed scheme ensures that only authenticated ECUs can participate in communication over the intra-vehicle network/bus. ECU authentication is carried out using certificate-based authentication which is implemented using elliptic curve cryptography (ECC). The study also proposes a symmetric (session) key-establishment mechanism within intra-vehicular network to establish a common symmetric (session) key for all ECUs to communicate over the network. The key-establishment mechanism removes the need of storing symmetric keys in ECU memory permanently. The study incorporates key refreshment by assigning a certain lifetime/timeframe period to symmetric (session) key and then regularly updates session key after the expiration of each lifetime. Our proposed method provides confidentiality and integrity in intra-vehicle ECU communication without violating safety and real-time constraints of the vehicle. Our approach leverages multi-core ECUs to provide fault-tolerance by using redundant multi-threading (FT-RMT), performs quick error detection (FT-QED) and accelerate performance using lightweight checkpointing (CP)

Quest-V: A Virtualized Multikernel for High-Confidence Systems

This paper outlines the design of `Quest-V', which is implemented as a collection of separate kernels operating together as a distributed system on a chip. Quest-V uses virtualization techniques to isolate kernels and prevent local faults from affecting remote kernels. This leads to a high-confidence multikernel approach, where failures of system subcomponents do not render the entire system inoperable. A virtual machine monitor for each kernel keeps track of shadow page table mappings that control immutable memory access capabilities. This ensures a level of security and fault tolerance in situations where a service in one kernel fails, or is corrupted by a malicious attack. Communication is supported between kernels using shared memory regions for message passing. Similarly, device driver data structures are shareable between kernels to avoid the need for complex I/O virtualization, or communication with a dedicated kernel responsible for I/O. In Quest-V, device interrupts are delivered directly to a kernel, rather than via a monitor that determines the destination. Apart from bootstrapping each kernel, handling faults and managing shadow page tables, the monitors are not needed. This differs from conventional virtual machine systems in which a central monitor, or hypervisor, is responsible for scheduling and management of host resources amongst a set of guest kernels. In this paper we show how Quest-V can implement novel fault isolation and recovery techniques that are not possible with conventional systems. We also show how the costs of using virtualization for isolation of system services does not add undue overheads to the overall system performance