8 research outputs found
Towards a trustZone-assisted hypervisor for real-time embedded systems
Virtualization technology starts becoming more and more widespread in the embedded space. The penalties incurred by standard software-based virtualization is pushing research towards hardware-assisted solutions. Among the existing commercial off-the-shelf technologies for secure virtualization, ARM TrustZone is attracting particular attention. However, it is often seen with some scepticism due to the dual-OS limitation of existing state-of-the-art solutions. This letter presents the implementation of a TrustZone-based hypervisor for real-time embedded systems, which allows multiple RTOS partitions on the same hardware platform. The results demonstrate that virtualization overhead is less than 2 percent for a 10 milliseconds guest-switching rate, and the system remains deterministic. This work goes beyond related work by implementing a TrustZone-assisted solution that allows the execution of an arbitrary number of guest OSes while providing the foundation to drive next generation of secure virtualization solutions for resource-constrained embedded devices.This work has been supported by COMPETE: POCI-01-0145-
FEDER-007043 and FCT – Fundação para a Ciência e Tecnologia –
(grant SFRH/BD/91530/2012 and UID/CEC/00319/2013)
Mini-NOVA: A Lightweight ARM-based Virtualization Microkernel Supporting Dynamic Partial Reconfiguration
International audienceToday, ARM is becoming the mainstream family of processors in the high-performance embedded systems domain. In this context, adding a run-time reconfigurable FPGA device to the ARM processor into a single chip makes it possible to combine high performance and flexibility. In this paper, we propose a low-complexity design of system virtualization running on the Zynq platform. Virtualization of software and hardware resources are managed by a custom microkernel. The dedicated features to efficiently manage the dynamic partial reconfiguration (DPR) technology are described in details. The performance of the DPR management is evaluated and presented at the end of this paper
Advancing Deductive Program-Level Verification for Real-World Application: Lessons Learned from an Industrial Case Study
This thesis is concerned with practicability of deductive program verification on source code level. As part of a case study for the verification of real-world software, the specification and verification approach to show correctness of the virtualizing kernel PikeOS is presented. Issues within the verification process using current tools and methodologies are discussed and several aspects of these problems are then addressed in detail to improve the verification process and tool usability
Embedded Systems Development Tools: A MODUS-oriented Market Overview
Background: The embedded systems technology has perhaps been the most dominating technology in high-tech industries, in the past decade. The industry has correctly identified the potential of this technology and has put its efforts into exploring its full potential. Objectives: The goal of the paper is to explore the versatility of the application in the embedded system development based on one FP7-SME project. Methods/Approach: Embedded applications normally demand high resilience and quality, as well as conformity to quality standards and rigid performance. As a result embedded system developers have adopted software methods that yield high quality. The qualitative approach to examining embedded systems development tools has been applied in this work. Results: This paper presents a MODUS-oriented market analysis in the domains of Formal Verification tools, HW/SW co-simulation tools, Software Performance Optimization tools and Code Generation tools. Conclusions: The versatility of applications this technology serves is amazing. With all this performance potential, the technology has carried with itself a large number of issues which the industry essentially needs to resolve to be able to harness the full potential contained. The MODUS project toolset addressed four discrete domains of the ESD Software Market, in which corresponding open tools were developed
Secure and safe virtualization-based framework for embedded systems development
Tese de Doutoramento - Programa Doutoral em Engenharia Electrónica e de Computadores (PDEEC)The Internet of Things (IoT) is here. Billions of smart, connected devices are proliferating
at rapid pace in our key infrastructures, generating, processing and exchanging
vast amounts of security-critical and privacy-sensitive data. This strong connectivity
of IoT environments demands for a holistic, end-to-end security approach, addressing
security and privacy risks across different abstraction levels: device, communications,
cloud, and lifecycle managment.
Security at the device level is being misconstrued as the addition of features in a
late stage of the system development. Several software-based approaches such as
microkernels, and virtualization have been used, but it is proven, per se, they fail in
providing the desired security level. As a step towards the correct operation of these
devices, it is imperative to extend them with new security-oriented technologies
which guarantee security from the outset.
This thesis aims to conceive and design a novel security and safety architecture
for virtualized systems by 1) evaluating which technologies are key enablers for
scalable and secure virtualization, 2) designing and implementing a fully-featured
virtualization environment providing hardware isolation 3) investigating which "hard
entities" can extend virtualization to guarantee the security requirements dictated by
confidentiality, integrity, and availability, and 4) simplifying system configurability
and integration through a design ecosystem supported by a domain-specific language.
The developed artefacts demonstrate: 1) why ARM TrustZone is nowadays a reference
technology for security, 2) how TrustZone can be adequately exploited for
virtualization in different use-cases, 3) why the secure boot process, trusted execution
environment and other hardware trust anchors are essential to establish and
guarantee a complete root and chain of trust, and 4) how a domain-specific language
enables easy design, integration and customization of a secure virtualized
system assisted by the above mentioned building blocks.Vivemos na era da Internet das Coisas (IoT). Biliões de dispositivos inteligentes
começam a proliferar nas nossas infraestruturas chave, levando ao processamento
de avolumadas quantidades de dados privados e sensíveis. Esta forte conectividade
inerente ao conceito IoT necessita de uma abordagem holística, em que os riscos
de privacidade e segurança são abordados nas diferentes camadas de abstração:
dispositivo, comunicações, nuvem e ciclo de vida.
A segurança ao nível dos dispositivos tem sido erradamente assegurada pela inclusão
de funcionalidades numa fase tardia do desenvolvimento. Têm sido utilizadas diversas
abordagens de software, incluindo a virtualização, mas está provado que estas
não conseguem garantir o nível de segurança desejado. De forma a garantir a correta
operação dos dispositivos, é fundamental complementar os mesmos com novas tecnologias
que promovem a segurança desde os primeiros estágios de desenvolvimento.
Esta tese propõe, assim, o desenvolvimento de uma solução arquitetural inovadora
para sistemas virtualizados seguros, contemplando 1) a avaliação de tecnologias
chave que promovam tal realização, 2) a implementação de uma solução de virtualização
garantindo isolamento por hardware, 3) a identificação de componentes
que integrados permitirão complementar a virtualização para garantir os requisitos
de segurança, e 4) a simplificação do processo de configuração e integração da solução
através de um ecossistema suportado por uma linguagem de domínio específico.
Os artefactos desenvolvidos demonstram: 1) o porquê da tecnologia ARM TrustZone
ser uma tecnologia de referência para a segurança, 2) a efetividade desta tecnologia
quando utilizada em diferentes domínios, 3) o porquê do processo seguro de inicialização,
juntamente com um ambiente de execução seguro e outros componentes de
hardware, serem essenciais para estabelecer uma cadeia de confiança, e 4) a viabilidade
em utilizar uma linguagem de um domínio específico para configurar e integrar
um ambiente virtualizado suportado pelos artefactos supramencionados
Efficient cross-architecture hardware virtualisation
Hardware virtualisation is the provision of an isolated virtual environment that
represents real physical hardware. It enables operating systems, or other system-level
software (the guest), to run unmodified in a “container” (the virtual machine)
that is isolated from the real machine (the host).
There are many use-cases for hardware virtualisation that span a wide-range
of end-users. For example, home-users wanting to run multiple operating systems
side-by-side (such as running a Windows® operating system inside an OS
X environment) will use virtualisation to accomplish this. In research and development
environments, developers building experimental software and hardware
want to prototype their designs quickly, and so will virtualise the platform
they are targeting to isolate it from their development workstation. Large-scale
computing environments employ virtualisation to consolidate hardware, enforce
application isolation, migrate existing servers or provision new servers.
However, the majority of these use-cases call for same-architecture virtualisation,
where the architecture of the guest and the host machines match—a situation
that can be accelerated by the hardware-assisted virtualisation extensions
present on modern processors. But, there is significant interest in virtualising
the hardware of different architectures on a host machine, especially in the
architectural research and development worlds.
Typically, the instruction set architecture of a guest platform will be different
to the host machine, e.g. an ARM guest on an x86 host will use an ARM instruction
set, whereas the host will be using the x86 instruction set. Therefore, to
enable this cross-architecture virtualisation, each guest instruction must be emulated
by the host CPU—a potentially costly operation. This thesis presents a
range of techniques for accelerating this instruction emulation, improving over
a state-of-the art instruction set simulator by 2:64x. But, emulation of the guest
platform’s instruction set is not enough for full hardware virtualisation. In fact,
this is just one challenge in a range of issues that must be considered. Specifically,
another challenge is efficiently handling the way external interrupts are
managed by the virtualisation system. This thesis shows that when employing
efficient instruction emulation techniques, it is not feasible to arbitrarily
divert control-flow without consideration being given to the state of the emulated
processor. Furthermore, it is shown that it is possible for the virtualisation
environment to behave incorrectly if particular care is not given to the point
at which control-flow is allowed to diverge. To solve this, a technique is developed
that maintains efficient instruction emulation, and correctly handles
external interrupt sources.
Finally, modern processors have built-in support for hardware virtualisation
in the form of instruction set extensions that enable the creation of an abstract
computing environment, indistinguishable from real hardware. These extensions
enable guest operating systems to run directly on the physical processor,
with minimal supervision from a hypervisor. However, these extensions are
geared towards same-architecture virtualisation, and as such are not immediately
well-suited for cross-architecture virtualisation. This thesis presents a
technique for exploiting these existing extensions, and using them in a cross-architecture
virtualisation setting, improving the performance of a novel cross-architecture
virtualisation hypervisor over state-of-the-art by 2:5x
Lessons from Formally Verified Deployed Software Systems (Extended version)
The technology of formal software verification has made spectacular advances,
but how much does it actually benefit the development of practical software?
Considerable disagreement remains about the practicality of building systems
with mechanically-checked proofs of correctness. Is this prospect confined to a
few expensive, life-critical projects, or can the idea be applied to a wide
segment of the software industry?
To help answer this question, the present survey examines a range of
projects, in various application areas, that have produced formally verified
systems and deployed them for actual use. It considers the technologies used,
the form of verification applied, the results obtained, and the lessons that
can be drawn for the software industry at large and its ability to benefit from
formal verification techniques and tools.
Note: a short version of this paper is also available, covering in detail
only a subset of the considered systems. The present version is intended for
full reference.Comment: arXiv admin note: text overlap with arXiv:1211.6186 by other author
Autonomic visualisation.
This thesis introduces the concept of autonomic visualisation, where principles of autonomic systems are brought to the field of visualisation infrastructure. Problems in visualisation have a specific set of requirements which are not always met by existing systems. The first half of this thesis explores a specific problem for large scale visualisation; that of data management. Visualisation algorithms have somewhat different requirements to other external memory problems, due to the fact that they often require access to all, or a large subset, of the data in a way that is highly dependent on the view. This thesis proposes a knowledge-based approach to pre-fetching in this context, and presents evidence that such an approach yields good performance. The knowledge based approach is incorporated into a five-layer model, which provides a systematic way of categorising and designing out-of-core, or external memory, systems. This model is demonstrated with two example implementations, on in the local and one in the remote context. The second half explores autonomic visualisation in the more general case. A simulation tool, created for the purpose of designing autonomic visualisation infrastructure is presented. This tool, SimEAC, provides a way of facilitating the development of techniques for managing large-scale visualisation systems. The abstract design of the simulation system, as well as details of the implementation are presented. The architecture of the simulator is explored, and then the system is evaluated in a number of case studies indicating some of the ways in which it can be used. The simulator provides a framework for experimentation and rapid prototyping of large scale autonomic systems