393 research outputs found
Scheduling policies and system software architectures for mixed-criticality computing
Mixed-criticality model of computation is being increasingly
adopted in timing-sensitive systems. The model not only
ensures that the most critical tasks in a system never fails,
but also aims for better systems resource utilization in normal condition. In this report, we describe the widely used
mixed-criticality task model and fixed-priority scheduling
algorithms for the model in uniprocessors. Because of the
necessity by the mixed-criticality task model and scheduling
policies, isolation, both temporal and spatial, among tasks is
one of the main requirements from the system design point
of view. Different virtualization techniques have been used
to design system software architecture with the goal of isolation. We discuss such a few system software architectures
which are being and can be used for mixed-criticality model
of computation
Evaluation of MILS and reduced kernel security concepts for SCADA remote terminal units.
The purpose of this project is to study the benefits that the Multiple Independent Levels of Security (MILS) approach can provide to Supervisory Control and Data Acquisition (SCADA) remote terminal units. This is accomplished through a heavy focus on MILS concepts such as resource separation, verification, and kernel minimization and reduction. Two architectures are leveraged to study the application of reduced kernel concepts for a remote terminal unit (RTU). The first is the LynxOS embedded operating system, which is used to create a bootable image of a working RTU. The second is the Pistachio microkernel, the features and development environment of which are analyzed and catalogued to provide the basis for a future RTU. A survey of recent literature is included that focuses on the state of SCADA security, the MILS standard, and microkernel research. The design methodology for a MILS compliant RTU is outlined, including a benefit analysis of applying MILS in an industrial network setting. Also included are analyses of the concepts of MILS which are relevant to the design and how LynxOS and Pistachio can be used to study some of these concepts. A section detailing the prototyping of RTUs on LynxOS and Pistachio is also included, followed by an initial security and performance analysis for both systems
Time Protection: the Missing OS Abstraction
Timing channels enable data leakage that threatens the security of computer
systems, from cloud platforms to smartphones and browsers executing untrusted
third-party code. Preventing unauthorised information flow is a core duty of
the operating system, however, present OSes are unable to prevent timing
channels. We argue that OSes must provide time protection in addition to the
established memory protection. We examine the requirements of time protection,
present a design and its implementation in the seL4 microkernel, and evaluate
its efficacy as well as performance overhead on Arm and x86 processors
Towards a formally designed and verified embedded operating system: case study using the B method
The dramatic growth in practical applications for iris biometrics has been accompanied
by relevant developments in the underlying algorithms and techniques. Along
with the research focused on near-infrared images captured with subject cooperation,
e orts are being made to minimize the trade-o between the quality of the captured
data and the recognition accuracy on less constrained environments, where images are
obtained at the visible wavelength, at increased distances, over simpli ed acquisition
protocols and adverse lightning conditions. At a rst stage, interpolation e ects on
normalization process are addressed, pointing the outcomes in the overall recognition
error rates. Secondly, a couple of post-processing steps to the Daugman's approach
are performed, attempting to increase its performance in the particular unconstrained
environments this thesis assumes. Analysis on both frequency and spatial domains
and nally pattern recognition methods are applied in such e orts. This thesis embodies
the study on how subject recognition can be achieved, without his cooperation,
making use of iris data captured at-a-distance, on-the-move and at visible wavelength
conditions. Widely used methods designed for constrained scenarios are analyzed
seL4 Microkernel for virtualization use-cases: Potential directions towards a standard VMM
Virtualization plays an essential role in providing security to computational
systems by isolating execution environments. Many software solutions, called
hypervisors, have been proposed to provide virtualization capabilities.
However, only a few were designed for being deployed at the edge of the
network, in devices with fewer computation resources when compared with servers
in the Cloud. Among the few lightweight software that can play the hypervisor
role, seL4 stands out by providing a small Trusted Computing Base and formally
verified components, enhancing its security. Despite today being more than a
decade with seL4 microkernel technology, its existing userland and tools are
still scarce and not very mature. Over the last few years, the main effort has
been put into increasing the maturity of the kernel itself and not the tools
and applications that can be hosted on top. Therefore, it currently lacks
proper support for a full-featured userland Virtual Machine Monitor, and the
existing one is quite fragmented. This article discusses the potential
directions to a standard VMM by presenting our view of design principles and
feature set needed. This article does not intend to define a standard VMM, we
intend to instigate this discussion through the seL4 community
- …