Maruchi OS kankyo o shiensuru sofutowea oyobi hadowea kino no teian

制度:新 ; 報告番号:甲3534号 ; 学位の種類:博士(工学) ; 授与年月日:2012/2/25 ; 早大学位記番号:新587

Dynamic management of multiple operating systems in an embedded multi-core environment

Modernit sulautetut laitteet, kuten älypuhelimet, ovat kasvaneet monimutkaisiksi tietokonejärjestelmiksi, jotka tarjoavat samaan aikaan niin rikasta käyttäjäkokemusta kuin reaaliaikaista suorituskykyä alemman tason laitteille, kuten kameralle tai radiolle. Kilpailu sulautettujen järjestelmien markkinoilla on kovaa, etenkin loppukäyttäjille myytävissä mobiililaitteissa, mikä johtaa tarpeeseen vähentää laitteiden valmistuskustannuksia vaikuttamatta laitteen suorituskykyyn. Pöytäkoneiden markkinoilla jo pitkään tapahtunut siirtyminen moniydinsuorittimen käyttöön on viime aikoina alkanut tapahtua myös sulautetuissa järjestelmissä, joiden haasteena on jatkuvasti kasvava vaatimustaso suorituskyvylle ja toisaalta taas tiukat rajoitukset energiankäytölle. Moniydinsuorittimista ei kuitenkaan saada toivottua suorituskyvyn lisäystä, jos ohjelmistokehitystä jatketaan vanhoilla, yksiydinsuorittimille tarkoitettuilla toimintatavoilla. Tässä työssä esitellään systeemitason ratkaisu moniydinprosessorien rinnakkaisen laskentavoiman tehokkaaseen käyttöön. Työssä kehitettiin ratkaisu nimeltä DynOS SPUMONE, jonka perustana on käyttää kevyttä virtualisointikerrosta ajamaan samanaikaisesti eri käyttöjärjestelmiä moniydinprosessorin eri ytimillä tarpeen mukaan. Ideana on ajaa tarvittaessa reaaliaikaista suorituskykyä vaativat ohjelmat omalla ytimellään käyttäen reaaliaikakäyttöjärjestelmää. Ratkaisua voitaisiin käyttää säästämään sulautettujen laitteiden valmistuskuluissa poistamalla nykyisen tarpeen käyttää erillisiä piirejä ajamaan reaaliaikasovelluksia. Työssä kehitettiin myös DynOS SPUMONE:en perustuva prototyyppi, joka verifikoitiin ja arvioitiin. Työn tulokset osoittavat DynOS SPUMONE:en pohjautuvien ratkaisujen olevan toteutettavissa erittäin kohtuullisin suunnittelukustannuksin ilman mainittavaa vaikutusta systeemin reaaliaikaiseen suorituskykyyn.Modern embedded devices, such as smartphones, have grown into complex computer systems that provide a rich set of functionality for their users while still maintaining real-time responsiveness for their low level functions such as radio communication or camera control. The embedded market is very competitive, especially in end-user mobile devices, making it desirable to reduce manufacturing costs without compromising device performance wherever possible. The ever-growing user demand for more computing-intensive applications coupled with tight energy budgets has led the embedded manufacturers to seek performance gains from multi-core architectures, much like their desktop counterparts. However, multi-core architectures have little to provide in performance gains when used with applications developed with traditional software design methods that are aimed at single-core archictures. This thesis presents a system-level solution for e_ectively using the parallel computing power of multi-core processors. DynOS SPUMONE, a concept of using a light weight virtualization layer to dynamically dispatch di_erent OSes on di_erent cores, was developed. The concept is to run real-time tasks, such as device control for peripherals, on real-time capable operating systems running on dedicated cores only when they are actually needed. This could be used to eliminate separate physical chips on the device, which would reduce manufacturing costs. A prototype implementation of DynOS SPUMONE was built, veri_ed and evaluated. The results show that the DynOS SPUMONE concept is realizable with reasonable engineering costs and without significant drops in real-time performance

Simulink Block Library for LEGO NXT

Simulink Block Library for LEGO NXT Abstrakt Dominik Škoda July 30, 2014 Cílem této práce je vytvořit podporu platformy LEGO NXT ve vývojářském prostředí Simulink. Takováto podpora cílové platformy již existuje, ale má několik nevýhod. Především je určena výhradně pro operační systémy Windows a její implementace je uzavřená, tudíž se nedá rozšířit ani přizpůsobit. Důraz, v tomto projektu, je kladen především na podporu operačních systémů založených na Linuxu a na otevřenosti celého řešení umožňující rozšíření a přizpůsobení pro- jektu. Modelem řízený vývoj systémů pro platformu LEGO NXT za pomoci tohoto projektu zahrnuje testování modelu pomocí simulace a generování kódu v prostředí Simulinku s využitím jeho standardních nástrojů a nasazování hotových programů na cílová zařízení. Systémy vygenerované s pomocí tohoto projektu se řadí mezi systémy reálného času.Simulink Block Library for LEGO NXT Abstract Dominik Škoda July 30, 2014 The goal of this work is to create a support for the LEGO NXT platform in Simulink development environment. Such support of the target platform already exists, but it suffers from several disadvantages. At first it is provided exclusively for Windows operating systems, and the implementation is closed, therefor neither extensible nor customizable. The main premise of this project is the support of Linux operating systems. The project is also opened to ensure the extensibility and customizability. The model-driven development of systems for the LEGO NXT platform using this project comprises the model testing in a simulation and code generation in Simulink environment by using its standard tools, and deployment of completed programs to target devices. The systems generated with the help of this project are categorized as real-time systems.Katedra softwarového inženýrstvíDepartment of Software EngineeringFaculty of Mathematics and PhysicsMatematicko-fyzikální fakult

Ohjelmistopohjainen etätodentaminen asioiden internetissä

When in the old days the Internet consisted mostly of workstations, servers, mainframes and networking devices, the rise of the Internet of Things has brought along smart embedded systems that are aware of their surroundings, make their own decisions and communicate with each other accordingly. These systems can be anything and anywhere from a lamp to a refrigerator. These systems require mutual trust and their integrity has to be monitored. One way to achieve this is to use attestation. Attestation is a process that is used for ensuring trust and integrity of a device. Another important factor in designing IoT devices is their cost-effectiveness. It is desirable for the devices to be cheap to manufacture so any extra hardware might become costly. One mechanism that helps to create attestation without extra hardware is to use software based attestation. The replacement of hardware attestation with software mechanisms enable faster provisioning of IoT devices to the network. One problem is that usually in IoT case the attestation traffic is communicated over insecure channels where an attacker might be listening. Another thing to be taken into consideration is the physical security, the theft of the device and its effects. One good thing of software-based attestation is the platform agnosticism

Low power processor architecture and multicore approach for embedded systems

13301甲第4319号博士（工学）金沢大学博士論文本文Full 以下に掲載：1.IEICE Transactions Vol. E98-C(7) pp.544-549 2015. IEICE. 共著者： S. Otani, H. Kondo. /2.Reuse 許可エビデンス送

A TrustZone-assisted secure silicon on a co-design framework

Dissertação de mestrado em Engenharia Eletrónica Industrial e ComputadoresEmbedded systems were for a long time, single-purpose and closed systems, characterized by hardware resource constraints and real-time requirements. Nowadays, their functionality is ever-growing, coupled with an increasing complexity and heterogeneity. Embedded applications increasingly demand employment of general-purpose operating systems (GPOSs) to handle operator interfaces and general-purpose computing tasks, while simultaneously ensuring the strict timing requirements. Virtualization, which enables multiple operating systems (OSs) to run on top of the same hardware platform, is gaining momentum in the embedded systems arena, driven by the growing interest in consolidating and isolating multiple and heterogeneous environments. The penalties incurred by classic virtualization approaches is pushing research towards hardware-assisted solutions. Among the existing commercial off-the-shelf (COTS) technologies for virtualization, ARM TrustZone technology is gaining momentum due to the supremacy and lower cost of TrustZone-enabled processors. Programmable system-on-chips (SoCs) are becoming leading players in the embedded systems space, because the combination of a plethora of hard resources with programmable logic enables the efficient implementation of systems that perfectly fit the heterogeneous nature of embedded applications. Moreover, novel disruptive approaches make use of field-programmable gate array (FPGA) technology to enhance virtualization mechanisms. This master’s thesis proposes a hardware-software co-design framework for easing the economy of addressing the new generation of embedded systems requirements. ARM TrustZone is exploited to implement the root-of-trust of a virtualization-based architecture that allows the execution of a GPOS side-by-side with a real-time OS (RTOS). RTOS services were offloaded to hardware, so that it could present simultaneous improvements on performance and determinism. Instead of focusing in a concrete application, the goal is to provide a complete framework, specifically tailored for Zynq-base devices, that developers can use to accelerate a bunch of distinct applications across different embedded industries.Os sistemas embebidos foram, durante muitos anos, sistemas com um simples e único propósito, caracterizados por recursos de hardware limitados e com cariz de tempo real. Hoje em dia, o número de funcionalidades começa a escalar, assim como o grau de complexidade e heterogeneidade. As aplicações embebidas exigem cada vez mais o uso de sistemas operativos (OSs) de uso geral (GPOS) para lidar com interfaces gráficas e tarefas de computação de propósito geral. Porém, os seus requisitos primordiais de tempo real mantém-se. A virtualização permite que vários sistemas operativos sejam executados na mesma plataforma de hardware. Impulsionada pelo crescente interesse em consolidar e isolar ambientes múltiplos e heterogéneos, a virtualização tem ganho uma crescente relevância no domínio dos sistemas embebidos. As adversidades que advém das abordagens de virtualização clássicas estão a direcionar estudos no âmbito de soluções assistidas por hardware. Entre as tecnologias comerciais existentes, a tecnologia ARM TrustZone está a ganhar muita relevância devido à supremacia e ao menor custo dos processadores que suportam esta tecnologia. Plataformas hibridas, que combinam processadores com lógica programável, estão em crescente penetração no domínio dos sistemas embebidos pois, disponibilizam um enorme conjunto de recursos que se adequam perfeitamente à natureza heterogénea dos sistemas atuais. Além disso, existem soluções recentes que fazem uso da tecnologia de FPGA para melhorar os mecanismos de virtualização. Esta dissertação propõe uma framework baseada em hardware-software de modo a cumprir os requisitos da nova geração de sistemas embebidos. A tecnologia TrustZone é explorada para implementar uma arquitetura que permite a execução de um GPOS lado-a-lado com um sistemas operativo de tempo real (RTOS). Os serviços disponibilizados pelo RTOS são migrados para hardware, para melhorar o desempenho e determinismo do OS. Em vez de focar numa aplicação concreta, o objetivo é fornecer uma framework especificamente adaptada para dispositivos baseados em System-on-chips Zynq, de forma a que developers possam usar para acelerar um vasto número de aplicações distintas em diferentes setores

lLTZVisor: a lightweight TrustZone-assisted hypervisor for low-end ARM devices

Dissertação de mestrado em Engenharia Eletrónica Industrial e ComputadoresVirtualization is a well-established technology in the server and desktop space and has recently been spreading across different embedded industries. Facing multiple challenges derived by the advent of the Internet of Things (IoT) era, these industries are driven by an upgrowing interest in consolidating and isolating multiple environments with mixed-criticality features, to address the complex IoT application landscape. Even though this is true for majority mid- to high-end embedded applications, low-end systems still present little to no solutions proposed so far. TrustZone technology, designed by ARM to improve security on its processors, was adopted really well in the embedded market. As such, the research community became active in exploring other TrustZone’s capacities for isolation, like an alternative form of system virtualization. The lightweight TrustZone-assisted hypervisor (LTZVisor), that mainly targets the consolidation of mixed-criticality systems on the same hardware platform, is one design example that takes advantage of TrustZone technology for ARM application processors. With the recent introduction of this technology to the new generation of ARM microcontrollers, an opportunity to expand this breakthrough form of virtualization to low-end devices arose. This work proposes the development of the lLTZVisor hypervisor, a refactored LTZVisor version that aims to provide strong isolation on resource-constrained devices, while achieving a low-memory footprint, determinism and high efficiency. The key for this is to implement a minimal, reliable, secure and predictable virtualization layer, supported by the TrustZone technology present on the newest generation of ARM microcontrollers (Cortex-M23/33).Virtualização é uma tecnologia já bem estabelecida no âmbito de servidores e computadores pessoais que recentemente tem vindo a espalhar-se através de várias indústrias de sistemas embebidos. Face aos desafios provenientes do surgimento da era Internet of Things (IoT), estas indústrias são guiadas pelo crescimento do interesse em consolidar e isolar múltiplos sistemas com diferentes níveis de criticidade, para atender ao atual e complexo cenário aplicativo IoT. Apesar de isto se aplicar à maioria de aplicações embebidas de média e alta gama, sistemas de baixa gama apresentam-se ainda com poucas soluções propostas. A tecnologia TrustZone, desenvolvida pela ARM de forma a melhorar a segurança nos seus processadores, foi adoptada muito bem pelo mercado dos sistemas embebidos. Como tal, a comunidade científica começou a explorar outras aplicações da tecnologia TrustZone para isolamento, como uma forma alternativa de virtualização de sistemas. O "lightweight TrustZone-assisted hypervisor (LTZVisor)", que tem sobretudo como fim a consolidação de sistemas de criticidade mista na mesma plataforma de hardware, é um exemplo que tira vantagem da tecnologia TrustZone para os processadores ARM de alta gama. Com a recente introdução desta tecnologia para a nova geração de microcontroladores ARM, surgiu uma oportunidade para expandir esta forma inovadora de virtualização para dispositivos de baixa gama. Este trabalho propõe o desenvolvimento do hipervisor lLTZVisor, uma versão reestruturada do LTZVisor que visa em proporcionar um forte isolamento em dispositivos com recursos restritos, simultâneamente atingindo um baixo footprint de memória, determinismo e alta eficiência. A chave para isto está na implementação de uma camada de virtualização mínima, fiável, segura e previsível, potencializada pela tecnologia TrustZone presente na mais recente geração de microcontroladores ARM (Cortex-M23/33)

ProCom middleware

The goal of this thesis is to develop and implement parts of a middleware that provides necessary support for the execution of ProCom components on top of the real-time operating system FreeRTOS. The ProCom is a component model for embedded systems developed at Mälardalen University. The primary problem is finding an appropriate balance between the level of abstraction and thoughtful utilization of system resources in embedded devices. The defined target platform has limitations in comparison to general purpose computer. These include constraints in available resources such as memory, CPU or bandwidth together with strict requirements in terms of worst-case response time and reliability. We have to also face the problem of limited debugging facilities or their complete absence. In this project, we have examined differences between several real-time and non real- time operating systems. We focus on finding a common subset of core functions that the system must support in order to ensure adequate support for running designed components. We have also identified and tested the suitable libraries to support different types of communication especially TCP/IP. However, we are keenly aware of the limitations of used communication types for analysis of the behavior of real-time systems.Cílem práce je navhnout a implementovat části midlewaru, který poskytuje nut- nou podporu pro běh ProCom komponent nad real-time operačním systémem FreeRTOS. ProCom je název komponentového modelu pro vestavěné systémy vyvinutý na Mälardalen University. Primární úlohou je nalezení vhodného kompomisu mezi úrovní abstrakce a ohleduplného využívání systémových zdrojů ve vestavěných systémech. Definovaná cílová platforma má mnohé limitující faktory v porovnání s běžným počítačem. K těmto omezením patří zejména omezená paměť, procesor nebo přenosová kapacita komunikačních kanálů a zároveň strikní požadavky na spolehlivost a odezvu systému. Při řešení jsme čelili problému s limitujícími nebo chybějícími technickými prostředky pro odstraňování chyb programu. V práci jsou řešeny problémy s rozdílností operačních systémů bez a s real-time podporou. Zaměřili jsme se na nalezení společné podmnožiny funkcí systému nezbytné pro zajištění adekvátní podpory běhu navržených komponent. Rovněž jsme nalezli a otestovali vhodné knihovny pro různé druhy síťové komunikace zejména TCP/IP, i když jsme si plně vědomi jejich limitů při použití v real-time systémech a analýze jejich chování.Department of Distributed and Dependable SystemsKatedra distribuovaných a spolehlivých systémůMatematicko-fyzikální fakultaFaculty of Mathematics and Physic

Enabling system survival across hypervisor failures

Dissertação de mestrado em Engenharia Eletrónica Industrial e ComputadoresEmbedded system’s evolution is notorious and due to the complexity growth, these systems possess more general purpose behaviour instead of its original single purpose features. Naturally, virtualization started to impact this matter. This technology decreases the hardware costs since it allows to run several software components on the same hardware. Although virtualization begun as a pure software layer, many companies started to provide hardware solutions to assist it. Despite ARM TrustZone technology being a security extension, many developers realized that it was possible to use this extension to support development of hypervisors. With TrustZone, hypervisors can ensure one of the most important features in virtualization: isolation between guests. However, this hardware technology revealed some vulnerabilities and since the whole system is TrustZone dependent, the virtualization can be compromised. To address this problem, this thesis proposes an hybrid software/hardware mechanism to handle failures of TrustZone-based hypervisors. By using the processor’s abort exceptions and hash keys, this project detects system malfunctions caused by imperfect designs or even deliberate attacks. Additionally, it provides a restoration model by checkpoints which allows a system recovery without major throwbacks. The implemented solution was deployed on TrustZone-based LTZVisor, an open-source and in-house hypervisor, and the revealed results are appealing. With a 6.5% memory footprint increase and in the worst case scenario, an increment of 23% in context switching time, it is possible to detect secure memory invasions and recover the system. Despite of the hypervisor memory footprint increment and latency addition, the reliability and availability that the system bring to the LTZVisor are unquestionable.A evolução dos sistemas embebidos é notória e, devido ao aumento da sua complexidade, estes sistemas cada vez mais possuem um comportamento de propósito geral, em vez das suas características originais de propósito único. Naturalmente, a virtualização começou a ter impacto sobre este meio, uma vez que permite executar vários componentes de software no mesmo hardware, diminuindo os custos de hardware. Embora a virtualização tenha começado como uma camada de software pura, muitas empresas começaram a fornecer soluções de hardware para auxiliá-lo. Apesar da TrustZone ter sido projetada pela ARM para ser uma extensão de segurança, muitos desenvolvedores perceberam que era possível usá-la para suporte ao desenvolvimento de hipervisores. Com a TrustZone, os hipervisores podem garantir uma das premissas mais importantes da virtualização: isolamento entre hóspedes. No entanto, esta tecnologia de hardware revelou algumas vulnerabilidades e, sendo todo o sistema dependente da TrustZone, a virtualização pode ficar comprometida. Para solucionar o problema, esta tese propõe um mecanismo híbrido de software/ hardware para lidar com as falhas em hipervisores baseados em TrustZone. Usando as excepções do processador e chaves de hash, este projecto detecta defeitos no sistema causados por imperfeições no design e também ataques intencionais. Além disso, este fornece um modelo de restauração por pontos de verificação, permitindo uma recuperação do sistema sem grandes retrocessos. A solução foi implementada no LTZVisor, um hipervisor em código aberto e desenvolvido no ESRG, sendo que os resultados revelados são satisfatórios. Com um aumento de 6,5% da memória usada e um incremento, no pior caso, de 23% no tempo de troca de contexto, é possível detectar invasões de memória segura e recuperar o sistema. Apesar do incremento de memória do hypervisor e da adição de latência, a confiabilidade e a disponibilidade que o sistema oferece ao LTZVisor são inquestionáveis