166 research outputs found

    Secure Virtualization of Latency-Constrained Systems

    Get PDF
    Virtualization is a mature technology in server and desktop environments where multiple systems are consolidate onto a single physical hardware platform, increasing the utilization of todays multi-core systems as well as saving resources such as energy, space and costs compared to multiple single systems. Looking at embedded environments reveals that many systems use multiple separate computing systems inside, including requirements for real-time and isolation properties. For example, modern high-comfort cars use up to a hundred embedded computing systems. Consolidating such diverse configurations promises to save resources such as energy and weight. In my work I propose a secure software architecture that allows consolidating multiple embedded software systems with timing constraints. The base of the architecture builds a microkernel-based operating system that supports a variety of different virtualization approaches through a generic interface, supporting hardware-assisted virtualization and paravirtualization as well as multiple architectures. Studying guest systems with latency constraints with regards to virtualization showed that standard techniques such as high-frequency time-slicing are not a viable approach. Generally, guest systems are a combination of best-effort and real-time work and thus form a mixed-criticality system. Further analysis showed that such systems need to export relevant internal scheduling information to the hypervisor to support multiple guests with latency constraints. I propose a mechanism to export those relevant events that is secure, flexible, has good performance and is easy to use. The thesis concludes with an evaluation covering the virtualization approach on the ARM and x86 architectures and two guest operating systems, Linux and FreeRTOS, as well as evaluating the export mechanism

    Hardware IPC for a TrustZone-assisted Hypervisor

    Get PDF
    Dissertação de mestrado em Engenharia Eletrónica Industrial e ComputadoresIn this modern era ruled by technology and the IoT (Internet of Things), embedded systems have an ubiquitous presence in our daily lives. Although they do differ from each other in their functionalities and end-purpose, they all share the same basic requirements: safety and security. Whether in a non-critical system such as a smartphone, or a critical one, like an electronic control unit of any modern vehicle, these requirements must always be fulfilled in order to accomplish a reliable and trust-worthy system. One well-established technology to address this problem is virtualization. It provides isolation by encapsulating each subsystem in separate Virtual-Machines (VMs), while also enabling the sharing of hardware resources. However, these isolated subsystems may still need to communicate with each other. Inter-Process Communication is present in most OSes’ stacks, representing a crucial part of it, which allows, through a myriad of different mechanisms, communication be- tween tasks. In a virtualized system, Inter-Partition Communication mechanisms implement the communication between the different subsystems referenced above. TrustZone technology has been in the forefront of hardware-assisted security and it has been explored for virtualization purposes, since natively it provides sep- aration between two execution worlds while enforcing, by design, different privi- lege to these execution worlds. LTZVisor, an open-source lightweight TrustZone- assisted hypervisor, emerged as a way of providing a platform for exploring how TrustZone can be exploited to assist virtualization. Its IPC mechanism, TZ- VirtIO, constitutes a standard virtual I/O approach for achieving communication between the OSes, but some overhead is caused by the introduction of the mech- anism. Hardware-based solutions are yet to be explored with this solution, which could bring performance and security benefits while diminishing overhead. Attending the reasons mentioned above, hTZ-VirtIO was developed as a way to explore the offloading of the software-based communication mechanism of the LTZVisor to hardware-based mechanisms.Atualmente, onde a tecnologia e a Internet das Coisas (IoT) dominam a so- ciedade, os sistemas embebidos são omnipresentes no nosso dia-a-dia, e embora possam diferir entre as funcionalidades e objetivos finais, todos partilham os mes- mos requisitos básicos. Seja um sistema não crítico, como um smartphone, ou um sistema crítico, como uma unidade de controlo de um veículo moderno, estes requisitos devem ser cumpridos de maneira a se obter um sistema confiável. Uma tecnologia bem estabelecida para resolver este problema é a virtualiza- ção. Esta abordagem providencia isolamento através do encapsulamento de sub- sistemas em máquinas virtuais separadas, além de permitir a partilha de recursos de hardware. No entanto, estes subsistemas isolados podem ter a necessidade de comunicar entre si. Comunicação entre tarefas está presente na maioria das pilhas de software de qualquer sistema e representa uma parte crucial dos mesmos. Num sistema virtualizado, os mecanismos de comunicação entre-partições implementam a comunicação entre os diferentes subsistemas mencionados acima. A tecnologia TrustZone tem estado na vanguarda da segurança assistida por hardware, e tem sido explorada na implementação de sistemas virtualizados, visto que permite nativamente a separação entre dois mundos de execução, e impondo ao mesmo tempo, por design, privilégios diferentes a esses mundos de execução. O LTZVisor, um hypervisor em código-aberto de baixo overhead assistido por Trust- Zone, surgiu como uma forma de fornecer uma plataforma que permite a explo- ração da TrustZone como tecnologia de assistência a virtualização. O TZ-VirtIO, mecanismo de comunicação do LTZVisor, constitui uma abordagem padrão de E/S virtuais, para permitir comunicação entre os sistemas operativos. No entanto, a introdução deste mecanismo provoca sobrecarga sobre o hypervisor. Soluções baseadas em hardware para o TZ-VirtIO ainda não foram exploradas, e podem trazer benefícios de desempenho e segurança, e diminuir a sobrecarga. Atendendo às razões mencionadas acima, o hTZ-VirtIO foi desenvolvido como uma maneira de explorar a migração do mecanismo de comunicação baseado em software do LTZVisor para mecanismos baseados em hardware

    ReTiF: A declarative real-time scheduling framework for POSIX systems

    Get PDF
    This paper proposes a novel framework providing a declarative interface to access real-time process scheduling services available in an operating system kernel. The main idea is to let applications declare their temporal requirements or characteristics without knowing exactly which underlying scheduling algorithms are offered by the system. The proposed framework can adequately handle such a set of heterogeneous requirements configuring the platform and partitioning the requests among the available multitude of cores, so to exploit the various scheduling disciplines that are available in the kernel, matching application requirements in the best possible way. The framework is realized with a modular architecture in which different plugins handle independently certain real-time scheduling features. The architecture is designed to make its behavior customization easier and enhance the support for other operating systems by introducing and configuring additional plugins

    A TrustZone-assisted secure silicon on a co-design framework

    Get PDF
    Dissertação de mestrado em Engenharia Eletrónica Industrial e ComputadoresEmbedded systems were for a long time, single-purpose and closed systems, characterized by hardware resource constraints and real-time requirements. Nowadays, their functionality is ever-growing, coupled with an increasing complexity and heterogeneity. Embedded applications increasingly demand employment of general-purpose operating systems (GPOSs) to handle operator interfaces and general-purpose computing tasks, while simultaneously ensuring the strict timing requirements. Virtualization, which enables multiple operating systems (OSs) to run on top of the same hardware platform, is gaining momentum in the embedded systems arena, driven by the growing interest in consolidating and isolating multiple and heterogeneous environments. The penalties incurred by classic virtualization approaches is pushing research towards hardware-assisted solutions. Among the existing commercial off-the-shelf (COTS) technologies for virtualization, ARM TrustZone technology is gaining momentum due to the supremacy and lower cost of TrustZone-enabled processors. Programmable system-on-chips (SoCs) are becoming leading players in the embedded systems space, because the combination of a plethora of hard resources with programmable logic enables the efficient implementation of systems that perfectly fit the heterogeneous nature of embedded applications. Moreover, novel disruptive approaches make use of field-programmable gate array (FPGA) technology to enhance virtualization mechanisms. This master’s thesis proposes a hardware-software co-design framework for easing the economy of addressing the new generation of embedded systems requirements. ARM TrustZone is exploited to implement the root-of-trust of a virtualization-based architecture that allows the execution of a GPOS side-by-side with a real-time OS (RTOS). RTOS services were offloaded to hardware, so that it could present simultaneous improvements on performance and determinism. Instead of focusing in a concrete application, the goal is to provide a complete framework, specifically tailored for Zynq-base devices, that developers can use to accelerate a bunch of distinct applications across different embedded industries.Os sistemas embebidos foram, durante muitos anos, sistemas com um simples e único propósito, caracterizados por recursos de hardware limitados e com cariz de tempo real. Hoje em dia, o número de funcionalidades começa a escalar, assim como o grau de complexidade e heterogeneidade. As aplicações embebidas exigem cada vez mais o uso de sistemas operativos (OSs) de uso geral (GPOS) para lidar com interfaces gráficas e tarefas de computação de propósito geral. Porém, os seus requisitos primordiais de tempo real mantém-se. A virtualização permite que vários sistemas operativos sejam executados na mesma plataforma de hardware. Impulsionada pelo crescente interesse em consolidar e isolar ambientes múltiplos e heterogéneos, a virtualização tem ganho uma crescente relevância no domínio dos sistemas embebidos. As adversidades que advém das abordagens de virtualização clássicas estão a direcionar estudos no âmbito de soluções assistidas por hardware. Entre as tecnologias comerciais existentes, a tecnologia ARM TrustZone está a ganhar muita relevância devido à supremacia e ao menor custo dos processadores que suportam esta tecnologia. Plataformas hibridas, que combinam processadores com lógica programável, estão em crescente penetração no domínio dos sistemas embebidos pois, disponibilizam um enorme conjunto de recursos que se adequam perfeitamente à natureza heterogénea dos sistemas atuais. Além disso, existem soluções recentes que fazem uso da tecnologia de FPGA para melhorar os mecanismos de virtualização. Esta dissertação propõe uma framework baseada em hardware-software de modo a cumprir os requisitos da nova geração de sistemas embebidos. A tecnologia TrustZone é explorada para implementar uma arquitetura que permite a execução de um GPOS lado-a-lado com um sistemas operativo de tempo real (RTOS). Os serviços disponibilizados pelo RTOS são migrados para hardware, para melhorar o desempenho e determinismo do OS. Em vez de focar numa aplicação concreta, o objetivo é fornecer uma framework especificamente adaptada para dispositivos baseados em System-on-chips Zynq, de forma a que developers possam usar para acelerar um vasto número de aplicações distintas em diferentes setores

    Design of an Embedded Readout System for the ALOFT Gamma-Ray Detector Instrument

    Get PDF
    Birkeland Center for Space Science has proposed a campaign known as the Airborne Lightning Observatory for FEGS & TGFs (ALOFT) to study Terrestrial Gamma-Ray Flashes (TGFs). TGFs are the most energetic natural phenomena occurring in the Earth’s atmosphere, and are important to our knowledge about the relationship between the Earth and space. The ALOFT campaign will use a gamma-ray detector instrument built by the University of Bergen which will be mounted to the NASA ER-2 High-Altitude Airborne Science Aircraft. This work covers the design and development of the embedded software used to offload and operate the detector readout system of said instrument. A similar instrument was built and flown in 2017. The new instrument differs from this by being implemented on a System on a Chip (SoC) embedded platform, reusing relevant modules from the old instrument. The software has been implemented with the FreeRTOS Realtime Operating System (RTOS). Design considerations to limit complexity, and the impact of the radiation environment the instrument is to be operated in, has been performed trough implementation of a checksum algorithm, cyclic rewriting of registers, and modular design strategies. A verification system has been realized with a prototype hardware setup, in which test systems has been added to process synthetic TGF-events in the software and hardware. Test with emulated data and a Telnet control interface has been successfully implemented. The current implementation focuses on modularity, and thus offers a very good framework for further development of the instrument when campaign specifications are decided.Masteroppgåve i fysikkMAMN-PHYSPHYS39

    Evaluation of the parallel computational capabilities of embedded platforms for critical systems

    Get PDF
    Modern critical systems need higher performance which cannot be delivered by the simple architectures used so far. Latest embedded architectures feature multi-cores and GPUs, which can be used to satisfy this need. In this thesis we parallelise relevant applications from multiple critical domains represented in the GPU4S benchmark suite, and perform a comparison of the parallel capabilities of candidate platforms for use in critical systems. In particular, we port the open source GPU4S Bench benchmarking suite in the OpenMP programming model, and we benchmark the candidate embedded heterogeneous multi-core platforms of the H2020 UP2DATE project, NVIDIA TX2, NVIDIA Xavier and Xilinx Zynq Ultrascale+, in order to drive the selection of the research platform which will be used in the next phases of the project. Our result indicate that in terms of CPU and GPU performance, the NVIDIA Xavier is the highest performing platform

    Flattening Hierarchical Scheduling.

    Get PDF
    ABSTRACT Recently, the application of virtual-machine technology to integrate real-time systems into a single host has received significant attention and caused controversy. Drawing two examples from mixed-criticality systems, we demonstrate that current virtualization technology, which handles guest scheduling as a black box, is incompatible with this modern scheduling discipline. However, there is a simple solution by exporting sufficient information for the host scheduler to overcome this problem. We describe the problem, the modification required on the guest and show on the example of two practical real-time operating systems how flattening the hierarchical scheduling problem resolves the issue. We conclude by showing the limitations of our technique at the current state of our research
    • …
    corecore