Abstract
Dual-OS virtualization techniques allow consolidating a trus-ted real-time operating system (RTOS) and an untrusted general-purpose operating system (GPOS) onto the same embedded platform. In order to protect the reliability and real-time performance of the RTOS, platform devices are usually duplicated and assigned exclusively to each operating system causing an increase in the total hardware cost. This paper investigates and compares several mechanisms for sharing devices reliably in a dual-OS system. In particular, we observe that device sharing mechanisms currently used for cloud virtualization are not necessarily appropriate for dual-OS systems. We propose two new mechanisms based on the dynamic re-partition of devices; and evaluate them on a physical platform to show the advantages and drawbacks of each approach.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Wilson, P., Frey, A., Mihm, T., Kershaw, D., Alves, T.: Implementing Embedded Security on Dual-Virtual-CPU Systems. IEEE Design & Test of Computers 24(6), 582–591 (2007)
Heiser, G.: The Role of Virtualization in Embedded Systems. In: Proceedings of the 1st Workshop on Isolation and Integration in Embedded Systems, Glasgow, UK, pp. 11–16 (2008)
Sangorrin, D., Honda, S., Takada, H.: Dual Operating System Architecture for Real-Time Embedded Systems. In: Proceedings of the 6th International Workshop on Operating Systems Platforms for Embedded Real-Time Applications (OSPERT), Brussels, Belgium, pp. 6–15 (2010)
Beltrame, G., Fossati, L., Zulianello, M., Braga, P., Henriques, L.: xLuna: a Real-Time, Dependable Kernel for Embedded Systems. In: Proceedings of the 19th IP Based Electronics System Conference and Exhibition (IP-SoC), Grenoble, France (2010)
Armand, F., Gien, M.: A practical look at micro-kernels and virtual machine monitors. In: Proceedings of the 6th IEEE Conference on Consumer Communications and Networking Conference, Piscataway, USA, pp. 395–401 (2009)
Chisnall, D.: The Definitive Guide to the Xen Hypervisor, 1st edn. Prentice Hall Press (2007)
Kivity, A., Kamay, Y., Laor, D., Lublin, U., Liguori, A.: kvm: the Linux Virtual Machine Monitor. In: Proceedings of the Ottawa Linux Symposium (OLS 2007), Ottawa, Canada, pp. 225–230 (2007)
ARM Ltd.: ARM Security Technology. Building a Secure System using TrustZone Technology, PRD29-GENC-009492C (2009)
TOPPERS project: Official website, http://www.toppers.jp/
ARM Ltd.: ARM1176JZF-S TRM, DDI 0301G (2008)
ARM Ltd.: AMBA3 TrustZone Interrupt Controller TRM, DTO 0013B (2008)
Hergenhan, A., Heiser, G.: Operating Systems Technology for Converged ECUs. In: Proceedings of the 6th Embedded Security in Cars Conference (ESCAR), Hamburg, Germany (2008)
Sangorrin, D., Honda, S., Takada, H.: Reliable and Efficient Dual-OS Communications for Real-Time Embedded Virtualization, Internal Report, Nagoya University, Japan (2012)
Popek, G., Goldberg, R.: Formal requirements for virtualizable third generation architectures. Communications of the ACM 17(7), 412–421 (1974)
PCI-SIG: I/O Virtualization, http://www.pcisig.com/specifications/iov/
Buildroot: Official website, http://buildroot.uclibc.org/
ARM Ltd.: RealView Platform Baseboard for ARM1176JZF-S User Guide (2011)
ARM Ltd.: AMBA3 TrustZone Protection Controller TRM, DTO 0015A (2004)
ALSA project: Official website, http://www.alsa-project.org/
Sugerman, J., Venkitachalam, G., Lim, B.: Virtualizing I/O Devices on VMware Workstation’s Hosted Virtual Machine Monitor. In: Proceedings of the USENIX 2001 Annual Technical Conference, Boston, USA, pp. 1–14 (2001)
Menon, A., Santos, J., Turner, Y., Janakiraman, G., Zwaenepoel, W.: Diagnosing performance overheads in the XEN virtual machine environment. In: Proceedings of the 1st ACM/USENIX International Conference on Virtual Execution Environments (VEE 2005), Chicago, USA, pp. 13–23 (2005)
Santos, J., Turner, Y., Janakiraman, G., Pratt, I.: Bridging the gap between software and hardware techniques for I/O virtualization. In: Proceedings of the USENIX 2008 Annual Technical Conference, Boston, USA, pp. 29–42 (2008)
Ram, K., Santos, J., Turner, Y.: Redesigning Xens Memory Sharing Mechanism for Safe and Efficient I/O Virtualization. In: Proceedings of the 2nd conference on I/O virtualization (WIOV 2010), Pittsburgh, USA (2010)
Gordon, A., Ben-Yehuda, M., Filimonov, D., Dahan, M.: VAMOS, Virtualization Aware Middleware. In: Proceedings of the 3rd Conference on I/O Virtualization (WIOV 2011), Portland, USA (2011)
Willmann, P., Rixner, S., Cox, A.: Protection strategies for direct access to virtualized I/O devices. In: Proceedings of the USENIX 2008 Annual Technical Conference, Boston, USA, pp. 15–28 (2008)
Ben-Yehuda, M., Xenidis, J., Ostrowski, M., Rister, K., Bruemmer, A., Doorn, L.: The Price of Safety: Evaluating IOMMU Performance. In: Proceedings of the Ottawa Linux Symposium (OLS 2007), Ottawa, Canada, pp. 9–20 (2007)
Xia, L., Lange, J., Dinda, P., Bae, C.: Investigating Virtual Passthrough I/O on Commodity Devices. Operating Systems Review 43(3), 83–94 (2009)
Willmann, P., Shafer, J., Carr, D., Menon, A., Rixner, S., Cox, A., Zwaenepoel, W.: Concurrent Direct Network Access for Virtual Machine Monitors. In: Proceedings of the 13th IEEE International Symposium on High-Performance Computer Architecture (HPCA-13), Phoenix, USA, pp. 306–317 (2007)
Gordon, A., Amit, N., HarEl, N., Ben-Yehuda, M., Landau, A., Schuster, A., Tsafrir, D.: ELI: Bare-Metal Performance for I/O Virtualization. In: Proceedings of the 17th ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS 2012), London, UK (2012)
Zhai, E., Cummings, G., Dong, Y.: Live Migration with Pass-through Device for Linux VM. In: Proceedings of the Ottawa Linux Symposium (OLS 2008), Ottawa, Canada, pp. 261–268 (2008)
Kadav, A., Swift, M.: Live migration of direct-access devices. Operating Systems Review 43(3), 95–104 (2009)
Raj, H., Schwan, K.: High performance and scalable I/O virtualization via self-virtualized devices. In: Proceedings of the 16th International Symposium on High Performance Distributed Computing, California, USA, pp. 179–188 (2007)
Rauchfuss, H., Wild, T., Herkersdorf, A.: A network interface card architecture for I/O virtualization in embedded systems. In: Proceedings of the 2nd Conference on I/O Virtualization (WIOV 2010), Pittsburgh, USA (2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
SangorrĂn, D., Honda, S., Takada, H. (2012). Reliable Device Sharing Mechanisms for Dual-OS Embedded Trusted Computing. In: Katzenbeisser, S., Weippl, E., Camp, L.J., Volkamer, M., Reiter, M., Zhang, X. (eds) Trust and Trustworthy Computing. Trust 2012. Lecture Notes in Computer Science, vol 7344. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-30921-2_5
Download citation
DOI: https://doi.org/10.1007/978-3-642-30921-2_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-30920-5
Online ISBN: 978-3-642-30921-2
eBook Packages: Computer ScienceComputer Science (R0)