Skip to main content
SpringerLink
Log in

Reliable Device Sharing Mechanisms for Dual-OS Embedded Trusted Computing

  • Conference paper
Trust and Trustworthy Computing (Trust 2012)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7344))

Included in the following conference series:

Abstract

Dual-OS virtualization techniques allow consolidating a trus-ted real-time operating system (RTOS) and an untrusted general-purpose operating system (GPOS) onto the same embedded platform. In order to protect the reliability and real-time performance of the RTOS, platform devices are usually duplicated and assigned exclusively to each operating system causing an increase in the total hardware cost. This paper investigates and compares several mechanisms for sharing devices reliably in a dual-OS system. In particular, we observe that device sharing mechanisms currently used for cloud virtualization are not necessarily appropriate for dual-OS systems. We propose two new mechanisms based on the dynamic re-partition of devices; and evaluate them on a physical platform to show the advantages and drawbacks of each approach.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Wilson, P., Frey, A., Mihm, T., Kershaw, D., Alves, T.: Implementing Embedded Security on Dual-Virtual-CPU Systems. IEEE Design & Test of Computers 24(6), 582–591 (2007)

    Article  Google Scholar 

  2. Heiser, G.: The Role of Virtualization in Embedded Systems. In: Proceedings of the 1st Workshop on Isolation and Integration in Embedded Systems, Glasgow, UK, pp. 11–16 (2008)

    Google Scholar 

  3. Sangorrin, D., Honda, S., Takada, H.: Dual Operating System Architecture for Real-Time Embedded Systems. In: Proceedings of the 6th International Workshop on Operating Systems Platforms for Embedded Real-Time Applications (OSPERT), Brussels, Belgium, pp. 6–15 (2010)

    Google Scholar 

  4. Beltrame, G., Fossati, L., Zulianello, M., Braga, P., Henriques, L.: xLuna: a Real-Time, Dependable Kernel for Embedded Systems. In: Proceedings of the 19th IP Based Electronics System Conference and Exhibition (IP-SoC), Grenoble, France (2010)

    Google Scholar 

  5. Armand, F., Gien, M.: A practical look at micro-kernels and virtual machine monitors. In: Proceedings of the 6th IEEE Conference on Consumer Communications and Networking Conference, Piscataway, USA, pp. 395–401 (2009)

    Google Scholar 

  6. Chisnall, D.: The Definitive Guide to the Xen Hypervisor, 1st edn. Prentice Hall Press (2007)

    Google Scholar 

  7. Kivity, A., Kamay, Y., Laor, D., Lublin, U., Liguori, A.: kvm: the Linux Virtual Machine Monitor. In: Proceedings of the Ottawa Linux Symposium (OLS 2007), Ottawa, Canada, pp. 225–230 (2007)

    Google Scholar 

  8. ARM Ltd.: ARM Security Technology. Building a Secure System using TrustZone Technology, PRD29-GENC-009492C (2009)

    Google Scholar 

  9. TOPPERS project: Official website, http://www.toppers.jp/

  10. ARM Ltd.: ARM1176JZF-S TRM, DDI 0301G (2008)

    Google Scholar 

  11. ARM Ltd.: AMBA3 TrustZone Interrupt Controller TRM, DTO 0013B (2008)

    Google Scholar 

  12. Hergenhan, A., Heiser, G.: Operating Systems Technology for Converged ECUs. In: Proceedings of the 6th Embedded Security in Cars Conference (ESCAR), Hamburg, Germany (2008)

    Google Scholar 

  13. Sangorrin, D., Honda, S., Takada, H.: Reliable and Efficient Dual-OS Communications for Real-Time Embedded Virtualization, Internal Report, Nagoya University, Japan (2012)

    Google Scholar 

  14. Popek, G., Goldberg, R.: Formal requirements for virtualizable third generation architectures. Communications of the ACM 17(7), 412–421 (1974)

    Article  MathSciNet  MATH  Google Scholar 

  15. PCI-SIG: I/O Virtualization, http://www.pcisig.com/specifications/iov/

  16. Buildroot: Official website, http://buildroot.uclibc.org/

  17. ARM Ltd.: RealView Platform Baseboard for ARM1176JZF-S User Guide (2011)

    Google Scholar 

  18. ARM Ltd.: AMBA3 TrustZone Protection Controller TRM, DTO 0015A (2004)

    Google Scholar 

  19. ALSA project: Official website, http://www.alsa-project.org/

  20. Sugerman, J., Venkitachalam, G., Lim, B.: Virtualizing I/O Devices on VMware Workstation’s Hosted Virtual Machine Monitor. In: Proceedings of the USENIX 2001 Annual Technical Conference, Boston, USA, pp. 1–14 (2001)

    Google Scholar 

  21. Menon, A., Santos, J., Turner, Y., Janakiraman, G., Zwaenepoel, W.: Diagnosing performance overheads in the XEN virtual machine environment. In: Proceedings of the 1st ACM/USENIX International Conference on Virtual Execution Environments (VEE 2005), Chicago, USA, pp. 13–23 (2005)

    Google Scholar 

  22. Santos, J., Turner, Y., Janakiraman, G., Pratt, I.: Bridging the gap between software and hardware techniques for I/O virtualization. In: Proceedings of the USENIX 2008 Annual Technical Conference, Boston, USA, pp. 29–42 (2008)

    Google Scholar 

  23. Ram, K., Santos, J., Turner, Y.: Redesigning Xens Memory Sharing Mechanism for Safe and Efficient I/O Virtualization. In: Proceedings of the 2nd conference on I/O virtualization (WIOV 2010), Pittsburgh, USA (2010)

    Google Scholar 

  24. Gordon, A., Ben-Yehuda, M., Filimonov, D., Dahan, M.: VAMOS, Virtualization Aware Middleware. In: Proceedings of the 3rd Conference on I/O Virtualization (WIOV 2011), Portland, USA (2011)

    Google Scholar 

  25. Willmann, P., Rixner, S., Cox, A.: Protection strategies for direct access to virtualized I/O devices. In: Proceedings of the USENIX 2008 Annual Technical Conference, Boston, USA, pp. 15–28 (2008)

    Google Scholar 

  26. Ben-Yehuda, M., Xenidis, J., Ostrowski, M., Rister, K., Bruemmer, A., Doorn, L.: The Price of Safety: Evaluating IOMMU Performance. In: Proceedings of the Ottawa Linux Symposium (OLS 2007), Ottawa, Canada, pp. 9–20 (2007)

    Google Scholar 

  27. Xia, L., Lange, J., Dinda, P., Bae, C.: Investigating Virtual Passthrough I/O on Commodity Devices. Operating Systems Review 43(3), 83–94 (2009)

    Article  Google Scholar 

  28. Willmann, P., Shafer, J., Carr, D., Menon, A., Rixner, S., Cox, A., Zwaenepoel, W.: Concurrent Direct Network Access for Virtual Machine Monitors. In: Proceedings of the 13th IEEE International Symposium on High-Performance Computer Architecture (HPCA-13), Phoenix, USA, pp. 306–317 (2007)

    Google Scholar 

  29. Gordon, A., Amit, N., HarEl, N., Ben-Yehuda, M., Landau, A., Schuster, A., Tsafrir, D.: ELI: Bare-Metal Performance for I/O Virtualization. In: Proceedings of the 17th ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS 2012), London, UK (2012)

    Google Scholar 

  30. Zhai, E., Cummings, G., Dong, Y.: Live Migration with Pass-through Device for Linux VM. In: Proceedings of the Ottawa Linux Symposium (OLS 2008), Ottawa, Canada, pp. 261–268 (2008)

    Google Scholar 

  31. Kadav, A., Swift, M.: Live migration of direct-access devices. Operating Systems Review 43(3), 95–104 (2009)

    Article  Google Scholar 

  32. Raj, H., Schwan, K.: High performance and scalable I/O virtualization via self-virtualized devices. In: Proceedings of the 16th International Symposium on High Performance Distributed Computing, California, USA, pp. 179–188 (2007)

    Google Scholar 

  33. Rauchfuss, H., Wild, T., Herkersdorf, A.: A network interface card architecture for I/O virtualization in embedded systems. In: Proceedings of the 2nd Conference on I/O Virtualization (WIOV 2010), Pittsburgh, USA (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Graduate School of Information Science, Nagoya University, Furo-cho, Chikusa-ku, 464-8601, Nagoya, Japan

    Daniel Sangorrín, Shinya Honda & Hiroaki Takada

Authors
  1. Daniel SangorrĂ­n
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shinya Honda
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hiroaki Takada
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, Technical University Darmstadt, Hochschulstrasse 10, 64289, Darmstadt, Germany

    Stefan Katzenbeisser  & Melanie Volkamer  & 

  2. Institute of Software Technology and Interactive Systems, Vienna University of Technology and SBA Research, Favoritenstrsse 9-11, 1040, Vienna, Austria

    Edgar Weippl

  3. School of Informatics, Indiana University, 901 East Tenth Street, 47405, Bloomington, IN, USA

    L. Jean Camp

  4. Department of Computer Science, University of North Carolina at Chapel Hill, 201 S. Columbia Street UNH-CH, 27599-3175, Chapel Hill, NC, USA

    Mike Reiter

  5. Huawei America R&D, 2330 Central Expressway, 95050, Santa Clara, CA, USA

    Xinwen Zhang

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

SangorrĂ­n, D., Honda, S., Takada, H. (2012). Reliable Device Sharing Mechanisms for Dual-OS Embedded Trusted Computing. In: Katzenbeisser, S., Weippl, E., Camp, L.J., Volkamer, M., Reiter, M., Zhang, X. (eds) Trust and Trustworthy Computing. Trust 2012. Lecture Notes in Computer Science, vol 7344. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-30921-2_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-30921-2_5

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-30920-5

  • Online ISBN: 978-3-642-30921-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation