Dual Operating System Architecture for Real-Time Embedded Systems

Similar documents
A hypervisor approach with real-time support to the MIPS M5150 processor

Sierraware Overview. Simply Secure

Comparing Power Saving Techniques for Multi cores ARM Platforms

Deeply Embedded Real-Time Hypervisors for the Automotive Domain Dr. Gary Morgan, ETAS/ESC

1. Computer System Structure and Components

Enabling Technologies for Distributed Computing

Enabling Technologies for Distributed and Cloud Computing

Beyond Virtualization: A Novel Software Architecture for Multi-Core SoCs. Jim Ready September 18, 2012

Long-term monitoring of apparent latency in PREEMPT RT Linux real-time systems

Leveraging Thin Hypervisors for Security on Embedded Systems

Full and Para Virtualization

Virtual machines and operating systems

Microkernels, virtualization, exokernels. Tutorial 1 CSC469

XtratuM hypervisor redesign for LEON4 multicore processor

Hardware accelerated Virtualization in the ARM Cortex Processors

Virtualization in the ARMv7 Architecture Lecture for the Embedded Systems Course CSD, University of Crete (May 20, 2014)

Operating Systems. Lecture 03. February 11, 2013

Research on System Virtualization using Xen Hypervisor for ARM based secure mobile phones

Multicore partitioned systems based on hypervisor

Experience with the integration of distribution middleware into partitioned systems

An Overview of Microkernel, Hypervisor and Microvisor Virtualization Approaches for. embedded systems

COS 318: Operating Systems. Virtual Machine Monitors

PikeOS: Multi-Core RTOS for IMA. Dr. Sergey Tverdyshev SYSGO AG , Moscow

Virtualization for Hard Real-Time Applications Partition where you can Virtualize where you have to

ELI: Bare-Metal Performance for I/O Virtualization

Cloud Computing #6 - Virtualization

Xen and the Art of. Virtualization. Ian Pratt

Virtualization. P. A. Wilsey. The text highlighted in green in these slides contain external hyperlinks. 1 / 16

SierraVMI Sizing Guide

POSIX. RTOSes Part I. POSIX Versions. POSIX Versions (2)

Virtualization. Pradipta De

x86 ISA Modifications to support Virtual Machines

OPTIMIZE DMA CONFIGURATION IN ENCRYPTION USE CASE. Guillène Ribière, CEO, System Architect

Hard Real-Time Linux

XtratuM: a Hypervisor for Safety Critical Embedded Systems

Real-time KVM from the ground up

MODULE 3 VIRTUALIZED DATA CENTER COMPUTE

Thomas Fahrig Senior Developer Hypervisor Team. Hypervisor Architecture Terminology Goals Basics Details

Android Virtualization from Sierraware. Simply Secure

VtRES Towards Hardware Embedded Virtualization Technology: Architectural Enhancements to an ARM SoC. ESRG Embedded Systems Research Group

Development of Type-2 Hypervisor for MIPS64 Based Systems

Real-Time Operating Systems for MPSoCs

Resource Containers: A new facility for resource management in server systems

Hardware Based Virtualization Technologies. Elsie Wahlig Platform Software Architect

Virtualization. Michael Tsai 2015/06/08

The Xen of Virtualization

Chapter 5 Cloud Resource Virtualization

CS 695 Topics in Virtualization and Cloud Computing. More Introduction + Processor Virtualization

Securing your Virtual Datacenter. Part 1: Preventing, Mitigating Privilege Escalation

Title: XtratuM: a Hypervisor for Safety Critical Embedded Systems. Authors:M. Masmano, I. Ripoll, A. Crespo and J.J. Metge

I/O Virtualization Using Mellanox InfiniBand And Channel I/O Virtualization (CIOV) Technology

Real-Time Virtualization How Crazy Are We?

Advanced Computer Networks. Network I/O Virtualization

Real-time Operating Systems. VO Embedded Systems Engineering Armin Wasicek

Chapter 14 Virtual Machines

KVM: A Hypervisor for All Seasons. Avi Kivity avi@qumranet.com

Enhancing the Monitoring of Real-Time Performance in Linux

Virtualization. Jia Rao Assistant Professor in CS

Real-Time Operating Systems.

Virtualization Technology. Zhiming Shen

KVM in Embedded Requirements, Experiences, Open Challenges

Enhancing Hypervisor and Cloud Solutions Using Embedded Linux Iisko Lappalainen MontaVista

Virtualization is set to become a key requirement

Intel Virtualization Technology

Comprehensive Security for Internet-of-Things Devices With ARM TrustZone

CPET 581 Cloud Computing: Technologies and Enterprise IT Strategies. Virtualization of Clusters and Data Centers

Page 1 of 5. IS 335: Information Technology in Business Lecture Outline Operating Systems

Basics of Virtualisation

RTAI. Antonio Barbalace (modified by M.Moro 2011) RTAI

Hardware Virtualization on. ARM Cortex-A Low-Cost Building automation

Operating Systems 4 th Class

Embedded Systems. 6. Real-Time Operating Systems

Open Source Implementation of Hierarchical Scheduling for Integrated Modular Avionics

Real Time Operating Systems. Tajana Simunic Rosing Department of Computer Science and Engineering University of California, San Diego.

Virtualization. Types of Interfaces

Regional SEE-GRID-SCI Training for Site Administrators Institute of Physics Belgrade March 5-6, 2009

System Software and TinyAUTOSAR

Virtualization: Hypervisors for Embedded and Safe Systems. Hanspeter Vogel Triadem Solutions AG

Cloud Operating Systems for Servers

Hybrid Virtualization The Next Generation of XenLinux

Real- Time Mul,- Core Virtual Machine Scheduling in Xen

Quality of Service su Linux: Passato Presente e Futuro

FRONT FLYLEAF PAGE. This page has been intentionally left blank

KVM: Kernel-based Virtualization Driver

XTRATUM: AN OPEN SOURCE HYPERVISOR FOR TSP EMBEDDED SYSTEMS IN AEROSPACE

PROCESSOR VIRTUALIZATION ON EMBEDDED LINUX SYSTEMS

Hypervisors. Introduction. Introduction. Introduction. Introduction. Introduction. Credits:

ARM Cortex-R Architecture

Linux A multi-purpose executive support for civil avionics applications?

Virtual Machines. Virtualization

Evading Android Emulator

AppScope: Application Energy Metering Framework for Android Smartphones using Kernel Activity Monitoring

Transcription:

Dual Operating System Architecture for Real-Time Embedded Systems Daniel Sangorrín, Shinya Honda, Hiroaki Takada Nagoya University äk'f Jul 6, 2010 This presentation includes work done under the Monbukagakushou ( èñf ) scholarship funded by the Japanese government. Daniel Sangorrin (Nagoya University) OSPERT 2010 - Brussels Jul 6, 2010 1 / 24

Outline 1 Introduction Virtualization and Real-Time ARM TrustZone VMM requirements 2 VMM architecture SafeG, a TrustZone monitor Cyclic scheduling Priority-based scheduling 3 Implementation 4 Evaluation 5 Conclusions and future work Daniel Sangorrin (Nagoya University) OSPERT 2010 - Brussels Jul 6, 2010 2 / 24

Introduction Virtualization and Real-Time Virtualization for Real-Time Embedded Systems App: Execute GPOS and RTOS applications on a single platform GPOS kernel patches (e.g., Linux RT patch) Soft Real-Time only, low security and reliability Hybrid kernels (e.g., Xenomai, RTAI, RTLinux, Linux on ITRON) Hard Real-Time, native performance but no isolation Daniel Sangorrin (Nagoya University) OSPERT 2010 - Brussels Jul 6, 2010 3 / 24

Introduction Virtualization and Real-Time Virtualization for Real-Time Embedded Systems Hardware extensions (e.g., multicore) Increased price and power consumption Underutilization of RTOS core VMM/Hypervisors (e.g., OKL4, XtratuM, Integrity OS) Good isolation with some overhead Paravirtualization is hard to maintain Daniel Sangorrin (Nagoya University) OSPERT 2010 - Brussels Jul 6, 2010 4 / 24

Introduction Virtualization and Real-Time Virtualization challenges Modifications to the GPOS are difficult to maintain It is not possible to provide complete isolation Bus masters as DMA or GPUs can bypass protections Virtualizing them would severely damage performance Hardware-assisted Virtualization Embedded virtualization requires Integrated Scheduling Some GPOS tasks and interrupts require a certain QoS Not all RTOS activities need high priority Daniel Sangorrin (Nagoya University) OSPERT 2010 - Brussels Jul 6, 2010 5 / 24

Introduction ARM TrustZone ARM TrustZone System-wide approach to security (e.g., authentication, DRM) Trust and Non-Trust states (orthogonal to privileges) Monitor mode to switch between them ARM 1176 and Cortex-A series Daniel Sangorrin (Nagoya University) OSPERT 2010 - Brussels Jul 6, 2010 6 / 24

Introduction VMM requirements VMM requirements Support concurrent execution of a GPOS and an RTOS Spatial isolation of the RTOS Time isolation of the RTOS Integrated scheduling of GPOS soft-real time tasks and interrupts Mechanisms to implement health monitoring and device sharing No modifications to the GPOS core Minimum size. Easy to verify. Daniel Sangorrin (Nagoya University) OSPERT 2010 - Brussels Jul 6, 2010 7 / 24

VMM architecture SafeG, a TrustZone monitor SafeG: Implementation of the TrustZone monitor Runs with interrupts disabled (FIQ and IRQ) Isolation: RTOS runs in Trust state, GPOS in Non-Trust state RTOS interrupts (FIQ) can not be disabled by the GPOS (IRQ) The GPOS is represented as an RTOS task RTOS interface (e.g., µitron) can be used on the GPOS Daniel Sangorrin (Nagoya University) OSPERT 2010 - Brussels Jul 6, 2010 8 / 24

VMM architecture SafeG, a TrustZone monitor SafeG Execution paths 1 An FIQ occurs in Trust state 2 An FIQ occurs in Non-Trust state (SafeG switches to Trust state) 3 An IRQ occurs in Non-Trust state 4 SafeG switches state after an SMC call Daniel Sangorrin (Nagoya University) OSPERT 2010 - Brussels Jul 6, 2010 9 / 24

VMM architecture SafeG, a TrustZone monitor SafeG Health monitoring Mechanisms to monitor, suspend, resume and restart the GPOS Daniel Sangorrin (Nagoya University) OSPERT 2010 - Brussels Jul 6, 2010 10 / 24

VMM architecture Cyclic scheduling Black box vs. Integrated cyclic scheduling Synchronization of internal and global scheduler Daniel Sangorrin (Nagoya University) OSPERT 2010 - Brussels Jul 6, 2010 11 / 24

VMM architecture Cyclic scheduling Latency in integrated cyclic scheduling FIQ interrupts and High priority tasks Daniel Sangorrin (Nagoya University) OSPERT 2010 - Brussels Jul 6, 2010 12 / 24

VMM architecture Priority-based scheduling Idle approach GPOS interrupts and tasks scheduled as RTOS idle task Long latencies (e.g., IRQ handlers) Daniel Sangorrin (Nagoya University) OSPERT 2010 - Brussels Jul 6, 2010 13 / 24

VMM architecture Priority-based scheduling ITask-RTask-BTask approach ITask: GPOS interrupts latency RTask: Gives a QoS to GPOS (budget-period) BTask: like Idle approach Daniel Sangorrin (Nagoya University) OSPERT 2010 - Brussels Jul 6, 2010 14 / 24

VMM architecture Priority-based scheduling ITask-RTask-BTask Timeline Daniel Sangorrin (Nagoya University) OSPERT 2010 - Brussels Jul 6, 2010 15 / 24

Implementation Implementation Platform: ARM PB1176JZF-S (210Mhz, 128MB, 32KB Cache) RTOS: TOPPERS/ASP Added overrun handlers (for deferrable servers) Implemented TrustZone device drivers GPOS: GNU/Linux High Vector table (0xFFFF0000) Memory and devices allocation Daniel Sangorrin (Nagoya University) OSPERT 2010 - Brussels Jul 6, 2010 16 / 24

Evaluation SafeG overhead Path WCET (1) While RTOS runs FIQ occurs 0.7µs (2) While GPOS runs FIQ occurs 1.6µs (3) While GPOS runs IRQ occurs 1.2µs (4) Switch from RTOS to GPOS 1.5µs (5) Switch from GPOS to RTOS 1.7µs From ASP IRQ vector until IRQs enabled 5.1µs Daniel Sangorrin (Nagoya University) OSPERT 2010 - Brussels Jul 6, 2010 17 / 24

Evaluation SafeG code verifiability Code and data size (in bytes) text data bss total SafeG 1520 0 448 1968 ASP 34796 0 83140 117936 Linux 1092652 148336 89308 1330296 Safeg size is 1/60 of the size of ASP 304 bytes in.bss are just for the context 4 forks in total: only 8 types of tests needed Daniel Sangorrin (Nagoya University) OSPERT 2010 - Brussels Jul 6, 2010 18 / 24

Evaluation RTOS isolation Latency of the ASP and Linux system timer interrupt ASP timer interrupt latency increased 2us (bounded) 100000 10000 ASP ASP+SafeG Linux Linux+SafeG Occurrences 1000 100 10 1 0 20 40 60 80 100 Timer interrupt latency in µs Daniel Sangorrin (Nagoya University) OSPERT 2010 - Brussels Jul 6, 2010 19 / 24

Evaluation ITask experiment Measure the Serial driver interrupt latency on Linux RTOS tasks: task priority period duration utilization 1 high 50ms 10ms 20% 2 low 300ms 100ms 33% ITask period: 30ms, budget: 2ms Serial driver latency (in µs): approach min avg max alone 15.7 15.81 19.47 idle 14.6 22681 113833 itask 15.45 2292 30275 Daniel Sangorrin (Nagoya University) OSPERT 2010 - Brussels Jul 6, 2010 20 / 24

Evaluation RTask experiment Execute the cyclictest program in the GPOS Periodic thread that measures the wake up latency Daniel Sangorrin (Nagoya University) OSPERT 2010 - Brussels Jul 6, 2010 21 / 24

Conclusions Conclusions SafeG A reliable dual hypervisor for embedded real-time systems VM Integrated Scheduling Cyclic scheduler ITask-RTask-BTask approach ARM TrustZone security extensions Useful for virtualization Proposal: Cache separation Proposal: Instruction for context switch Daniel Sangorrin (Nagoya University) OSPERT 2010 - Brussels Jul 6, 2010 22 / 24

Conclusions Future work Refine Integrated Scheduling with voluntary return Fine-grained control of tasks and interrupts May require GPOS core modifications Android on the Non-Trust side Inter-VM communications Multi-core porting (Cortex-A9) Daniel Sangorrin (Nagoya University) OSPERT 2010 - Brussels Jul 6, 2010 23 / 24

Conclusions Questions Thank you for your attention T tbšlhftvd~w_ Daniel Sangorrin (Nagoya University) OSPERT 2010 - Brussels Jul 6, 2010 24 / 24

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information