Virtual Open Systems Scientific Publications
Applications in Electronics Pervading Industry, Environment and Society 2020 (ApplePies).
Mixed criticality, VM high performance, x86 SMM, virtualization, security.
As autonomous driving, industry 4.0, smart cities, etc. become very popular, safety relevant computing is demanding high performance processors to manage an increasing number of sensors, actuators and control units. In this context, safety critical environments (typically run by real time operating systems) have to co-exist with one or multiple functional rich environments, e.g., Linux. Existing virtualization technologies today are considered not secure enough to isolate these two execution environment types. For this reason this paper evaluates x86 System Management Mode (SMM) for mixed critical virtualization solutions. Considering them as key performance indicators, interrupt context switch and the minimal round trip time overheads have been measured. The obtained results on an Intel platform of respectively 1.39 and 12.73 microseconds, confirm a high potential for SMM. At the best of our knowledge, this is the first work considering SMM as possible solution for mixed critical environments.
Mixed critical systems are today increasingly important with the emergence of autonomous driving, industrial internet of things, smart cities applications. In fact, there is a need to combine software with different levels of criticality in a single platform, to satisfy both certification (e.g., ISO26262 for automotive, IEC61511 for industry, etc.) and user experience requirements (Linux, Android, etc.). An example of mixed critical application is certainly the cockpit of a road vehicle, where safety related warning icons driven by a Real Time Operating System (RTOS) coexist with infotainment (connectivity, radio, road sign recognition, etc.) based on Linux. The performance requirement of mixed criticality systems are increasing as well, driven by autonomous driving, industry 4.0, etc. In this context, there is a need of virtualization solutions that enable a safe and performant execution of different operating systems. Key requirements for such solutions are: i) strong isolation in terms of memory, CPU and IO, ii) low overhead and iii) certifiability. Existing technologies today, i.e., certified hypervisors, leverage low footprint and CPU virtualization extensions to address requirements. However, there are important security issues with virtualization, mainly due to the fact that this technology has not been designed with security or functional safety in mind. For this reason, looking for a solution that provides high computing power and robustness in terms of security and functional safety, this paper proposes to use x86 based processors System Management Mode (SMM) for mixed critical applications. In fact SMM provides a strongly isolated execution environments that runs no intermediation (low overhead) and benefits from a very thin Trusted Computing Base (certifiability). The key idea behind this is to use the isolation provided by SMM to protect the safety critical execution environment, while the feature rich execution environment is run transparently on the system. In this paper, feasibility of this approach is evaluated by measuring the overhead that would be introduced in CPU context-switch operations between an operating system in SMM mode and Linux.
Access the full content of this publication
Login or register to access full information
- Vosysmonitor ecrts2017
- Rdma virtualization hpcs2017
- Hpc exascale dsd2017
- Vfpgamanager reconfig2017
- Safe split display icons2018
- Edge vim bmsb2018
- Openflow vswitch fmec18
- Vosysvirtualnet sies2018
- Egvirt als2018
- Vfpgamanager bmsb2018
- Microvm benchmark eucnc2018
- Vosysmonitor safety fruct23
- Egvirt aglamm2018
- Trustedvim wcnc2019
- Geofencing trustedvim eucnc2019
- Vfpgamanager eucnc2019
- 5gcity edge virt 5gwf2019
- Vosysmonitorv risc v meco2021