μRTZvisor: A secure and safe real-time hypervisor

Bibliographic Details
Main Author: Martins, José
Publication Date: 2017
Other Authors: Alves, João, Cabral, Jorge, Tavares, Adriano, Pinto, Sandro
Format: Article
Language: eng
Source: Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
Download full: https://hdl.handle.net/1822/52161
Summary: Virtualization has been deployed as a key enabling technology for coping with the ever growing complexity and heterogeneity of modern computing systems. However, on its own, classical virtualization is a poor match for modern endpoint embedded system requirements such as safety, security and real-time, which are our main target. Microkernel-based approaches to virtualization have been shown to bridge the gap between traditional and embedded virtualization. This notwithstanding, existent microkernel-based solutions follow a highly para-virtualized approach, which inherently requires a significant software engineering effort to adapt guest operating systems (OSes) to run as userland component s. In this paper, we present μRTZVisor as a new TrustZone-assisted hypervisor that distinguishes itself from state-of-the-art TrustZone solutions by implementing a microkernel-like architecture while following an object-oriented approach. Contrarily to existing microkernel-based solutions, μRTZVisor is able to run nearly unmodified guest OSes, while, contrarily to existing TrustZone-assisted solutions, it provides a high degree of functionality and configurability, placing strong emphasis on the real-time support. Our hypervisor was deployed and evaluated on a Xilinx Zynq-based platform. Experiments demonstrate that the hypervisor presents a small trusted computing base size (approximately 60KB), and a performance overhead of less than 2% for a 10 ms guest-switching rate.
id RCAP_1488dc37325513302044ef21abd4382f
oai_identifier_str oai:repositorium.sdum.uminho.pt:1822/52161
network_acronym_str RCAP
network_name_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository_id_str 7160
spelling μRTZvisor: A secure and safe real-time hypervisorArmHypervisorMicrokernelReal-timeSafetySecurityTrustZoneVirtualizationScience & TechnologyVirtualization has been deployed as a key enabling technology for coping with the ever growing complexity and heterogeneity of modern computing systems. However, on its own, classical virtualization is a poor match for modern endpoint embedded system requirements such as safety, security and real-time, which are our main target. Microkernel-based approaches to virtualization have been shown to bridge the gap between traditional and embedded virtualization. This notwithstanding, existent microkernel-based solutions follow a highly para-virtualized approach, which inherently requires a significant software engineering effort to adapt guest operating systems (OSes) to run as userland component s. In this paper, we present μRTZVisor as a new TrustZone-assisted hypervisor that distinguishes itself from state-of-the-art TrustZone solutions by implementing a microkernel-like architecture while following an object-oriented approach. Contrarily to existing microkernel-based solutions, μRTZVisor is able to run nearly unmodified guest OSes, while, contrarily to existing TrustZone-assisted solutions, it provides a high degree of functionality and configurability, placing strong emphasis on the real-time support. Our hypervisor was deployed and evaluated on a Xilinx Zynq-based platform. Experiments demonstrate that the hypervisor presents a small trusted computing base size (approximately 60KB), and a performance overhead of less than 2% for a 10 ms guest-switching rate.This work has been supported by COMPETE: POCI-01-0145-FEDER-007043 and FCT-Fundacao para a Ciencia e Tecnologia within the Project Scope: UID/CEC/00319/2013.info:eu-repo/semantics/publishedVersionMDPIUniversidade do MinhoMartins, JoséAlves, JoãoCabral, JorgeTavares, AdrianoPinto, Sandro20172017-01-01T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/articleapplication/pdfhttps://hdl.handle.net/1822/52161engMartins, J.; Alves, J.; Cabral, J.; Tavares, A.; Pinto, S. μRTZVisor: A Secure and Safe Real-Time Hypervisor. Electronics 2017, 6, 93. https://doi.org/10.3390/electronics60400932079-929210.3390/electronics6040093https://www.mdpi.com/2079-9292/6/4/93info:eu-repo/semantics/openAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2023-12-16T01:18:09Zoai:repositorium.sdum.uminho.pt:1822/52161Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-19T18:52:08.001069Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse
dc.title.none.fl_str_mv μRTZvisor: A secure and safe real-time hypervisor
title μRTZvisor: A secure and safe real-time hypervisor
spellingShingle μRTZvisor: A secure and safe real-time hypervisor
Martins, José
Arm
Hypervisor
Microkernel
Real-time
Safety
Security
TrustZone
Virtualization
Science & Technology
title_short μRTZvisor: A secure and safe real-time hypervisor
title_full μRTZvisor: A secure and safe real-time hypervisor
title_fullStr μRTZvisor: A secure and safe real-time hypervisor
title_full_unstemmed μRTZvisor: A secure and safe real-time hypervisor
title_sort μRTZvisor: A secure and safe real-time hypervisor
author Martins, José
author_facet Martins, José
Alves, João
Cabral, Jorge
Tavares, Adriano
Pinto, Sandro
author_role author
author2 Alves, João
Cabral, Jorge
Tavares, Adriano
Pinto, Sandro
author2_role author
author
author
author
dc.contributor.none.fl_str_mv Universidade do Minho
dc.contributor.author.fl_str_mv Martins, José
Alves, João
Cabral, Jorge
Tavares, Adriano
Pinto, Sandro
dc.subject.por.fl_str_mv Arm
Hypervisor
Microkernel
Real-time
Safety
Security
TrustZone
Virtualization
Science & Technology
topic Arm
Hypervisor
Microkernel
Real-time
Safety
Security
TrustZone
Virtualization
Science & Technology
description Virtualization has been deployed as a key enabling technology for coping with the ever growing complexity and heterogeneity of modern computing systems. However, on its own, classical virtualization is a poor match for modern endpoint embedded system requirements such as safety, security and real-time, which are our main target. Microkernel-based approaches to virtualization have been shown to bridge the gap between traditional and embedded virtualization. This notwithstanding, existent microkernel-based solutions follow a highly para-virtualized approach, which inherently requires a significant software engineering effort to adapt guest operating systems (OSes) to run as userland component s. In this paper, we present μRTZVisor as a new TrustZone-assisted hypervisor that distinguishes itself from state-of-the-art TrustZone solutions by implementing a microkernel-like architecture while following an object-oriented approach. Contrarily to existing microkernel-based solutions, μRTZVisor is able to run nearly unmodified guest OSes, while, contrarily to existing TrustZone-assisted solutions, it provides a high degree of functionality and configurability, placing strong emphasis on the real-time support. Our hypervisor was deployed and evaluated on a Xilinx Zynq-based platform. Experiments demonstrate that the hypervisor presents a small trusted computing base size (approximately 60KB), and a performance overhead of less than 2% for a 10 ms guest-switching rate.
publishDate 2017
dc.date.none.fl_str_mv 2017
2017-01-01T00:00:00Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/article
format article
status_str publishedVersion
dc.identifier.uri.fl_str_mv https://hdl.handle.net/1822/52161
url https://hdl.handle.net/1822/52161
dc.language.iso.fl_str_mv eng
language eng
dc.relation.none.fl_str_mv Martins, J.; Alves, J.; Cabral, J.; Tavares, A.; Pinto, S. μRTZVisor: A Secure and Safe Real-Time Hypervisor. Electronics 2017, 6, 93. https://doi.org/10.3390/electronics6040093
2079-9292
10.3390/electronics6040093
https://www.mdpi.com/2079-9292/6/4/93
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.publisher.none.fl_str_mv MDPI
publisher.none.fl_str_mv MDPI
dc.source.none.fl_str_mv reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron:RCAAP
instname_str Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron_str RCAAP
institution RCAAP
reponame_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
collection Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository.name.fl_str_mv Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
repository.mail.fl_str_mv
_version_ 1799132296147632128

Similar Items