Towards a trustZone-assisted hypervisor for real-time embedded systems

Detalhes bibliográficos
Autor(a) principal: Pinto, Sandro
Data de Publicação: 2017
Outros Autores: Pereira, Jorge, Gomes, Tiago Manuel Ribeiro, Ekpanyapong, Mongkol, Tavares, Adriano
Tipo de documento: Artigo
Idioma: eng
Título da fonte: Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
Texto Completo: https://hdl.handle.net/1822/81651
Resumo: Virtualization technology starts becoming more and more widespread in the embedded space. The penalties incurred by standard software-based virtualization is pushing research towards hardware-assisted solutions. Among the existing commercial off-the-shelf technologies for secure virtualization, ARM TrustZone is attracting particular attention. However, it is often seen with some scepticism due to the dual-OS limitation of existing state-of-the-art solutions. This letter presents the implementation of a TrustZone-based hypervisor for real-time embedded systems, which allows multiple RTOS partitions on the same hardware platform. The results demonstrate that virtualization overhead is less than 2 percent for a 10 milliseconds guest-switching rate, and the system remains deterministic. This work goes beyond related work by implementing a TrustZone-assisted solution that allows the execution of an arbitrary number of guest OSes while providing the foundation to drive next generation of secure virtualization solutions for resource-constrained embedded devices.
id RCAP_0536e573d5302346ba4da2a7522167ff
oai_identifier_str oai:repositorium.sdum.uminho.pt:1822/81651
network_acronym_str RCAP
network_name_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository_id_str 7160
spelling Towards a trustZone-assisted hypervisor for real-time embedded systemsVirtualizationTrustZoneMonitorReal-timeEmbedded systemsRODOSARMScience & TechnologyVirtualization technology starts becoming more and more widespread in the embedded space. The penalties incurred by standard software-based virtualization is pushing research towards hardware-assisted solutions. Among the existing commercial off-the-shelf technologies for secure virtualization, ARM TrustZone is attracting particular attention. However, it is often seen with some scepticism due to the dual-OS limitation of existing state-of-the-art solutions. This letter presents the implementation of a TrustZone-based hypervisor for real-time embedded systems, which allows multiple RTOS partitions on the same hardware platform. The results demonstrate that virtualization overhead is less than 2 percent for a 10 milliseconds guest-switching rate, and the system remains deterministic. This work goes beyond related work by implementing a TrustZone-assisted solution that allows the execution of an arbitrary number of guest OSes while providing the foundation to drive next generation of secure virtualization solutions for resource-constrained embedded devices.This work has been supported by COMPETE: POCI-01-0145- FEDER-007043 and FCT – Fundação para a Ciência e Tecnologia – (grant SFRH/BD/91530/2012 and UID/CEC/00319/2013).IEEEUniversidade do MinhoPinto, SandroPereira, JorgeGomes, Tiago Manuel RibeiroEkpanyapong, MongkolTavares, Adriano20172017-01-01T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/articleapplication/pdfhttps://hdl.handle.net/1822/81651engS. Pinto, J. Pereira, T. Gomes, M. Ekpanyapong and A. Tavares, "Towards a TrustZone-Assisted Hypervisor for Real-Time Embedded Systems," in IEEE Computer Architecture Letters, vol. 16, no. 2, pp. 158-161, 1 July-Dec. 2017, doi: 10.1109/LCA.2016.2617308.1556-605610.1109/LCA.2016.2617308https://ieeexplore.ieee.org/document/7590042info:eu-repo/semantics/openAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2023-07-21T12:29:20Zoai:repositorium.sdum.uminho.pt:1822/81651Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-19T19:24:18.613746Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse
dc.title.none.fl_str_mv Towards a trustZone-assisted hypervisor for real-time embedded systems
title Towards a trustZone-assisted hypervisor for real-time embedded systems
spellingShingle Towards a trustZone-assisted hypervisor for real-time embedded systems
Pinto, Sandro
Virtualization
TrustZone
Monitor
Real-time
Embedded systems
RODOS
ARM
Science & Technology
title_short Towards a trustZone-assisted hypervisor for real-time embedded systems
title_full Towards a trustZone-assisted hypervisor for real-time embedded systems
title_fullStr Towards a trustZone-assisted hypervisor for real-time embedded systems
title_full_unstemmed Towards a trustZone-assisted hypervisor for real-time embedded systems
title_sort Towards a trustZone-assisted hypervisor for real-time embedded systems
author Pinto, Sandro
author_facet Pinto, Sandro
Pereira, Jorge
Gomes, Tiago Manuel Ribeiro
Ekpanyapong, Mongkol
Tavares, Adriano
author_role author
author2 Pereira, Jorge
Gomes, Tiago Manuel Ribeiro
Ekpanyapong, Mongkol
Tavares, Adriano
author2_role author
author
author
author
dc.contributor.none.fl_str_mv Universidade do Minho
dc.contributor.author.fl_str_mv Pinto, Sandro
Pereira, Jorge
Gomes, Tiago Manuel Ribeiro
Ekpanyapong, Mongkol
Tavares, Adriano
dc.subject.por.fl_str_mv Virtualization
TrustZone
Monitor
Real-time
Embedded systems
RODOS
ARM
Science & Technology
topic Virtualization
TrustZone
Monitor
Real-time
Embedded systems
RODOS
ARM
Science & Technology
description Virtualization technology starts becoming more and more widespread in the embedded space. The penalties incurred by standard software-based virtualization is pushing research towards hardware-assisted solutions. Among the existing commercial off-the-shelf technologies for secure virtualization, ARM TrustZone is attracting particular attention. However, it is often seen with some scepticism due to the dual-OS limitation of existing state-of-the-art solutions. This letter presents the implementation of a TrustZone-based hypervisor for real-time embedded systems, which allows multiple RTOS partitions on the same hardware platform. The results demonstrate that virtualization overhead is less than 2 percent for a 10 milliseconds guest-switching rate, and the system remains deterministic. This work goes beyond related work by implementing a TrustZone-assisted solution that allows the execution of an arbitrary number of guest OSes while providing the foundation to drive next generation of secure virtualization solutions for resource-constrained embedded devices.
publishDate 2017
dc.date.none.fl_str_mv 2017
2017-01-01T00:00:00Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/article
format article
status_str publishedVersion
dc.identifier.uri.fl_str_mv https://hdl.handle.net/1822/81651
url https://hdl.handle.net/1822/81651
dc.language.iso.fl_str_mv eng
language eng
dc.relation.none.fl_str_mv S. Pinto, J. Pereira, T. Gomes, M. Ekpanyapong and A. Tavares, "Towards a TrustZone-Assisted Hypervisor for Real-Time Embedded Systems," in IEEE Computer Architecture Letters, vol. 16, no. 2, pp. 158-161, 1 July-Dec. 2017, doi: 10.1109/LCA.2016.2617308.
1556-6056
10.1109/LCA.2016.2617308
https://ieeexplore.ieee.org/document/7590042
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.publisher.none.fl_str_mv IEEE
publisher.none.fl_str_mv IEEE
dc.source.none.fl_str_mv reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron:RCAAP
instname_str Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron_str RCAAP
institution RCAAP
reponame_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
collection Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository.name.fl_str_mv Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
repository.mail.fl_str_mv
_version_ 1799132721265508352

Registros relacionados