Presentation is loading. Please wait.

Presentation is loading. Please wait.

Presented By, Bhargavi Konduru.  Nowadays, most electronic appliances have computing capabilities that run on embedded operating system (OS) kernels,

Published byBetty Underwood Modified over 8 years ago

Similar presentations

Presentation on theme: "Presented By, Bhargavi Konduru.  Nowadays, most electronic appliances have computing capabilities that run on embedded operating system (OS) kernels,"— Presentation transcript:

1 Presented By, Bhargavi Konduru

2  Nowadays, most electronic appliances have computing capabilities that run on embedded operating system (OS) kernels, which provide basic execution primitives that can be commonly used by many appliances.  The recent emergence of digital appliances requires more advancde features, such as networking and GUI, which dramatically complicates the appliances’ software systems and increases their code size.  Networked systems need to be prepared for attacks through the internet.

3  Users software systems must be more robust than ordinary personal computer systems.  Building such large, complex, and robust software systems on embedded kernels with the absence of a protection domain is very difficult as software bugs can cause system malfunction, data corruption, security breaches, or even system destruction.  To reduce the problem of the attacks a new system architecture is proposed in this paper.

4  A system architecture that co-locates multiple embedded operating systems on a microkernel is proposed.  It employs a microkernel to provide protected execution environment for the existing embedded kernels that have no protection mechanism.  No need to run the existing software on different operating systems as the same protection domain is shared.  As the micro kernel supports multiple protected execution environments, we can run multiple instances along with the applications.

5  System reinforces reliability and security, as the applications and servers can be decoupled to different protection domains.  The microkernel performs the scheduling of embedded kernel instances.  Here a system is developed that consists of a TL4 microkernel and a μITRON kernel.

6  It enables the provision of protected domains without affecting the compatibility of the kernel APIs by employing a microkernel.  It can achieve maximum reusability of the existing software resources including embedded OS kernels and their applications.  It enables the schedulability analysis of real-time tasks on an embedded OS kernel.  These features can protect the existing software resources, maintain the software quality, and save costs.

7  To accommodate large and complex software systems, new kernels that support protection domains have been created.  But this is considered as a drawback as there will be compatibility issues.  The architecture proposed in this paper enables the reuse of the current kernel, by co-locating multiple kernels on a micro kernel.  The proposed architecture incorporates the hierarchical CPU scheduling to handle the multiple independent instances of a real time kernel.

8

9  It consists of TL4 microkernel, the multiple instances of a μITRON kernel.  Multiple applications can run within a single instance of a μITRON kernel.  Applications can access services provided by servers through server proxies.  Only TL4 microkernel executes in the privileged mode directly on top of hardware. It provides protection domains, threads, and IPC.  The misbehaviors of applications do not cause data destruction in servers protection domains as different protection domains are allocated for applications and servers.

10

11  It can effectively utilize multiple protection domains.  Mainly a protection domain should be dedicated to personal data file services in order to isolate personal data files from any illegal access.  Network services are isolated in another protection domain since a network subsystem is the most likely an entry point for a system to be compromised.  Local device servers implement the drivers of devices shared by applications and the other services

12  We can make system consume less resources by using protection domain.  It is desirable to dedicate a protection domain to an application program when it is not trusted or it needs to be installed from the internet.  Another use of protection domain is for debugging, as it is usually difficult to find bugs that share the same domain.  Out of range memory references can be easily detected.

13  TL4 microkernel is based on L4 μ-kernel and is enhanced to enable the execution of multiple μITRON kernel instances.  TL4 microkernel inherits L4 μ-kernel’s simple abstractions, that include threads, protection domains, memory pages, and IPC.  Here TL4 microkernel’s execution entities are referred as threads and μITRON kernel’s execution entities are referred to as tasks or applications.

14  A μITRON kernel is a simple embedded real-time kernel that provides real-time tasks, synchronization and communication mechanisms and device drivers.  It is divided in to 3 parts Machine Independent Part Machine dependent part Processor Emulator

15

16  To maximize the reusability and minimize the modifications, a layer called processor emulator is introduced that emulates the hardware and encapsulates the differences from the hardware.  The processor emulator deals with interrupts, time management, scheduling events, and the idle state.  Controlling Interrupts: Interrupts are disabled by setting a flag and enabled by a message notification.  Time Management: Here we need to consider the scheduling of the timer interrupt emulation threads for those kernel instances.

17  Dealing with external scheduling events: It happens when an interrupt occurs and a higher priority task wakes up.  Dealing with Idle State: When all tasks are blocked and there is no task to run in a ITRON kernel, the kernel falls into the idle state. Here the main execution thread needs to block in order to avoid disturbing the other instances execution.

18  Enhancements:  Scheduler: Here the scheduler determines which thread to run as each instance has a thread queue that maintains runnable threads of the instance.  Scheduling of Interrupt Emulation Threads: It has three States. The instance is running The instance is runnable but not running The instance is not runnable

19  As the implementation of the system is finished and described let us see the evaluation of the system.  Memory Footprints: It shows the memory sizes consumed to run a single instance of μITRON kernel on TL4 microkernel.  The memory footprint of a μITRON kernel instance on TL4 microkernel is 63KB, which is slightly smaller than the original μITRON kernel.

20

21  Invocation Latencies: Latencies from the software entry point of interrupt are measured.  They are measured by considering two tasks Application task 1 and Application task 2.  Latency values are measured for both cases of μITRON kernel on TL4kernel and μITRONkernel on hardware.  The results show that the μITRONkernel on TL4 kernel outperforms the μITRONkernel on the hardware.

22

23

24  Here the authors proposed an alternative approach to introduce protected domains to the existing embedded systems.  This approach employs a microkernel to provide protected execution environments for the existing embedded kernels.  It can achieve the maximum reusability of the existing software resources including embedded OS kernels and their applications.  Future work includes creating more realistic and practical setup, and more accurate system and its evaluation.

25  G. Bollella and K. Jeffay. Support for Real-Time Computing within General Purpose Operating Systems - Supporting Co-Resident Operating Systems. In Proceedings of the 1st IEEE Real-Time Technology and Applications Symposium, May 1995.  R. J. Creasy. The Origin of the VM/370 Time-Sharing System. IBM Journal of Research and Development, 25 (5), 1981.  R. P. Goldberg. Survey of Virtual Machine Research. IEEE Computer Magazine, pages 34–45, June 1974.  G. W. Dunlap, S. T. King, S. Cinar, M. Basrai, P. M. Chen. ReVirt: EnablingIntrusion Analysis through Virtual-Machine Logging and Replay.In Proceedings of the 2002 Symposium on Operating Systems Design and Implementation, December 2002.  T. Garfinkel and M. Rosenblum. A Virtual Machine Introspection BasedArchitecture for Intrusion Detection. In Proceedings of the Internet Society’s 2003 Symposium on Network and Distributed System Security, February 2003.  S. T. King, G. W. Dunlap, and P. M. Chen. Operating System Support for Virtual Machines. In Proceedings of the 2003 Annual USENIX Technical Conference, June 2003.  J. Sugerman, G. Venkitachalam, and B. H. Lim. Virtualizing I/O Devices on VMware Workstation’s Hosted Virtual Machine Monitor. In Proceedings of 2001 USENIX Annual Technical Conference, 2001.  H. Takada ed. μITRON4.0 Specification. TRON Association, 1999. (In Japanese)  H. Takada ed. μITRON4.0/PX Specification: Protection MechanismExtension to μITRON4.0 Specification. TRON Association Version Up WG, 2002. (In Japanese)

26

Download ppt "Presented By, Bhargavi Konduru.  Nowadays, most electronic appliances have computing capabilities that run on embedded operating system (OS) kernels,"

Similar presentations

MicroKernel Pattern Presented by Sahibzada Sami ud din Kashif Khurshid.

MicroKernel Pattern Presented by Sahibzada Sami ud din Kashif Khurshid.
Introduction CSCI 444/544 Operating Systems Fall 2008.

Introduction CSCI 444/544 Operating Systems Fall 2008.
Virtual Machine Security Design of Secure Operating Systems Summer 2012 Presented By: Musaad Alzahrani.

Virtual Machine Security Design of Secure Operating Systems Summer 2012 Presented By: Musaad Alzahrani.
Chapter 13 Embedded Systems

Chapter 13 Embedded Systems
Chapter 13 Embedded Systems Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,

Chapter 13 Embedded Systems Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
ECE 526 – Network Processing Systems Design Software-based Protocol Processing Chapter 7: D. E. Comer.

ECE 526 – Network Processing Systems Design Software-based Protocol Processing Chapter 7: D. E. Comer.
CS-3013 & CS-502, Summer 2006 Virtual Machine Systems1 CS-502 Operating Systems Slides excerpted from Silbershatz, Ch. 2.

CS-3013 & CS-502, Summer 2006 Virtual Machine Systems1 CS-502 Operating Systems Slides excerpted from Silbershatz, Ch. 2.
INTRODUCTION OS/2 was initially designed to extend the capabilities of DOS by IBM and Microsoft Corporations. To create a single industry-standard operating.

INTRODUCTION OS/2 was initially designed to extend the capabilities of DOS by IBM and Microsoft Corporations. To create a single industry-standard operating.
Operating System Structure. Announcements Make sure you are registered for CS 415 First CS 415 project is up –Initial design documents due next Friday,

Operating System Structure. Announcements Make sure you are registered for CS 415 First CS 415 project is up –Initial design documents due next Friday,
Chapter 13 Embedded Systems

Chapter 13 Embedded Systems
Cs238 Lecture 3 Operating System Structures Dr. Alan R. Davis.

Cs238 Lecture 3 Operating System Structures Dr. Alan R. Davis.
The Design of Robust and Efficient Microkernel ManRiX, The Design of Robust and Efficient Microkernel Presented by: Manish Regmi

The Design of Robust and Efficient Microkernel ManRiX, The Design of Robust and Efficient Microkernel Presented by: Manish Regmi
Slide 3-1 Copyright © 2004 Pearson Education, Inc. Operating Systems: A Modern Perspective, Chapter 3 Operating System Organization.

Slide 3-1 Copyright © 2004 Pearson Education, Inc. Operating Systems: A Modern Perspective, Chapter 3 Operating System Organization.
Dreams in a Nutshell Steven Sommer Microsoft Research Institute Department of Computing Macquarie University.

Dreams in a Nutshell Steven Sommer Microsoft Research Institute Department of Computing Macquarie University.
CSE598C Virtual Machines and Their Applications Operating System Support for Virtual Machines Coauthored by Samuel T. King, George W. Dunlap and Peter.

CSE598C Virtual Machines and Their Applications Operating System Support for Virtual Machines Coauthored by Samuel T. King, George W. Dunlap and Peter.
Chapter 2 Operating System Overview Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,

Chapter 2 Operating System Overview Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
Chapter 3 Operating Systems Introduction to CS 1 st Semester, 2015 Sanghyun Park.

Chapter 3 Operating Systems Introduction to CS 1 st Semester, 2015 Sanghyun Park.
Chapter 2 Operating System Overview Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,

Chapter 2 Operating System Overview Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
Operating System Overview

Operating System Overview
Operating System A program that controls the execution of application programs An interface between applications and hardware 1.

Operating System A program that controls the execution of application programs An interface between applications and hardware 1.

Similar presentations

Ads by Google