Isolating Real-Time Safety-Critical Embedded Systems via SGX-Based Lightweight Virtualization

Simone, Luigi De; Mazzeo, Giovanni

doi:10.1109/issrew.2019.00089

Cited by 8 publications

(3 citation statements)

References 29 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To fulfill the need of safety-critical real-time systems and streamline the certification process, the authors in [40] examined the benefits of utilizing both SGX isolation and unikernel features. Another proposed framework for real-time orchestration introduces extensive modifications of the Kubernetes code-base and uses a unique patch for the Linux kernel to deploy best-effort and real-time tasks [41].…”

Section: Related Workmentioning

confidence: 99%

Enabling Kubernetes Orchestration of Mixed-Criticality Software for Autonomous Mobile Robots

Lumpp,

Fummi,

Patel

et al. 2024

IEEE Trans. Robot.

View full text Add to dashboard Cite

Containerization and orchestration have become two key requirements in software development best practices. Containerization allows for better resource utilization, platform-independent development, and secure deployment of software. Orchestration automates the deployment, networking, scaling, and availability of containerized workloads and services. While containerization is increasingly being adopted in the robotic community, the use of task orchestration platforms (e.g., Kubernetes) is still an open challenge. The biggest limitation is due to the fact that state-of-the-art orchestrators do not support real-time containers, while advanced robotic software often consists of a mix of heterogeneous tasks (i.e., ROS nodes) with different levels of temporal constraints (i.e., mixed-criticality systems). This work addresses this challenge by presenting RT-Kube, a platform that extends the de-facto reference standard for container orchestration, Kubernetes, to schedule tasks with mixed-criticality requirements. It implements monitoring of tasks and detects missed deadlines for those with real-time constraints. It selects low-priority tasks to be migrated at runtime to different units of the computing cluster to free resources and recover from temporal violations. We present quantitative experimental results on the software implementing the mission of a Robotnik RB-Kairos mobile robot to demonstrate the effectiveness of the proposed approach. The source code is publicly available on GitHub.

show abstract

Section: Related Workmentioning

confidence: 99%

Enabling Kubernetes Orchestration of Mixed-Criticality Software for Autonomous Mobile Robots

Lumpp,

Fummi,

Patel

et al. 2024

IEEE Trans. Robot.

View full text Add to dashboard Cite

show abstract

“…236 This is enabled by the concept of hardware virtualization 237 supported by higher core processing power. 238 A partitioned OFP software design, as demonstrated by Lim et al, 2012, divided into core hardware interface and application modules with submodules for various avionics functions, provides a "separation of concerns," where a fault in one partition does not affect the other. Lim et al, 2012, concludes that "robust partitioning of software can easily and costeffectively obtain software safety assurance" (for the DO-178 B/C) " [and] each partition can be designed and developed by a specialized company reducing the cost."…”

Section: Timely and Cost-effective Software Safety Certificationmentioning

confidence: 99%

Outsmarting Agile Adversaries in the Electromagnetic Spectrum

2023

View full text Add to dashboard Cite

Adversaries and competitors are seeking to offset the United States' historical ability to operate within and through the electromagnetic spectrum (EMS) by making their systems more complex and adaptable-and therefore more difficult for U.S. platforms to detect, identify, evade, or counter. This presents an enormous challenge to the U.S. Air Force (USAF) electronic warfare integrated reprogramming (EWIR) enterprise. The USAF's EWIR enterprise is responsible for the fully integrated operations of compiling intelligence on adversary threats that emit in the EMS (in particular, radars and jammers) and configuring 1 electronic warfare (EW) equipment to enable aircraft or other USAF resources to react to and/or respond to adverse changes in the EMS environment. The USAF is actively exploring how best to achieve faster, cutting-edge EMS capabilities. To assist in this effort, RAND Project AIR FORCE (PAF) examined how adversary capabilities in the EMS are evolving, how fast EW-related software reprogramming needs to be to keep up with the threat, what obstacles exist within the current intel-to-reprogramming process, and what advanced technologies are needed to achieve necessary improvements. PAF's work is centered on what is currently known as EWIR but is scoped to cover the broader range of issues related to the role of data and software in enabling EMS operations and is intended for a broad audience concerned with military planning, budgeting, and operations.The research reported here was commissioned by the Plans, Programs and Requirements Directorate, Headquarters Air Combat Command (ACC A5/8/9) and conducted within the Force Modernization and Employment Program of RAND Project AIR FORCE as part of a fiscal year 2021 project, "Improving Speed and Security in Electronic Warfare Integrated Reprogramming." A related executive summary provides an overview of conclusions and recommendations. 2 RAND Project AIR FORCERAND Project AIR FORCE (PAF), a division of the RAND Corporation, is the Department of the Air Force's (DAF's) federally funded research and development center for studies and analyses, supporting both the United States Air Force and the United States Space Force. PAF provides the DAF with independent analyses of policy alternatives affecting the development, employment, combat readiness, and support of current and future air, space, and cyber forces.1 This configuration is generally done digitally and may include new uploads of data, software code, and firmware. Therefore, it is termed reprogramming. However, we note that it may also include changes to switches, dials, and other manually manipulated controls of the EW equipment.

show abstract

“…In literature, there were very few studies that leverage Intel SGX extensions to design real-time mixed-criticality systems. One study that is worth mentioning is provided with a positioning paper by De Simone et al [104], which explored the possibility of using the SGX to enforce the isolation among critical tasks running on top of unikernel-based hypervisor [105,106]. The most explored approach has been to use the security features of ARM TrustZone.…”

Section: Arm Trustzone-assisted Virtualizationmentioning

confidence: 99%

Virtualizing Mixed-Criticality Systems: A Survey on Industrial Trends and Issues

Cinque,

Cotroneo,

De Simone

et al. 2021

Preprint

Self Cite

View full text Add to dashboard Cite

Virtualization is gaining attraction in the industry as it promises a flexible way to integrate, manage, and re-use heterogeneous software components with mixed-criticality levels, on a shared hardware platform, while obtaining isolation guarantees. This work surveys the state-of-the-practice of real-time virtualization technologies by discussing common issues in the industry. In particular, we analyze how different virtualization approaches and solutions can impact isolation guarantees and testing/certification activities, and how they deal with dependability challenges. The aim is to highlight current industry trends and support industrial practitioners to choose the most suitable solution according to their application domains.

show abstract

Isolating Real-Time Safety-Critical Embedded Systems via SGX-Based Lightweight Virtualization

Cited by 8 publications

References 29 publications

Enabling Kubernetes Orchestration of Mixed-Criticality Software for Autonomous Mobile Robots

Enabling Kubernetes Orchestration of Mixed-Criticality Software for Autonomous Mobile Robots

Outsmarting Agile Adversaries in the Electromagnetic Spectrum

Virtualizing Mixed-Criticality Systems: A Survey on Industrial Trends and Issues

Contact Info

Product

Resources

About