ABSTRACT
We present Hermes, a hypervisor for MMU-less microcontrollers. Hermes enables high-performance bare metal applications to coexist with RTOSes and other less time-critical software on a single CPU. We experimentally demonstrate that a real-time operating system scheduler does not always provide deterministic response times for I/O events, which can cause real-time workloads to be unschedulable. Hermes solves this problem by adding a layer of abstraction between the hardware I/O devices and the software that services them, making I/O transactions truly deterministic. Virtualization on low-power mobile and embedded systems also enables some interesting software capabilities like secure execution of third-party apps, software integrity attestation, and bare metal performance in a multitasking software environment. These features otherwise require additional hardware (i.e. multiple CPUs, hardware TPM, etc) or may not be available at all. In other projects, we have anecdotally noticed that real time operating systems are not always able to respond quickly and deterministically enough to time-sensitive operations, particularly under high I/O load. We validate this observed timing problem by measuring interrupt latency in an RTOS environment and comparing to an experimental implementation of Hermes. We find that not only is the interrupt latency lower in the virtualized environment, but it is also much more deterministic---a key figure of merit for real-time software systems. We discuss challenges of implementing a hypervisor on a CPU with no memory management unit, and we present some preliminary solutions and workarounds. We go on to explore some other applications of virtualization to mobile and IoT software.
- Stefan Berger, Ramón Cáceres, Kenneth A. Goldman, Ronald Perez, Reiner Sailer, and Leendert van Doorn. 2006. vTPM: Virtualizing the Trusted Platform Module. In Proceedings of the 15th Conference on USENIX Security Symposium - Volume 15 (U15 (USENIX-SS'06). USENIX Association, Berkeley, CA, USA, Article 21. http://dl.acm.org/citation.cfm?id=1267336.1267357 Google ScholarDigital Library
- Richard Berry. 2017. FreeRTOS. (2017). http://www.freertos.org.Google Scholar
- Brad Brannon and Allen Barlow. 2006. Aperture uncertainty and ADC system performance. Application Note AN501 (2006).Google Scholar
- Claude Castelluccia, Aurélien Francillon, Daniele Perito, and Claudio Soriente. 2009. On the Difficulty of Software-based Attestation of Embedded Devices. In Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS '09). ACM, New York, NY, USA, 400--409. Google ScholarDigital Library
- Yeongpil Cho, Junbum Shin, Donghyun Kwon, MyungJoo Ham, Yuna Kim, and Yunheung Paek. 2016. Hardware-Assisted On-Demand Hypervisor Activation for Efficient Security Critical Code Execution on Mobile Devices. In 2016 USENIX Annual Technical Conference (USENIX ATC 16). USENIX Association, Denver, CO, 565--578. https://www.usenix.org/conference/atc16/technical-sessions/presentation/cho Google ScholarDigital Library
- Atmel Corporation. 2017. SAM E ARM Cortex-M7 Microcontrollers. (2017). http://www.atmel.com/products/microcontrollers/arm/sam-e.aspx.Google Scholar
- Atmel Corporation. 2017. SAM E70 Xplained Evaluation Kit. (2017). http://www.atmel.com/tools/atsame70-xpld.aspx.Google Scholar
- R. J. Creasy. 1981. The Origin of the VM/370 Time-sharing System. IBM J. Res. Dev. 25, 5 (Sept. 1981), 483--490. Google ScholarDigital Library
- Christoffer Dall and Jason Nieh. 2014. KVM/ARM: The Design and Implementation of the Linux ARM Hypervisor. In Proceedings of the 19th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS '14). ACM, New York, NY, USA, 333--348. Google ScholarDigital Library
- Joan G. Dyer, Mark Lindemann, Ronald Perez, Reiner Sailer, Leendert van Doorn, Sean W. Smith, and Steve Weingart. 2001. Building the IBM 4758 Secure Coprocessor. Computer 34, 10 (Oct. 2001), 57--66. Google ScholarDigital Library
- Marisol García-Valls, Tommaso Cucinotta, and Chenyang Lu. 2014. Challenges in real-time virtualization and predictable cloud computing. Journal of Systems Architecture 60, 9 (2014), 726--740. Google ScholarDigital Library
- Neil Klingensmith, Dale Willis, and Suman Banerjee. 2013. A Distributed Energy Monitoring and Analytics Platform and Its Use Cases. In Proceedings of the 5th ACM Workshop on Embedded Systems For Energy-Efficient Buildings (BuildSys'13). ACM, New York, NY, USA, Article 36, 2 pages. Google ScholarDigital Library
- Fabien Le Mentec. 2014. Using the Beaglebone PRU to achieve realtime at low cost. Embedded Related (April 2014). https://www.embeddedrelated.com/showarticle/586.php.Google Scholar
- Carlos Moratelli, Sergio Johann, and Fabiano Hessel. 2016. Exploring Embedded Systems Virtualization Using MIPS Virtualization Module. In Proceedings of the ACM International Conference on Computing Frontiers (CF '16). ACM, New York, NY, USA, 214--221. Google ScholarDigital Library
- Bryan Parno, Jonathan M McCune, and Adrian Perrig. 2010. Bootstrapping trust in commodity computers. In Security and privacy (SP), 2010 IEEE symposium on. IEEE, 414--429. Google ScholarDigital Library
- Himanshu Raj, Stefan Saroiu, Alec Wolman, Ronald Aigner, Jeremiah Cox, Paul England, Chris Fenner, Kinshuman Kinshumann, Jork Loeser, Dennis Mattoon, Magnus Nystrom, David Robinson, Rob Spiger, Stefan Thom, and David Wooten. 2016. f TPM: A Software-Only Implementation of a TPM Chip. In 25th USENIX Security Symposium (USENIX Security 16). USENIX Association, Austin, TX, 841--856. https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/rajGoogle Scholar
- Dale F. Willis, Arkodeb Dasgupta, and Suman Banerjee. 2014. ParaDrop: A Multi-tenant Platform for Dynamically Installed Third Party Services on Home Gateways. In Proceedings of the 2014 ACM SIGCOMM Workshop on Distributed Cloud Computing (DCC '14). ACM, New York, NY, USA, 43--44. Google ScholarDigital Library
- Sisu Xi, Chong Li, Chenyang Lu, Christopher D Gill, Meng Xu, Linh TX Phan, Insup Lee, and Oleg Sokolsky. 2015. RT-Open Stack: CPU Resource Management for Real-Time Cloud Computing. In Cloud Computing (CLOUD), 2015 IEEE 8th International Conference on. IEEE, 179--186. Google ScholarDigital Library
- Sisu Xi, Meng Xu, Chenyang Lu, Linh TX Phan, Christopher Gill, Oleg Sokolsky, and Insup Lee. 2014. Real-time multi-core virtual machine scheduling in xen. In Embedded Software (EMSOFT), 2014 International Conference on. IEEE, 1--10 Google ScholarDigital Library
Index Terms
- Hermes: A Real Time Hypervisor for Mobile and IoT Systems
Recommendations
Using virtualized task isolation to improve responsiveness in mobile and IoT software
IoTDI '19: Proceedings of the International Conference on Internet of Things Design and ImplementationWe present Hermes, a hypervisor for MMU-less microcontrollers. Hermes enables high-performance bare metal applications to coexist with real-time operating systems (RTOSes) and other less time-critical software on a single CPU. Hermes creates isolated ...
Paravirtual Remote I/O
ASPLOS'16The traditional "trap and emulate" I/O paravirtualization model conveniently allows for I/O interposition, yet it inherently incurs costly guest-host context switches. The newer "sidecore" model eliminates this overhead by dedicating host (side)cores to ...
Fast and live hypervisor replacement
VEE 2019: Proceedings of the 15th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution EnvironmentsHypervisors are increasingly complex and must be often updated for applying security patches, bug fixes, and feature upgrades. However, in a virtualized cloud infrastructure, updates to an operational hypervisor can be highly disruptive. Before being ...
Comments