skip to main content
10.1145/3177102.3177103acmconferencesArticle/Chapter ViewAbstractPublication PageshotmobileConference Proceedingsconference-collections
research-article
Public Access

Hermes: A Real Time Hypervisor for Mobile and IoT Systems

Published: 12 February 2018 Publication History

Abstract

We present Hermes, a hypervisor for MMU-less microcontrollers. Hermes enables high-performance bare metal applications to coexist with RTOSes and other less time-critical software on a single CPU. We experimentally demonstrate that a real-time operating system scheduler does not always provide deterministic response times for I/O events, which can cause real-time workloads to be unschedulable. Hermes solves this problem by adding a layer of abstraction between the hardware I/O devices and the software that services them, making I/O transactions truly deterministic. Virtualization on low-power mobile and embedded systems also enables some interesting software capabilities like secure execution of third-party apps, software integrity attestation, and bare metal performance in a multitasking software environment. These features otherwise require additional hardware (i.e. multiple CPUs, hardware TPM, etc) or may not be available at all. In other projects, we have anecdotally noticed that real time operating systems are not always able to respond quickly and deterministically enough to time-sensitive operations, particularly under high I/O load. We validate this observed timing problem by measuring interrupt latency in an RTOS environment and comparing to an experimental implementation of Hermes. We find that not only is the interrupt latency lower in the virtualized environment, but it is also much more deterministic---a key figure of merit for real-time software systems. We discuss challenges of implementing a hypervisor on a CPU with no memory management unit, and we present some preliminary solutions and workarounds. We go on to explore some other applications of virtualization to mobile and IoT software.

References

[1]
Stefan Berger, Ramón Cáceres, Kenneth A. Goldman, Ronald Perez, Reiner Sailer, and Leendert van Doorn. 2006. vTPM: Virtualizing the Trusted Platform Module. In Proceedings of the 15th Conference on USENIX Security Symposium - Volume 15 (U15 (USENIX-SS'06). USENIX Association, Berkeley, CA, USA, Article 21. http://dl.acm.org/citation.cfm?id=1267336.1267357
[2]
Richard Berry. 2017. FreeRTOS. (2017). http://www.freertos.org.
[3]
Brad Brannon and Allen Barlow. 2006. Aperture uncertainty and ADC system performance. Application Note AN501 (2006).
[4]
Claude Castelluccia, Aurélien Francillon, Daniele Perito, and Claudio Soriente. 2009. On the Difficulty of Software-based Attestation of Embedded Devices. In Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS '09). ACM, New York, NY, USA, 400--409.
[5]
Yeongpil Cho, Junbum Shin, Donghyun Kwon, MyungJoo Ham, Yuna Kim, and Yunheung Paek. 2016. Hardware-Assisted On-Demand Hypervisor Activation for Efficient Security Critical Code Execution on Mobile Devices. In 2016 USENIX Annual Technical Conference (USENIX ATC 16). USENIX Association, Denver, CO, 565--578. https://www.usenix.org/conference/atc16/technical-sessions/presentation/cho
[6]
Atmel Corporation. 2017. SAM E ARM Cortex-M7 Microcontrollers. (2017). http://www.atmel.com/products/microcontrollers/arm/sam-e.aspx.
[7]
Atmel Corporation. 2017. SAM E70 Xplained Evaluation Kit. (2017). http://www.atmel.com/tools/atsame70-xpld.aspx.
[8]
R. J. Creasy. 1981. The Origin of the VM/370 Time-sharing System. IBM J. Res. Dev. 25, 5 (Sept. 1981), 483--490.
[9]
Christoffer Dall and Jason Nieh. 2014. KVM/ARM: The Design and Implementation of the Linux ARM Hypervisor. In Proceedings of the 19th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS '14). ACM, New York, NY, USA, 333--348.
[10]
Joan G. Dyer, Mark Lindemann, Ronald Perez, Reiner Sailer, Leendert van Doorn, Sean W. Smith, and Steve Weingart. 2001. Building the IBM 4758 Secure Coprocessor. Computer 34, 10 (Oct. 2001), 57--66.
[11]
Marisol García-Valls, Tommaso Cucinotta, and Chenyang Lu. 2014. Challenges in real-time virtualization and predictable cloud computing. Journal of Systems Architecture 60, 9 (2014), 726--740.
[12]
Neil Klingensmith, Dale Willis, and Suman Banerjee. 2013. A Distributed Energy Monitoring and Analytics Platform and Its Use Cases. In Proceedings of the 5th ACM Workshop on Embedded Systems For Energy-Efficient Buildings (BuildSys'13). ACM, New York, NY, USA, Article 36, 2 pages.
[13]
Fabien Le Mentec. 2014. Using the Beaglebone PRU to achieve realtime at low cost. Embedded Related (April 2014). https://www.embeddedrelated.com/showarticle/586.php.
[14]
Carlos Moratelli, Sergio Johann, and Fabiano Hessel. 2016. Exploring Embedded Systems Virtualization Using MIPS Virtualization Module. In Proceedings of the ACM International Conference on Computing Frontiers (CF '16). ACM, New York, NY, USA, 214--221.
[15]
Bryan Parno, Jonathan M McCune, and Adrian Perrig. 2010. Bootstrapping trust in commodity computers. In Security and privacy (SP), 2010 IEEE symposium on. IEEE, 414--429.
[16]
Himanshu Raj, Stefan Saroiu, Alec Wolman, Ronald Aigner, Jeremiah Cox, Paul England, Chris Fenner, Kinshuman Kinshumann, Jork Loeser, Dennis Mattoon, Magnus Nystrom, David Robinson, Rob Spiger, Stefan Thom, and David Wooten. 2016. f TPM: A Software-Only Implementation of a TPM Chip. In 25th USENIX Security Symposium (USENIX Security 16). USENIX Association, Austin, TX, 841--856. https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/raj
[17]
Dale F. Willis, Arkodeb Dasgupta, and Suman Banerjee. 2014. ParaDrop: A Multi-tenant Platform for Dynamically Installed Third Party Services on Home Gateways. In Proceedings of the 2014 ACM SIGCOMM Workshop on Distributed Cloud Computing (DCC '14). ACM, New York, NY, USA, 43--44.
[18]
Sisu Xi, Chong Li, Chenyang Lu, Christopher D Gill, Meng Xu, Linh TX Phan, Insup Lee, and Oleg Sokolsky. 2015. RT-Open Stack: CPU Resource Management for Real-Time Cloud Computing. In Cloud Computing (CLOUD), 2015 IEEE 8th International Conference on. IEEE, 179--186.
[19]
Sisu Xi, Meng Xu, Chenyang Lu, Linh TX Phan, Christopher Gill, Oleg Sokolsky, and Insup Lee. 2014. Real-time multi-core virtual machine scheduling in xen. In Embedded Software (EMSOFT), 2014 International Conference on. IEEE, 1--10

Cited By

View all
  • (2024)A comprehensive evaluation of interrupt measurement techniques for predictability in safety-critical systemsProceedings of the 19th International Conference on Availability, Reliability and Security10.1145/3664476.3670451(1-10)Online publication date: 30-Jul-2024
  • (2024)Temporal isolation assessment in virtualized safety-critical mixed-criticality systems: A case study on Xen hypervisorJournal of Systems and Software10.1016/j.jss.2024.112147216(112147)Online publication date: Oct-2024
  • (2023)Quantifying IoT Security Parameters: An Assessment FrameworkIEEE Access10.1109/ACCESS.2023.331397511(101087-101097)Online publication date: 2023
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
HotMobile '18: Proceedings of the 19th International Workshop on Mobile Computing Systems & Applications
February 2018
130 pages
ISBN:9781450356305
DOI:10.1145/3177102
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 12 February 2018

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. hypervisor
  2. real-time systems
  3. virtualization

Qualifiers

  • Research-article

Funding Sources

Conference

HotMobile '18
Sponsor:

Acceptance Rates

HotMobile '18 Paper Acceptance Rate 19 of 65 submissions, 29%;
Overall Acceptance Rate 96 of 345 submissions, 28%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)225
  • Downloads (Last 6 weeks)38
Reflects downloads up to 23 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2024)A comprehensive evaluation of interrupt measurement techniques for predictability in safety-critical systemsProceedings of the 19th International Conference on Availability, Reliability and Security10.1145/3664476.3670451(1-10)Online publication date: 30-Jul-2024
  • (2024)Temporal isolation assessment in virtualized safety-critical mixed-criticality systems: A case study on Xen hypervisorJournal of Systems and Software10.1016/j.jss.2024.112147216(112147)Online publication date: Oct-2024
  • (2023)Quantifying IoT Security Parameters: An Assessment FrameworkIEEE Access10.1109/ACCESS.2023.331397511(101087-101097)Online publication date: 2023
  • (2022)Differentiating Network Flows for Priority-Aware Scheduling of Incoming Packets in Real-Time IoT Systems2022 IEEE 25th International Symposium On Real-Time Distributed Computing (ISORC)10.1109/ISORC52572.2022.9812841(1-8)Online publication date: 17-May-2022
  • (2022)On Temporal Isolation Assessment in Virtualized Railway Signaling as a Service Systems2022 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech)10.1109/DASC/PiCom/CBDCom/Cy55231.2022.9927796(1-5)Online publication date: 12-Sep-2022
  • (2022)Analysis of Hypervisor Architectures for Improving Cybersecurity in IoT EnvironmentsProceedings of the International Conference on Ubiquitous Computing & Ambient Intelligence (UCAmI 2022)10.1007/978-3-031-21333-5_40(401-412)Online publication date: 21-Nov-2022
  • (2021)Performance Analysis of Open-Source Hypervisors for Automotive Systems2021 IEEE 27th International Conference on Parallel and Distributed Systems (ICPADS)10.1109/ICPADS53394.2021.00072(530-537)Online publication date: Dec-2021
  • (2020)Survey on Evaluation of IoT Services Leveraging Virtualization TechnologyProceedings of the 2020 5th International Conference on Cloud Computing and Internet of Things10.1145/3429523.3429524(26-34)Online publication date: 22-Sep-2020
  • (2020)KappaProceedings of the 11th ACM Symposium on Cloud Computing10.1145/3419111.3421277(328-343)Online publication date: 12-Oct-2020
  • (2020)Interrupting Real-Time IoT Tasks: How Bad Can It Be to Connect Your Critical Embedded System to the Internet?2020 IEEE 39th International Performance Computing and Communications Conference (IPCCC)10.1109/IPCCC50635.2020.9391536(1-6)Online publication date: 6-Nov-2020
  • Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

EPUB

View this article in ePub.

ePub

Login options

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media