64 research outputs found

    Hijack: Taking control of cots systems for real-time user-level services

    No full text
    This paper focuses on a technique to empower commercial-off-the-shelf (COTS) systems with an execution environment, and corresponding services, to support realtime and embedded applications. By leveraging COTS systems, we are able to reduce the potentially expensive maintenance and development costs of proprietary solutions. We describe a system called “Hijack ” that enables user-level services to take control of features such as CPU scheduling, interrupt handling and synchronization. In contrast to other approaches that support real-time tasks within the kernel of commodity systems such as Linux, Hijack provides the basis for predictable thread execution at user-level. No changes to the kernel source code are required to support this approach. Instead, Hijack works by using a combination of kernel module support and an interposed execution environment between traditional process address spaces and the kernel. This technique enables system calls and hardware interrupts to be intercepted with bounded latencies via the kernel module, that passes control to a user-level real-time executive. From within the executive, system-wide services and policies can be deployed to over-ride certain features of the underlying kernel, while still leveraging base kernel services where appropriate. Using this technique, we show how a vanilla Linux system can be hijacked to support predictable service execution using a series of user-defined policies. In particular, we show how to deliver and process asynchronous events with bounded latency, using interposition agents within a Hijack execution environment. Results show that for realtime streaming applications, Hijack is able to receive and process packets with significantly lower loss rates and jitter compared to using alternative application-level processes for the same task. ∗ This material is based upon work supported by the National Science Foundation under Grant No. 0615153. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Scienc

    Mutable protection domains: Towards a component-based system for dependable and predictable computing

    No full text
    The increasing complexity of software poses signicant challenges for real-time and embedded systems beyond those based purely on timeliness. With embedded sys-tems and applications running on everything from mobile phones, PDAs, to automobiles, aircraft and beyond, an emerging challenge is to ensure both the functional and tim-ing correctness of complex software. We argue that static analysis of software is insufcient to verify the safety of all possible control ow interactions. Likewise, a static sys-tem structure upon which software can be isolated in sepa-rate protection domains, thereby dening immutable bound-aries between system and application-level code, is too in-exible to the challenges faced by real-time applications with explicit timing requirements. This paper, therefore, in-vestigates a concept called mutable protection domains that supports the notion of hardware-adaptable isolation boundaries between software components. In this way, a system can be dynamically recongured to maximize soft-ware fault isolation, increasing dependability, while guar-anteeing various tasks are executed according to specic time constraints. Using a series of simulations on multi-dimensional, multiple-choice knapsack problems, we show how various heuristics compare in their ability to rapidly reorganize the fault isolation boundaries of a component-based system, to ensure resource constraints while simulta-neously maximizing isolation benet. Our ssh oneshot algorithm offers a promising approach to address system dynamics, including changing component invocation pat-terns, changing execution times, and mispredictions in iso-lation costs due to factors such as caching. This material is based upon work supported by the National Science Foundation under Grant Numbers 0615153 and 0720464. Any opinions, ndings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reect the views of the National Science Foundation.

    Update needs time

    No full text

    Application-specific service technologies for commodity operating systems in real-time environments

    No full text
    In order to eliminate the costs of proprietary systems and special purpose hardware, many real-time and embedded computing platforms are being built on commodity operating systems and generic hardware. Unfortunately, many such systems are ill-suited to the low-latency and predictable timing requirements of real-time applications. This paper, therefore, focuses on application-specific service technologies for low-cost commodity operating systems and hardware, so that real-time service guarantees can be met. We describe contrasting methods to deploy firstclass services on commodity systems, that are dispatched with low latency and execute asynchronously according to bounds on CPU, memory and I/O device usage. Specifically, we present a “user-level sandboxing ” (ULS) mechanism, that relies on hardware protection to isolate applicationspecific services from the core kernel. This approach is compared with a hybrid language and run-time protection scheme called “SafeX”, that allows untrusted services to be dynamically linked and loaded into a base kernel. SafeX and ULS have been implemented on commodity Linux systems. Experimental results show that both approaches are capable of reducing service violations (and, hence, better qualities of service) for real-time tasks, compared to traditional user-level methods of service deployment in processprivate address spaces. ULS imposes minimal additional overheads on service dispatch latency compared to SafeX, with the advantage that it does not require applicationspecific services to execute in the trusted kernel domain. 1

    Application-specific service technologies for commodity operating systems in real-time environments

    No full text
    In order to eliminate the costs of proprietary systems and special purpose hardware, many real-time and embedded computing platforms are being built on commodity operating systems and generic hardware. Unfortunately, many such systems are ill-suited to the low-latency and predictable timing requirements of real-time applications. This article, therefore, focuses on application-specific service technologies for low-cost commodity operating systems and hardware, so that real-time service guarantees can be met. We describe contrasting methods to deploy first-class services on commodity systems that are dispatched with low latency and execute asynchronously according to bounds on CPU, memory, and I/O device usage. Specifically, we present a “user-level sandboxing” (ULS) mechanism that relies on hardware protection to isolate application-specific services from the core kernel. This approach is compared with a hybrid language and runtime protection scheme, called SafeX , that allows untrusted services to be dynamically linked and loaded into a base kernel. SafeX and ULS have been implemented on commodity Linux systems. Experimental results have shown—that both approaches are capable of reducing service violations (and, hence, better qualities of service) for real-time tasks, compared to traditional user-level methods of service deployment in process-private address spaces. ULS imposes minimal additional overheads on service dispatch latency compared to SafeX, with the advantage that it does not require application-specific services to execute in the trusted kernel domain. As evidence of the potential capabilities of ULS, we show how a user-level networking stack can be implemented to avoid data copying via the kernel and allow packet processing without explicit process scheduling. This improves throughput and reduces jitter. </jats:p
    corecore