Abstract
While security has become important in embedded systems, commodity operating systems often fail in effectively separating processes, mainly due to a too large trusted computing base. System virtualization can establish isolation already with a small code base, but many existing embedded CPU architectures have very limited virtualization hardware support, so that the performance impact is often non-negligible. Targeting both security and performance, we investigate an approach in which a few minor hardware additions together with virtualization offer protected execution in embedded systems while still allowing non-virtualized execution when secure services are not needed. Benchmarks of a prototype implementation on an emulated ARM Cortex A8 platform confirm that switching between those two execution forms can be done efficiently.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
AMD: AMD64 virtualization: Secure virtualization: Secure virtual machine architecture reference manual. AMD Publication number 33047, revision 3.01 (2005)
ARM: ARMv7-A architecture reference manual, issue C, http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.ddi0406c
ARM: Integrator baseboards, http://infocenter.arm.com/help/topic/com.arm.doc.subset.boards.integratorbaseboards
ARM: TrustZone Technology, http://www.arm.com/products/processors/technologies/trustzone.php/
ARM Technical Support Knowledge Articles: What is the fastest way to copy memory on a Cortex-A8? (2011), http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.faqs/ka13544.html
Azab, A.M., Ning, P., Zhang, X.: SICE: a hardware-level strongly isolated computing environment for x86 multi-core platforms. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 375–388 (2011)
BeagleBoard.org Foundation: BeagleBoard product page, http://beagleboard.org/Products/BeagleBoard
BeagleBoard.org Foundation: BeagleBoard-xM product page, http://beagleboard.org/Products/BeagleBoard-xM
BeagleBoard.org Foundation: BeagleBone product page, http://beagleboard.org/Products/BeagleBone
Chaves, R., Kuzmanov, G., Sousa, L., Vassiliadis, S.: Improving SHA-2 hardware implementations. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 298–310. Springer, Heidelberg (2006)
Dam, M., Guanciale, R., Khakpour, N., Nemati, H., Schwarz, O.: Formal verification of information flow security for a simple ARM-based separation kernel. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS 2013 (2013)
Ding, J.H., Lin, C.J., Chang, P.H., Tsang, C.H., Hsu, W.C., Chung, Y.C.: ARMvisor: System virtualization for ARM. In: Linux Symposium (2012)
Douglas, H., Gehrmann, C.: Secure virtualization and multicore platforms state-of-the-art report. Tech. Report (2009), http://soda.swedish-ict.se/3800/
Gábriš, F.: Turning off hypervisor and resuming OS in 100 instructions. Presentation at FASM CON 2009, Myjava, Slovak Republic (2009), http://fdbg.x86asm.net/Turning_off_hypervisor_and_resuming_OS_in_100_instructions.ppt
Goldberg, R.P.: Architectural principles of virtual machines. Ph.D. thesis, Harvard University (1972)
Goldberg, R.P.: Survey of virtual machine research. IEEE Comp. Magazine (1974)
Grawrock, D.: The Intel safer computing initiative: Building blocks for trusted computing (2006)
Harrington, B.R., Mehta, C., Milton, D.M.I., Perez, M.A., Randall, D.L., Willoughby, D.R.: System and method for selectively executing a reboot request after a reset to power on state for a particular partition in a logically partitioned system. US patent US 7146515 B2, http://www.google.com/patents/US7146515
Hwang, J.Y., Suh, S.B., Heo, S.K., Park, C.J., Ryu, J.M., Park, S.Y., Kim, C.R.: Xen on ARM: System virtualization using Xen hypervisor for ARM-based secure mobile phones. In: CCNC (2008)
Liu, J., Huang, W., Abali, B., Panda, D.K.: High performance VMM-bypass I/O in virtual machines. In: Proceedings of the annual conference on USENIX 2006 Annual Technical Conference, ATEC 2006, p. 3. USENIX Association, Berkeley (2006)
Make Linux Software: Super fast boot of embedded Linux, http://www.makelinux.com/emb/fastboot/omap
McCune, J.M., Parno, B.J., Perrig, A., Reiter, M.K., Isozaki, H.: Flicker: an execution infrastructure for TCB minimization. SIGOPS Oper. Syst. Rev. 42, 315–328 (2008)
Naughton, T., Vallee, G., Scott, S.: Dynamic adaptation using Xen. In: System-level Virtualization for High Performance Computing, HPCVirt (2007)
Open Virtual Platforms: OVP website, http://www.ovpworld.org/
Schellekens, D.: Design and Analysis of Trusted Computing Platforms. Ph.D. thesis, Katholieke Universiteit Leuven (2012)
Shafi, Q.: Cyber physical systems security: A brief survey. In: Computational Science and Its Applications (ICCSA), pp. 146–150 (2012)
SICS: SICS Thin Hypervisor (STH) source, https://bitbucket.org/sicssec/sth
Smith, J.E., Nair, R.: Virtual Machines: Versatile Platforms for Systems and Processes. Morgan Kaufmann Publishers, USA (2005)
Sony Mobile: NovaThor U8500 product page, http://developer.sonymobile.com/knowledge-base/technologies/novethor-u8500/
Trusted Computing Group: PC client specific TPM interface specification. Version 1.2, Revision 1.0 (2005)
Wojtczuk, R., Rutkowska, J.: Attacking Intel trusted execution technology. Black Hat DC (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Schwarz, O., Gehrmann, C., Do, V. (2014). Affordable Separation on Embedded Platforms. In: Holz, T., Ioannidis, S. (eds) Trust and Trustworthy Computing. Trust 2014. Lecture Notes in Computer Science, vol 8564. Springer, Cham. https://doi.org/10.1007/978-3-319-08593-7_3
Download citation
DOI: https://doi.org/10.1007/978-3-319-08593-7_3
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-08592-0
Online ISBN: 978-3-319-08593-7
eBook Packages: Computer ScienceComputer Science (R0)