Optimized trusted execution for hard real-time applications on COTS processors

Proceedings of the 27th International Conference on Real-Time Networks and Systems Pub Date : 2019-11-06 DOI:10.1145/3356401.3356419

Anway Mukherjee, Tanmaya Mishra, Thidapat Chantem, N. Fisher, Ryan M. Gerdes

{"title":"Optimized trusted execution for hard real-time applications on COTS processors","authors":"Anway Mukherjee, Tanmaya Mishra, Thidapat Chantem, N. Fisher, Ryan M. Gerdes","doi":"10.1145/3356401.3356419","DOIUrl":null,"url":null,"abstract":"While trusted execution environments (TEE) provide industry standard security and isolation, its implementation through secure monitor calls (SMC) attribute to large time overhead and weakened temporal predictability, potentially prohibiting the use of TEE in hard real-time systems. We propose super-TEEs, where multiple trusted execution sections are fused together to amortize TEE execution overhead and improve predictability through minimized I/O traffic and reduced switching between normal mode and TEE mode of execution. Super-TEEs may, however, violate a task's timing requirement and impact the schedulability of the system. We present a technique to enforce the correct timing requirement of a task, along with a sufficient test for schedulability in uniprocessors. We also, discuss ct-RM, a static task assignment and partitioned scheduling algorithm to schedule super-TEEs, alongside other real-time tasks, on multicore systems. Experimental results on a Raspberry Pi 3B, further confirmed by simulations, show that ct-RM outperforms the state-of-the-art technique in terms of usable utilization by 12% on average and up to 27%.","PeriodicalId":322493,"journal":{"name":"Proceedings of the 27th International Conference on Real-Time Networks and Systems","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-11-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"13","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 27th International Conference on Real-Time Networks and Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3356401.3356419","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 13

Abstract

While trusted execution environments (TEE) provide industry standard security and isolation, its implementation through secure monitor calls (SMC) attribute to large time overhead and weakened temporal predictability, potentially prohibiting the use of TEE in hard real-time systems. We propose super-TEEs, where multiple trusted execution sections are fused together to amortize TEE execution overhead and improve predictability through minimized I/O traffic and reduced switching between normal mode and TEE mode of execution. Super-TEEs may, however, violate a task's timing requirement and impact the schedulability of the system. We present a technique to enforce the correct timing requirement of a task, along with a sufficient test for schedulability in uniprocessors. We also, discuss ct-RM, a static task assignment and partitioned scheduling algorithm to schedule super-TEEs, alongside other real-time tasks, on multicore systems. Experimental results on a Raspberry Pi 3B, further confirmed by simulations, show that ct-RM outperforms the state-of-the-art technique in terms of usable utilization by 12% on average and up to 27%.

查看原文本刊更多论文

优化了COTS处理器上硬实时应用程序的可信执行

虽然可信执行环境(TEE)提供了行业标准的安全性和隔离性，但其通过安全监视器调用(SMC)实现的原因是时间开销大，时间可预测性减弱，可能会禁止在硬实时系统中使用TEE。我们提出了超级TEE，其中多个可信的执行部分融合在一起，以分摊TEE执行开销，并通过最小化I/O流量和减少正常模式和TEE执行模式之间的切换来提高可预测性。然而，超级tee可能会违反任务的时间要求并影响系统的可调度性。我们提出了一种技术来强制执行任务的正确定时要求，并对单处理器中的可调度性进行了充分的测试。我们还讨论了ct-RM，这是一种静态任务分配和分区调度算法，用于在多核系统上调度超级tee和其他实时任务。在树莓派3B上的实验结果，通过模拟进一步证实，表明ct-RM在可用利用率方面平均优于最先进的技术12%，最高可达27%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 27th International Conference on Real-Time Networks and Systems

自引率

0.00%

发文量