Takahiro Ishikawa-Aso, Atsushi Yano, Yutaro Kobayashi
et al.
The Directed Acyclic Graph (DAG) task model for real-time scheduling finds its primary practical target in Robot Operating System 2 (ROS 2). However, ROS 2's publish/subscribe API leaves DAG precedence constraints unenforced: a callback may publish mid-execution, and multi-input callbacks let developers choose topic-matching policies. Thus preserving DAG semantics relies on conventions; once violated, the model collapses. We propose the Function-as-Subtask (FasS) API, which expresses each subtask as a function whose arguments/return values are the subtask's incoming/outgoing edges. By minimizing description freedom, DAG semantics is guaranteed at the API rather than by programmer discipline. We implement a DAG-native scheduler using FasS on a Rust-based experimental kernel and evaluate its semantic fidelity, and we outline design guidelines for applying FasS to Linux Linux sched_ext.
This paper presents GMEM, generalized memory management, for peripheral devices. GMEM provides OS support for centralized memory management of both CPU and devices. GMEM provides a high-level interface that decouples MMU-specific functions. Device drivers can thus attach themselves to a process's address space and let the OS take charge of their memory management. This eliminates the need for device drivers to "reinvent the wheel" and allows them to benefit from general memory optimizations integrated by GMEM. Furthermore, GMEM internally coordinates all attached devices within each virtual address space. This drastically improves user-level programmability, since programmers can use a single address space within their program, even when operating across the CPU and multiple devices. A case study on device drivers demonstrates these benefits. A GMEM-based IOMMU driver eliminates around seven hundred lines of code and obtains 54% higher network receive throughput utilizing 32% less CPU compared to the state-of-the-art. In addition, the GMEM-based driver of a simulated GPU takes less than 70 lines of code, excluding its MMU functions.
Koen Zandberg, Emmanuel Baccelli, Shenghao Yuan
et al.
Low-power operating system runtimes used on IoT microcontrollers typically provide rudimentary APIs, basic connectivity and, sometimes, a (secure) firmware update mechanism. In contrast, on less constrained hardware, networked software has entered the age of serverless, microservices and agility. With a view to bridge this gap, in the paper we design Femto-Containers, a new middleware runtime which can be embedded on heterogeneous low-power IoT devices. Femto-Containers enable the secure deployment, execution and isolation of small virtual software functions on low-power IoT devices, over the network. We implement Femto-Containers, and provide integration in RIOT, a popular open source IoT operating system. We then evaluate the performance of our implementation, which was formally verified for fault-isolation, guaranteeing that RIOT is shielded from logic loaded and executed in a Femto-Container. Our experiments on various popular microcontroller architectures (Arm Cortex-M, ESP32 and RISC-V) show that Femto-Containers offer an attractive trade-off in terms of memory footprint overhead, energy consumption, and security
Vanessa Sochat, Matthieu Muffato, Audrey Stott
et al.
Linux container technologies such as Docker and Singularity offer encapsulated environments for easy execution of software. In high performance computing, this is especially important for evolving and complex software stacks with conflicting dependencies that must co-exist. Singularity Registry HPC ("shpc") was created as an effort to install containers in this environment as modules, seamlessly allowing for typically hidden executables inside containers to be presented to the user as commands, and as such significantly simplifying the user experience. A remaining challenge, however, is deriving the list of important executables in the container. In this work, we present new automation and methods that allow for not only discovering new containers in large community sets, but also deriving container entries with important executables. With this work we have added over 8,000 containers from the BioContainers community that can be maintained and updated by the software automation over time. All software is publicly available on the GitHub platform, and can be beneficial to container registries and infrastructure providers for automatically generating container modules to lower the usage entry barrier and improve user experience.
Distributed algorithms that operate in the fail-recovery model rely on the state stored in stable memory to guarantee the irreversibility of operations even in the presence of failures. The performance of these algorithms lean heavily on the performance of stable memory. Current storage technologies have a defined performance profile: data is accessed in blocks of hundreds or thousands of bytes, random access to these blocks is expensive and sequential access is somewhat better. File system implementations hide some of the performance limitations of the underlying storage devices using buffers and caches. However, fail-recovery distributed algorithms bypass some of these techniques and perform synchronous writes to be able to tolerate a failure during the write itself. Assuming the distributed system designer is able to buffer the algorithm's writes, we ask how buffer size and latency complement each other. In this paper we start to answer this question by characterizing the performance (throughput and latency) of typical stable memory devices using a representative set of current file systems.
The lookup procedure in Linux costs a significant portion of file accessing time as the virtual file system (VFS) traverses the file path components one after another. The lookup procedure becomes more time consuming when applications frequently access files, especially those with small sizes. We propose Stage Lookup, which dynamically caches popular directories to speed up lookup procedures and further reduce file accessing latency. The core of Stage Lookup is to cache popular dentries as shortcuts, so that path walks do not bother to traverse directory trees from the root. Furthermore, Stage Lookup enriches backward path walks as it treats the directory tree in a VFS as an undirected map. We implement a Stage Lookup prototype and integrate it into Linux Kernel v3.14. Our extensive performance evaluation studies show that Stage Lookup offers up to 46.9% performance gain compared to ordinary path lookup schemes. Furthermore, Stage Lookup shows smaller performance overheads in rename and chmod operations compared to the original method of the kernel.
Computer systems used in the field of humanitarian technology are often based on general-purpose single-board computers, such as Raspberry Pis. While these systems offer great flexibility for developers and users, configuration and deployment either introduces overhead by executing scripts on multiple devices or requires deeper technical understanding when building operating system images for such small computers from scratch. In this paper, we present PIMOD, a software tool for configuring operating system images for single-board computer systems. We propose a simple yet comprehensive configuration language. In a configuration profile, called Pifile, a small set of commands is used to describe the configuration of an operating system image. Virtualization techniques are used during the execution of the profile in order to be distribution and platform independent. Commands can be issued in the guest operating system, providing access to the distribution specific tools, e.g., to configure hardware parameters. The implementation of PIMOD is made public under a free and open source license. PIMOD is evaluated in terms of user benefits, performance compared to on-system configuration, and applicability across different hardware platforms and operating systems.
This article describes a popular religious practice: the worship of the Souls of Purgatory and the dead bodies thrown into the Magdalena River in Puerto Berrío, Antioquia. This practice is a current belief maintained through the figure of the animero, who represents the identity, devotion, and community memory of the port, enhanced by the corpses that run aground along the river banks and that are religiously adopted by its inhabitants. In these rituals, the locals give names to the corpses, they bury them with dignity and pray for them against the oblivion desired by their perpetrators. Adopting the victims with unknown identity or John Does in this area, severely affected by the armed conflict, helps to recreate the memory of the dead and thus strengthens the identity of the corpses in relation to the figure of the animero. This description was achieved through participant observation, interviews with the locals, and the life story of the current animero.
Monowar Hasan, Sibin Mohan, Rodolfo Pellizzoni
et al.
We propose a design-time framework (named HYDRA-C) for integrating security tasks into partitioned real-time systems (RTS) running on multicore platforms. Our goal is to opportunistically execute security monitoring mechanisms in a 'continuous' manner -- i.e., as often as possible, across cores, to ensure that security tasks run with as few interruptions as possible. Our framework will allow designers to integrate security mechanisms without perturbing existing real-time (RT) task properties or execution order. We demonstrate the framework using a proof-of-concept implementation with intrusion detection mechanisms as security tasks. We develop and use both, (a) a custom intrusion detection system (IDS), as well as (b) Tripwire -- an open source data integrity checking tool. These are implemented on a realistic rover platform designed using an ARM multicore chip. We compare the performance of HYDRA-C with a state-of-the-art RT security integration approach for multicore-based RTS and find that our method can, on average, detect intrusions 19.05% faster without impacting the performance of RT tasks.
In this paper, we describe DiOS, a lightweight model operating system which can be used to execute programs that make use of POSIX APIs. Such executions are fully reproducible: running the same program with the same inputs twice will result in two exactly identical instruction traces, even if the program uses threads for parallelism. DiOS is implemented almost entirely in portable C and C++: although its primary platform is DiVM, a verification-oriented virtual machine, it can be configured to also run in KLEE, a symbolic executor. Finally, it can be compiled into machine code to serve as a user-mode kernel. Additionally, DiOS is modular and extensible. Its various components can be combined to match both the capabilities of the underlying platform and to provide services required by a particular program. New components can be added to cover additional system calls or APIs. The experimental evaluation has two parts. DiOS is first evaluated as a component of a program verification platform based on DiVM. In the second part, we consider its portability and modularity by combining it with the symbolic executor KLEE.
Nachshon Cohen, David T. Aksun, Hillel Avni
et al.
Non-Volatile Memory offers the possibility of implementing high-performance, durable data structures. However, achieving performance comparable to well-designed data structures in non-persistent (transient) memory is difficult, primarily because of the cost of ensuring the order in which memory writes reach NVM. Often, this requires flushing data to NVM and waiting a full memory round-trip time. In this paper, we introduce two new techniques: Fine-Grained Checkpointing, which ensures a consistent, quickly recoverable data structure in NVM after a system failure, and In-Cache-Line Logging, an undo-logging technique that enables recovery of earlier state without requiring cache-line flushes in the normal case. We implemented these techniques in the Masstree data structure, making it persistent and demonstrating the ease of applying them to a highly optimized system and their low (5.9-15.4\%) runtime overhead cost.
Marcela S. Melara, David H. Liu, Michael J. Freedman
Third-party code plays a critical role in IoT applications, which generate and analyze highly privacy-sensitive data. Unlike traditional desktop and server settings, IoT devices mostly run a dedicated, single application. As a result, vulnerabilities in third-party libraries within a process pose a much bigger threat than on traditional platforms. We present Pyronia, a fine-grained access control system for IoT applications written in high-level languages. Pyronia exploits developers' coarse-grained expectations about how imported third-party code operates to restrict access to files, devices, and specific network destinations, at the granularity of individual functions. To efficiently protect such sensitive OS resources, Pyronia combines three techniques: system call interposition, stack inspection, and memory domains. This design avoids the need for application refactoring, or unintuitive data flow analysis, while enforcing the developer's access policy at run time. Our Pyronia prototype for Python runs on a custom Linux kernel, and incurs moderate performance overhead on unmodified Python applications.
In spite of years of improvements to software security, heap-related attacks still remain a severe threat. One reason is that many existing memory allocators fall short in a variety of aspects. For instance, performance-oriented allocators are designed with very limited countermeasures against attacks, but secure allocators generally suffer from significant performance overhead, e.g., running up to 10x slower. This paper, therefore, introduces FreeGuard, a secure memory allocator that prevents or reduces a wide range of heap-related attacks, such as heap overflows, heap over-reads, use-after-frees, as well as double and invalid frees. FreeGuard has similar performance to the default Linux allocator, with less than 2% overhead on average, but provides significant improvement to security guarantees. FreeGuard also addresses multiple implementation issues of existing secure allocators, such as the issue of scalability. Experimental results demonstrate that FreeGuard is very effective in defending against a variety of heap-related attacks.
Nota do tradutor (Nt): o referido texto foi redigido originalmente em francês, em julho de 2002; logo foi traduzido para o inglês e publicado. Mais tarde, em 2007, foi retomado em coletânea, também em língua inglesa (vide referências abaixo). Após o falecimento do autor, a 12 de janeiro de 2010, uma obra póstuma reuniu uma série de textos esparsos, juntando conferências e variadas participações em publicações coletivas. Com o título de La Politique comme art stratégique (Paris: Syllepse, 2011), o volume foi organizado e prefaciado pelo pensador socialista e homem político Antoine Artous.
High Speed computing meets ever increasing real-time computational demands through the leveraging of flexibility and parallelism. The flexibility is achieved when computing platform designed with heterogeneous resources to support multifarious tasks of an application where as task scheduling brings parallel processing. The efficient task scheduling is critical to obtain optimized performance in heterogeneous computing Systems (HCS). In this paper, we brought a review of various application scheduling models which provide parallelism for homogeneous and heterogeneous computing systems. In this paper, we made a review of various scheduling methodologies targeted to high speed computing systems and also prepared summary chart. The comparative study of scheduling methodologies for high speed computing systems has been carried out based on the attributes of platform & application as well. The attributes are execution time, nature of task, task handling capability, type of host & computing platform. Finally a summary chart has been prepared and it demonstrates that the need of developing scheduling methodologies for Heterogeneous Reconfigurable Computing Systems (HRCS) which is an emerging high speed computing platform for real time applications.
Jürgen Teich, Wolfgang Schröder-Preikschat, Andreas Herkersdorf
Future MPSoCs with 1000 or more processor cores on a chip require new means for resource-aware programming in order to deal with increasing imperfections such as process variation, fault rates, aging effects, and power as well as thermal problems. On the other hand, predictable program executions are threatened if not impossible if no proper means of resource isolation and exclusive use may be established on demand. In view of these problems and menaces, invasive computing enables an application programmer to claim for processing resources and spread computations to claimed processors dynamically at certain points of the program execution. Such decisions may be depending on the degree of application parallelism and the state of the underlying resources such as utilization, load, and temperature, but also with the goal to provide predictable program execution on MPSoCs by claiming processing resources exclusively as the default and thus eliminating interferences and creating the necessary isolation between multiple concurrently running applications. For achieving this goal, invasive computing introduces new programming constructs for resource-aware programming that meanwhile, for testing purpose, have been embedded into the parallel computing language X10 as developed by IBM using a library-based approach. This paper presents major ideas and common terms of invasive computing as investigated by the DFG Transregional Collaborative Research Centre TR89. Moreoever, a reflection is given on the granularity of resources that may be requested by invasive programs.
H. S. Behera, Rakesh Mohanty, Sabyasachi Sahu
et al.
CPU being considered a primary computer resource, its scheduling is central to operating-system design. A thorough performance evaluation of various scheduling algorithms manifests that Round Robin Algorithm is considered as optimal in time shared environment because the static time is equally shared among the processes. We have proposed an efficient technique in the process scheduling algorithm by using dynamic time quantum in Round Robin. Our approach is based on the calculation of time quantum twice in single round robin cycle. Taking into consideration the arrival time, we implement the algorithm. Experimental analysis shows better performance of this improved algorithm over the Round Robin algorithm and the Shortest Remaining Burst Round Robin algorithm. It minimizes the overall number of context switches, average waiting time and average turn-around time. Consequently the throughput and CPU utilization is better.
This paper proposes a novel solution: the elimination of paged virtual memory and partial outsourcing of memory page allocation and manipulation from the operating system kernel into the individual process' user space - a user mode page allocator - which allows an application to have direct, bare metal access to the page mappings used by the hardware Memory Management Unit (MMU) for its part of the overall address space. A user mode page allocator based emulation of the mmap() abstraction layer of dlmalloc is then benchmarked against the traditional kernel mode implemented mmap() in a series of synthetic Monte-Carlo and real world application settings. Given the superb synthetic and positive real world results from the profiling conducted, this paper proposes that with proper operating system and API support one could gain a further order higher performance again while keeping allocator performance invariant to the amount of memory being allocated or freed i.e. a 100x performance improvement or more in some common use cases. It is rare that through a simple and easy to implement API and operating system structure change one can gain a Silver Bullet with the potential for a second one.
George Anderson, Tshilidzi Marwala, Fulufhelo V. Nelwamondo
The operating system's role in a computer system is to manage the various resources. One of these resources is the Central Processing Unit. It is managed by a component of the operating system called the CPU scheduler. Schedulers are optimized for typical workloads expected to run on the platform. However, a single scheduler may not be appropriate for all workloads. That is, a scheduler may schedule a workload such that the completion time is minimized, but when another type of workload is run on the platform, scheduling and therefore completion time will not be optimal; a different scheduling algorithm, or a different set of parameters, may work better. Several approaches to solving this problem have been proposed. The objective of this survey is to summarize the approaches based on data mining, which are available in the literature. In addition to solutions that can be directly utilized for solving this problem, we are interested in data mining research in related areas that have potential for use in operating system scheduling. We also explain general technical issues involved in scheduling in modern computers, including parallel scheduling issues related to multi-core CPUs. We propose a taxonomy that classifies the scheduling approaches we discuss into different categories.
This research addresses the multiprocessor scheduling problem of hard real-time systems, and it especially focuses on optimal and global schedulers when practical constraints are taken into account. First, we propose an improvement of the optimal algorithm BF. We formally prove that our adaptation is (i) optimal, i.e., it always generates a feasible schedule as long as such a schedule exists, and (ii) valid, i.e., it complies with the all the requirements. We also show that it outperforms BF by providing a computing complexity of O(n), where n is the number of tasks to be scheduled. Next, we propose a schedulability analysis which indicates a priori whether the real-time application can be scheduled by our improvement of BF without missing any deadline. This analysis is, to the best of our knowledge, the first such test for multiprocessors that takes into account all the main overheads generated by the Operating System.