This work analyzes the main isolation mechanisms available in modern NVIDIA GPUs: MPS, MIG, and the recent Green Contexts, to ensure predictable inference time in safety-critical applications using deep learning models. The experimental methodology includes performance tests, evaluation of partitioning impact, and analysis of temporal isolation between processes, considering both the NVIDIA A100 and Jetson Orin platforms. It is observed that MIG provides a high level of isolation. At the same time, Green Contexts represent a promising alternative for edge devices by enabling fine-grained SM allocation with low overhead, albeit without memory isolation. The study also identifies current limitations and outlines potential research directions to improve temporal predictability in shared GPUs.
As intelligent systems permeate edge devices, cloud infrastructure, and embedded real-time environments, this research proposes a new OS kernel architecture for intelligent systems, transforming kernels from static resource managers to adaptive, AI-integrated platforms. Key contributions include: (1) treating Loadable Kernel Modules (LKMs) as AI-oriented computation units for fast sensory and cognitive processing in kernel space; (2) expanding the Linux kernel into an AI-native environment with built-in deep learning inference, floating-point acceleration, and real-time adaptive scheduling for efficient ML workloads; and (3) introducing a Neurosymbolic kernel design leveraging Category Theory and Homotopy Type Theory to unify symbolic reasoning and differentiable logic within OS internals. Together, these approaches enable operating systems to proactively anticipate and adapt to the cognitive needs of autonomous intelligent applications.
Maratona Linux is the development environment used since 2016 on the ``Maratona de Programação'', ICPC's South American regional contest. It consists of Debian packages that modify a standard Ubuntu installation in order to make it suitable for the competition, installing IDEs, documentation, compilers, debuggers, interpreters, and enforcing network restrictions. The project, which began based on Ubuntu 16.04, has been successfully migrated from 20.04 to 22.04, the current Long-term Support (LTS) version. The project has also been improved by adding static analyzers, updating the package dependency map, splitting large packages, and enhancing the packaging pipeline.
Yuhan Deng, Akshay Srivatsan, Sebastian Ingino
et al.
We describe a system for serverless computing where users, programs, and the underlying platform share a common representation of a computation: a deterministic procedure, run in an environment of well-specified data or the outputs of other computations. This representation externalizes I/O: data movement over the network is performed exclusively by the platform. Applications can describe the precise data needed at each stage, helping the provider schedule tasks and network transfers to reduce starvation. The design suggests an end-to-end argument for outsourced computing, shifting the service model from ``pay-for-effort'' to ``pay-for-results.''
Case studies (CS) attempt to help students increase critical thinking skills and engagement while working through a real-life scenario in various disciplines, including medicine, law, and business. However, the CS method has not been heavily utilized in biological sciences. The present study investigated the effect of the CS method on undergraduate biology students’ conceptual understanding, academic outcomes, and perspectives. A case study was applied in a one-semester undergraduate biology course, which was compared to ten semesters of standard sections. Participants completed course pre- and post-tests, pre- and post-case tests, and an online survey to assess their conceptual understanding and engagement. The initial lowest quartiles were determined from the individual course pre-test scores, which were lower than class averages. Results suggested that the CS method helped students in learning outcomes, critical thinking, and conceptual understanding toward biology. In post-test learning gains, the CS group did 20% better than the non-CS group, with the largest benefit seen in the initially lowest pre-test quartile of the class. Moreover, post-case learning gains were 55% improved in the case test. Survey results indicated that students had positive attitudes toward CS for their engagement in plant biology content. Overall, the distribution of A grades improved by 2.6-fold from standard to CS groups. We conclude that the use of CS may address course content engagement and have the potential to effectively boost academic performance, especially for the initially lowest quartile in undergraduate plant biological sciences courses.
For safety reasons, unprivileged users today have only limited ways to customize the kernel through the extended Berkeley Packet Filter (eBPF). This is unfortunate, especially since the eBPF framework itself has seen an increase in scope over the years. We propose SandBPF, a software-based kernel isolation technique that dynamically sandboxes eBPF programs to allow unprivileged users to safely extend the kernel, unleashing eBPF's full potential. Our early proof-of-concept shows that SandBPF can effectively prevent exploits missed by eBPF's native safety mechanism (i.e., static verification) while incurring 0%-10% overhead on web server benchmarks.
Modern caches are often required to handle a massive amount of data, which exceeds the amount of available memory; thus, hybrid caches, specifically DRAM/SSD combination, become more and more prevalent. In such environments, in addition to the classical hit-ratio target, saving writes to the second-level cache is a dominant factor to avoid write amplification and wear out, two notorious phenomena of SSD. This paper presents BiDiFilter, a novel multilevel caching scheme that controls demotions and promotions between cache levels using a frequency sketch filter. Further, it splits the higher cache level into two areas to keep the most recent and the most frequent items close to the user. We conduct an extensive evaluation over real-world traces, comparing to previous multilevel policies. We show that using our mechanism yields an x10 saving of writes in almost all cases and often improving latencies by up to 20%.
Operating Systems are built upon a set of abstractions to provide resource management and programming APIs for common functionality, such as synchronization, communication, protection, and I/O. The process abstraction is the bridge across these two aspects; unsurprisingly, research efforts pay particular attention to the process abstraction, aiming at enhancing security, improving performance, and supporting hardware innovations. However, given the intrinsic difficulties to implement modifications at the OS level, recent endeavors have not yet been widely adopted in production-oriented OSes. Still, we believe the current hardware evolution and new application requirements provide favorable conditions to change this trend. This paper evaluates recent research on OS process features identifying potential evolution paths. We derive a set of relevant process characteristics, and propose how to extend them as to benefit OSes and applications.
Diagnosing storage system failures is challenging even for professionals. One example is the "When Solid State Drives Are Not That Solid" incident occurred at Algolia data center, where Samsung SSDs were mistakenly blamed for failures caused by a Linux kernel bug. With the system complexity keeps increasing, such obscure failures will likely occur more often. As one step to address the challenge, we present our on-going efforts called X-Ray. Different from traditional methods that focus on either the software or the hardware, X-Ray leverages virtualization to collects events across layers, and correlates them to generate a correlation tree. Moreover, by applying simple rules, X-Ray can highlight critical nodes automatically. Preliminary results based on 5 failure cases shows that X-Ray can effectively narrow down the search space for failures.
Jian-Jia Chen, Junjie Shi, Georg von der Brüggen
et al.
The performance of multiprocessor synchronization and locking protocols is a key factor to utilize the computation power of multiprocessor systems under real-time constraints. While multiple protocols have been developed in the past decades, their performance highly depends on the task partition and prioritization. The recently proposed Dependency Graph Approach showed its advantages and attracted a lot of interest. It is, however, restricted to task sets where each task has at most one critical section. In this paper, we remove this restriction and demonstrate how to utilize algorithms for the classical job shop scheduling problem to construct a dependency graph for tasks with multiple critical sections. To show the applicability, we discuss the implementation in Litmus^{RT} and report the overheads. Moreover, we provide extensive numerical evaluations under different configurations, which in many situations show significant improvement compared to the state-of-the-art.
Multicore processors have proved to be the right choice for both desktop and server systems because it can support high performance with an acceptable budget expenditure. In this work, we have compared several works in cache contention and found that such works have identified several techniques for cache contention other than cache size including FSB, Memory Controller and prefetching hardware. We found that Distributed Intensity Online (DIO) is a very promising cache contention algorithm since it can achieve up to 2% from the optimal technique. Moreover, we propose a new framework for cache contention based on resource ontologies. In which ontologies instances will be used for communication between diverse processes instead of grasping schedules based on hardware.
Flavio R Massaro, Paulo S. Martins, Edson L. Ursini
In this work, we propose to integrate prediction algorithms to the scheduling of mode changes under the Earliest-Deadline-First and Fixed-priority scheduling in mixed-criticality real-time systems. The method proactively schedules a mode change in the system based on state variables such as laxity, to the percentage difference in the temporal distance between the completion time of the instance of a task and its respective deadline, by the deadline (D) stipulated for the task, in order to minimize deadline misses. The simulation model was validated against an analytical model prior to the logical integration of the Kalman-based prediction algorithm. Two study cases were presented, one covering earliest-deadline first and the other the fixed-priority scheduling approach. The results showed the gains in the adoption of the prediction approach for both scheduling paradigms by presenting a significant reduction of the number of missed deadlines for low-criticality tasks.
We adapt an existing preemptive scheduling model of RTOS kernel by eChronos from machine-assisted proof to Spin-based model checker. The model we constructed can be automatically verified rather than formulating proofs by hand. Moreover, we look into the designs of a Linux-like real-time kernel--Piko/RT and the specification of ARMv7-M architecture to reconstruct the model, and use LTL to specify a simple concurrent programs--consumer/producer problem during the development stage of the kernel. We show that under the preemptive scheduling and the mechanism of ARMv7-M, the program will not suffer from race condition, starvation, and deadlock.
OS compromise is one of the most serious computer security problems today, but still not being resolved. Although people proposed different kinds of methods, they could not be accepted by most users who are non-expert due to the lack of compatibility and usability. In this paper, we introduce a kind of new mandatory access control model, named CUMAC, that aims to achieve good-enough security, high compatibility and usability. It has two novel features. One is access control based on tracing potential intrusion that can reduce false negatives and facilitate security configuration, in order to improve both compatibility and usability; the other is automatically figuring out all of the compatibility exceptions that usually incurs incompatible problems. The experiments performed on the prototype show that CUMAC can defense attacks from network, mobile disk and local untrustable users while keeping good compatibility and usability.
Kevin Elphinstone, Amirreza Zarrabi, Adrian Danis
et al.
The trade-off between coarse- and fine-grained locking is a well understood issue in operating systems. Coarse-grained locking provides lower overhead under low contention, fine-grained locking provides higher scalability under contention, though at the expense of implementation complexity and re- duced best-case performance. We revisit this trade-off in the context of microkernels and tightly-coupled cores with shared caches and low inter-core migration latencies. We evaluate performance on two architectures: x86 and ARM MPCore, in the former case also utilising transactional memory (Intel TSX). Our thesis is that on such hardware, a well-designed microkernel, with short system calls, can take advantage of coarse-grained locking on modern hardware, avoid the run-time and complexity cost of multiple locks, enable formal verification, and still achieve scalability comparable to fine-grained locking.
La transición de la guerra a la paz puede conllevar un cambio en el centro de gravedad de la violencia hacia micro-espacios deprimidos de las ciudades que constituyen lo que se puede denominar, adaptando el concepto de Guillermo O’Donnell, zonas marrones urbanas. Las situaciones de postconflicto altamente violento y las de alta violencia societal que corresponden al tipo de casos que se pueden caracterizar como casos de paz violenta, requieren un enfoque de seguridad ciudadana urbana que vaya en sintonía con el giro local que se ha dado en las aproximaciones críticas de la construcción de paz.
Joel Reed, Jeremy Archuleta, Michael J. Brim
et al.
We define dynamic striping as the ability to assign different Lustre striping characteristics to contiguous segments of a file as it grows. In this paper, we evaluate the effects of dynamic striping using a watermark-based strategy where the stripe count or width is increased once a file's size exceeds one of the chosen watermarks. To measure the performance of this strategy we used a modified version of the IOR benchmark, a netflow analysis workload, and the blastn algorithm from NCBI BLAST. The results indicate that dynamic striping is beneficial to tasks with unpredictable data file size and large sequential reads, but are less conclusive for workloads with significant random read phases.
Wireless sensor network (WSN) has attracted researchers worldwide to explore the research opportunities, with application mainly in health monitoring, industry automation, battlefields, home automation and environmental monitoring. A WSN is highly resource constrained in terms of energy, computation and memory. WSNs deployment ranges from the normal working environment up to hostile and hazardous environment such as in volcano monitoring and underground mines. These characteristics of WSNs hold additional set of challenges in front of the operating system designer. The objective of this survey is to highlight the features and weakness of the opearting system available for WSNs, with the focus on the current application demands. The paper also discusses the operating system design issues in terms of architecture, programming model, scheduling and memory management and support for real time applications.
Multi-core processors are becoming more and more popular in embedded and real-time systems. While fixed-priority scheduling with task-splitting in real-time systems are widely applied, current approaches have not taken into consideration energy-aware aspects such as dynamic voltage/frequency scheduling (DVS). In this paper, we propose two strategies to apply dynamic voltage scaling (DVS) to fixed-priority scheduling algorithms with task-splitting for periodic real-time tasks on multi-core processors. The first strategy determines voltage scales for each processor after scheduling (Static DVS), which ensures all tasks meet the timing requirements on synchronization. The second strategy adaptively determines the frequency of each task before scheduling (Adaptive DVS) according to the total utilization of task-set and number of cores available. The combination of frequency pre-allocation and task-splitting makes it possible to maximize energy savings with DVS. Simulation results show that it is possible to achieve significant energy savings with DVS while preserving the schedulability requirements of real-time schedulers for multi-core processors.