Dynamic security domain scaling on embedded symmetric multiprocessors

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Dynamic security domain scaling on embedded symmetric multiprocessors

Full text

Pdf (2.37 MB)

Source

ACM Transactions on Design Automation of Electronic Systems (TODAES) archive
Volume 14 , Issue 2 (March 2009) table of contents

Article No. 24

Year of Publication: 2009

ISSN:1084-4309

Authors

Hiroaki Inoue	System IP Core Research Laboratories, NEC Corporation, Kanagawa, Japan
Tsuyoshi Abe	System IP Core Research Laboratories, NEC Corporation, Kanagawa, Japan
Kazuhisa Ishizaka	System IP Core Research Laboratories, NEC Corporation, Kanagawa, Japan
Junji Sakai	System IP Core Research Laboratories, NEC Corporation, Kanagawa, Japan
Masato Edahiro	System IP Core Research Laboratories, NEC Corporation, Kanagawa, Japan

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 13, Downloads (12 Months): 97, Citation Count: 0

Additional Information:

abstract references index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1497561.1497567 What is a DOI?

ABSTRACT

We propose a method for dynamic security-domain scaling on SMPs that offers both highly scalable performance and high security for future high-end embedded systems. Its most important feature is its highly efficient use of processor resources, accomplished by dynamically changing the number of processors within a security-domain (i.e., dynamically yielding processors to other security-domains) in response to application load requirements. Two new technologies make this scaling possible without any virtualization software: (1) self-transition management and (2) unified virtual address mapping. Evaluations show that this domain control provides highly scalable performance and incurs almost no performance overhead in security-domains. The increase in OSs in binary code size is less than 1.5%, and the time required for individual state transitions is on the order of a single millisecond. This scaling is the first in the world to make possible the dynamic changing of the number of processors within a security-domain on an ARM SMP.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Keith Adams , Ole Agesen, A comparison of software and hardware techniques for x86 virtualization, Proceedings of the 12th international conference on Architectural support for programming languages and operating systems, October 21-25, 2006, San Jose, California, USA
	2	Amd. 2005. AMD64 Virtualization Codenamed “Pacifica” Technology: Secure Virtual Machine Architecture Reference Manual. http://www.cs.utexas.edu/users/hunt/class/2005-fall/cs352/docsem64t/AMD/virtualization-33047.pdf.
	3	Arm. 2004. AMBA AXI protocol. Version 1.0.
	4	Arm. 2006. ARM11 MPCore Processor Technical Reference Manual. Rev. r1p0.
	5	W. J. Armstrong , R. L. Arndt , D. C. Boutcher , R. G. Kovacs , D. Larson , K. A. Lucke , N. Nayar , R. C. Swanberg, Advanced virtualization capabilities of POWER5 systems, IBM Journal of Research and Development, v.49 n.4/5, p.523-532, July 2005
	6	Arash Baratloo , Navjot Singh , Timothy Tsai, Transparent run-time defense against stack smashing attacks, Proceedings of the annual conference on USENIX Annual Technical Conference, p.21-21, June 18-23, 2000, San Diego, California
	7	Paul Barham , Boris Dragovic , Keir Fraser , Steven Hand , Tim Harris , Alex Ho , Rolf Neugebauer , Ian Pratt , Andrew Warfield, Xen and the art of virtualization, Proceedings of the nineteenth ACM symposium on Operating systems principles, October 19-22, 2003, Bolton Landing, NY, USA
	8	Koustav Bhattacharya , Nagarajan Ranganathan, A linear programming formulation for security-aware gate sizing, Proceedings of the 18th ACM Great Lakes symposium on VLSI, May 04-06, 2008, Orlando, Florida, USA [doi>10.1145/1366110.1366176]
	9	Joel Coburn , Srivaths Ravi , Anand Raghunathan , Srimat Chakradhar, SECA: security-enhanced communication architecture, Proceedings of the 2005 international conference on Compilers, architectures and synthesis for embedded systems, September 24-27, 2005, San Francisco, California, USA [doi>10.1145/1086297.1086308]
	10	Crispin Cowan , Calton Pu , Dave Maier , Heather Hintony , Jonathan Walpole , Peat Bakke , Steve Beattie , Aaron Grier , Perry Wagle , Qian Zhang, StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks, Proceedings of the 7th conference on USENIX Security Symposium, p.5-5, January 26-29, 1998, San Antonio, Texas
	11	Jeff Dike, A user-mode port of the linux kernel, Proceedings of the 4th annual Linux Showcase & Conference, p.7-7, October 10-14, 2000, Atlanta, Georgia
	12	David Evans , David Larochelle, Improving Security Using Extensible Lightweight Static Analysis, IEEE Software, v.19 n.1, p.42-51, January 2002 [doi>10.1109/52.976940]
	13	Leandro Fiorin , Gianluca Palermo , Slobodan Lukovic , Cristina Silvano, A data protection unit for NoC-based architectures, Proceedings of the 5th IEEE/ACM international conference on Hardware/software codesign and system synthesis, September 30-October 03, 2007, Salzburg, Austria [doi>10.1145/1289816.1289858]
	14	Catherine H. Gebotys, A split-mask countermeasure for low-energy secure embedded systems, ACM Transactions on Embedded Computing Systems (TECS), v.5 n.3, p.577-612, August 2006 [doi>10.1145/1165780.1165783]
	15	Gondo, M. 2006. Blending asymmetric and symmetric multiprocessing with a single OS on ARM11 MPCore. Inform. Quar. 5, 4, 38--43.
	16	Inoue Hiroaki , Ken-ichiro Anjo , Masaki Wakabayashi , Jun Tanabe , Hideharu Amano , Junji Yamamoto , Mitusuru Sato , Kei Hiraki, The Preliminary Evaluation of MBP-light with Two Protocol Policies for A Massively Parallel Processor - JUMP-1, Proceedings of the The 7th Symposium on the Frontiers of Massively Parallel Computation, p.268, February 21-25, 1999
	17	Hiroaki Inoue , Akihisa Ikeno , Masaki Kondo , Junji Sakai , Masato Edahiro, FIDES: an advanced chip multiprocessor platform for secure next generation mobile terminals, Proceedings of the 3rd IEEE/ACM/IFIP international conference on Hardware/software codesign and system synthesis, September 19-21, 2005, Jersey City, NJ, USA [doi>10.1145/1084834.1084882]
	18	Hiroaki Inoue , Akihisa Ikeno , Tsuyoshi Abe , Junji Sakai , Masato Edahiro, Dynamic security domain scaling on symmetric multiprocessors for future high-end embedded systems, Proceedings of the 5th IEEE/ACM international conference on Hardware/software codesign and system synthesis, September 30-October 03, 2007, Salzburg, Austria [doi>10.1145/1289816.1289830]
	19	Hiroaki Inoue , Junji Sakai , Masato Edahiro, Processor virtualization for secure mobile terminals, ACM Transactions on Design Automation of Electronic Systems (TODAES), v.13 n.3, p.1-23, July 2008 [doi>10.1145/1367045.1367057]
	20	INTEL and NTT DOCOMO. 2006. Open and secure terminal initiative (OSTI) architecture specification. Rev. 1.00. http://www.nttdocomo.co.jp/binary/pdf/corporate/technology/osti/OSTI_Arch_R1_00.pdf.
	21	Ishikawa, S., Yamabana, K., Isotani, R., and Okumura, A. 2006. Parallel LVCSR algorithm for cellphone-oriented multicore processors. In Proceedings of the International Conference on Acoustics, Speech, and Signal Processing. Vol. 1, 177--180.
	22	Daniel Lenoski , James Laudon , Kourosh Gharachorloo , Wolf-Dietrich Weber , Anoop Gupta , John Hennessy , Mark Horowitz , Monica S. Lam, The Stanford Dash Multiprocessor, Computer, v.25 n.3, p.63-79, March 1992 [doi>10.1109/2.121510]
	23	David Lie Chandramohan Thekkath , Mark Mitchell , Patrick Lincoln , Dan Boneh , John Mitchell , Mark Horowitz, Architectural support for copy and tamper resistant software, Proceedings of the ninth international conference on Architectural support for programming languages and operating systems, p.168-177, November 2000, Cambridge, Massachusetts, United States
	24	Peter Loscocco , Stephen Smalley, Integrating Flexible Support for Security Policies into the Linux Operating System, Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference, p.29-42, June 25-30, 2001
	25	Larry McVoy , Carl Staelin, lmbench: portable tools for performance analysis, Proceedings of the 1996 annual conference on USENIX Annual Technical Conference, p.23-23, January 22-26, 1996, San Diego, CA
	26	Neiger, G., Santoni, A., Leung, F., Rodgers, D., and Uhlig, R. 2006. Intel virtualization technology: Hardware support for efficient processor virtualization. Intel Tech. J. 10, 3, 167--177.
	27	Openwall Project. 2001. (http://www.openwall.com/linux/README.shtml), Linux kernel patch from the Openwall Project.
	28	Mwaikambo, Z., Raj, A., Russell, R., Schopp, J., and Vaddagiri, S. 2004. Linux kernel hotplug CPU support. In Proceedings of the Linux Symposium. Vol. 2, 467--480.
	29	Krutartha Patel , Sridevan Parameswaran , Seng Lin Shee, Ensuring secure program execution in multiprocessor embedded systems: a case study, Proceedings of the 5th IEEE/ACM international conference on Hardware/software codesign and system synthesis, September 30-October 03, 2007, Salzburg, Austria [doi>10.1145/1289816.1289833]
	30	Qnx. 2006. Multi-Core. Technology development kit. http://www.qnx.com/download/download/12449/194.09_Multicore_TDK_p41.pdf.
	31	Secure Software. 2001. Rough auditing tool for security (RATS). http://www. securesoftware.com/rats.php.
	32	Jeremy Sugerman , Ganesh Venkitachalam , Beng-Hong Lim, Virtualizing I/O Devices on VMware Workstation's Hosted Virtual Machine Monitor, Proceedings of the General Track: 2002 USENIX Annual Technical Conference, p.1-14, June 25-30, 2001
	33	G. Edward Suh , Charles W. O'Donnell , Ishan Sachdev , Srinivas Devadas, Design and Implementation of the AEGIS Single-Chip Secure Processor Using Physical Random Functions, Proceedings of the 32nd annual international symposium on Computer Architecture, p.25-36, June 04-08, 2005
	34	TCG. 2006. TPM main part 1 design principles. Specification ver. 1.2, rev. 94. https://www. trustedcomputinggroup.org/specs/TPM/Main_Part1_Rev94.zip.
	35	Tiri, K. and Verbauwhede, I. 2006. A digital design flow for secure integrated circuits. IEEE Trans. Comput. Aid. Des. 25, 7, 1197--1208.
	36	Youtao Zhang , Lan Gao , Jun Yang , Xiangyu Zhang , Rajiv Gupta, SENSS: Security Enhancement to Symmetric Shared Memory Multiprocessors, Proceedings of the 11th International Symposium on High-Performance Computer Architecture, p.352-362, February 12-16, 2005 [doi>10.1109/HPCA.2005.31]